Add Kubernetes host to the no proxy list (#1800)

Add Kubernetes host to the no proxy list
2024-01-18 20:06:16 +02:00 · 2024-01-18 20:06:16 +02:00 · 86fbf5fb16
parent 3c70a23e58
commit 86fbf5fb16
3 changed files with 14 additions and 21 deletions
--- a/controllers/che/proxy.go
+++ b/controllers/che/proxy.go
@ -13,6 +13,8 @@
 package che

 import (
+	"os"
+
 	"github.com/devfile/devworkspace-operator/pkg/infrastructure"
 	"github.com/eclipse-che/che-operator/pkg/common/chetypes"
 	"github.com/eclipse-che/che-operator/pkg/deploy"
@ -50,9 +52,15 @@ func GetProxyConfiguration(deployContext *chetypes.DeployContext) (*chetypes.Pro
 			}
 			// Add cluster-wide trusted CA certs, if any
 			cheClusterProxyConf.TrustedCAMapName = clusterWideProxyConf.TrustedCAMapName
+			// Add kubernetes host to the no proxy list.
+			cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, os.Getenv("KUBERNETES_SERVICE_HOST"))
 			return cheClusterProxyConf, nil
 		} else {
-			clusterWideProxyConf.NoProxy = deploy.MergeNonProxy(clusterWideProxyConf.NoProxy, cheClusterProxyConf.NoProxy)
+			if clusterWideProxyConf.HttpProxy != "" {
+				// Add kubernetes host to the no proxy list.
+				clusterWideProxyConf.NoProxy = deploy.MergeNonProxy(clusterWideProxyConf.NoProxy, os.Getenv("KUBERNETES_SERVICE_HOST"))
+				clusterWideProxyConf.NoProxy = deploy.MergeNonProxy(clusterWideProxyConf.NoProxy, cheClusterProxyConf.NoProxy)
+			}
 			return clusterWideProxyConf, nil
 		}
 	}
@ -62,6 +70,10 @@ func GetProxyConfiguration(deployContext *chetypes.DeployContext) (*chetypes.Pro
 	if err != nil {
 		return nil, err
 	}
-	cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, ".svc")
+	if cheClusterProxyConf.HttpProxy != "" {
+		// Add kubernetes host to the no proxy list.
+		cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, os.Getenv("KUBERNETES_SERVICE_HOST"))
+		cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, ".svc")
+	}
 	return cheClusterProxyConf, nil
 }
--- a/controllers/usernamespace/controller_test.go
+++ b/controllers/usernamespace/controller_test.go
@ -332,19 +332,6 @@ func TestCreatesDataInNamespace(t *testing.T) {

 		assert.False(t, res.Requeue, "The reconciliation request should have succeeded but it is requesting a requeue")

-		proxySettings := corev1.ConfigMap{}
-		assert.NoError(t, cl.Get(ctx, client.ObjectKey{Name: "che-proxy-settings", Namespace: namespace.GetName()}, &proxySettings))
-
-		assert.Equal(t, "env", proxySettings.GetAnnotations()[dwconstants.DevWorkspaceMountAsAnnotation],
-			"proxy settings should be annotated as mount as 'env'")
-
-		assert.Equal(t, "true", proxySettings.GetLabels()[dwconstants.DevWorkspaceMountLabel],
-			"proxy settings should be labeled as mounted")
-
-		assert.Equal(t, 2, len(proxySettings.Data), "Expecting 2 elements in the default proxy settings")
-
-		assert.Equal(t, ".svc", proxySettings.Data["NO_PROXY"], "Unexpected proxy settings")
-
 		idleSettings := corev1.ConfigMap{}
 		assert.NoError(t, cl.Get(ctx, client.ObjectKey{Name: "che-idle-settings", Namespace: namespace.GetName()}, &idleSettings))

--- a/pkg/deploy/server/server_configmap.go
+++ b/pkg/deploy/server/server_configmap.go
@ -15,7 +15,6 @@ package server
 import (
 	"encoding/json"
 	"fmt"
-	"os"
 	"strconv"
 	"strings"

@ -89,11 +88,6 @@ func (s *CheServerReconciler) getCheConfigMapData(ctx *chetypes.DeployContext) (
 	proxyJavaOpts := ""
 	cheWorkspaceNoProxy := ctx.Proxy.NoProxy
 	if ctx.Proxy.HttpProxy != "" {
-		if ctx.Proxy.NoProxy == "" {
-			cheWorkspaceNoProxy = os.Getenv("KUBERNETES_SERVICE_HOST")
-		} else {
-			cheWorkspaceNoProxy = cheWorkspaceNoProxy + "," + os.Getenv("KUBERNETES_SERVICE_HOST")
-		}
 		proxyJavaOpts, err = deploy.GenerateProxyJavaOpts(ctx.Proxy, cheWorkspaceNoProxy)
 		if err != nil {
 			logrus.Errorf("Failed to generate java proxy options: %v", err)