From 86fbf5fb16b1a9ceee8440b339633810ee5de254 Mon Sep 17 00:00:00 2001 From: Igor Vinokur Date: Thu, 18 Jan 2024 20:06:16 +0200 Subject: [PATCH] Add Kubernetes host to the no proxy list (#1800) Add Kubernetes host to the no proxy list --- controllers/che/proxy.go | 16 ++++++++++++++-- controllers/usernamespace/controller_test.go | 13 ------------- pkg/deploy/server/server_configmap.go | 6 ------ 3 files changed, 14 insertions(+), 21 deletions(-) diff --git a/controllers/che/proxy.go b/controllers/che/proxy.go index 1bce948b8..264cfaa44 100644 --- a/controllers/che/proxy.go +++ b/controllers/che/proxy.go @@ -13,6 +13,8 @@ package che import ( + "os" + "github.com/devfile/devworkspace-operator/pkg/infrastructure" "github.com/eclipse-che/che-operator/pkg/common/chetypes" "github.com/eclipse-che/che-operator/pkg/deploy" @@ -50,9 +52,15 @@ func GetProxyConfiguration(deployContext *chetypes.DeployContext) (*chetypes.Pro } // Add cluster-wide trusted CA certs, if any cheClusterProxyConf.TrustedCAMapName = clusterWideProxyConf.TrustedCAMapName + // Add kubernetes host to the no proxy list. + cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, os.Getenv("KUBERNETES_SERVICE_HOST")) return cheClusterProxyConf, nil } else { - clusterWideProxyConf.NoProxy = deploy.MergeNonProxy(clusterWideProxyConf.NoProxy, cheClusterProxyConf.NoProxy) + if clusterWideProxyConf.HttpProxy != "" { + // Add kubernetes host to the no proxy list. + clusterWideProxyConf.NoProxy = deploy.MergeNonProxy(clusterWideProxyConf.NoProxy, os.Getenv("KUBERNETES_SERVICE_HOST")) + clusterWideProxyConf.NoProxy = deploy.MergeNonProxy(clusterWideProxyConf.NoProxy, cheClusterProxyConf.NoProxy) + } return clusterWideProxyConf, nil } } @@ -62,6 +70,10 @@ func GetProxyConfiguration(deployContext *chetypes.DeployContext) (*chetypes.Pro if err != nil { return nil, err } - cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, ".svc") + if cheClusterProxyConf.HttpProxy != "" { + // Add kubernetes host to the no proxy list. + cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, os.Getenv("KUBERNETES_SERVICE_HOST")) + cheClusterProxyConf.NoProxy = deploy.MergeNonProxy(cheClusterProxyConf.NoProxy, ".svc") + } return cheClusterProxyConf, nil } diff --git a/controllers/usernamespace/controller_test.go b/controllers/usernamespace/controller_test.go index 0c0b5955d..123aed4ea 100644 --- a/controllers/usernamespace/controller_test.go +++ b/controllers/usernamespace/controller_test.go @@ -332,19 +332,6 @@ func TestCreatesDataInNamespace(t *testing.T) { assert.False(t, res.Requeue, "The reconciliation request should have succeeded but it is requesting a requeue") - proxySettings := corev1.ConfigMap{} - assert.NoError(t, cl.Get(ctx, client.ObjectKey{Name: "che-proxy-settings", Namespace: namespace.GetName()}, &proxySettings)) - - assert.Equal(t, "env", proxySettings.GetAnnotations()[dwconstants.DevWorkspaceMountAsAnnotation], - "proxy settings should be annotated as mount as 'env'") - - assert.Equal(t, "true", proxySettings.GetLabels()[dwconstants.DevWorkspaceMountLabel], - "proxy settings should be labeled as mounted") - - assert.Equal(t, 2, len(proxySettings.Data), "Expecting 2 elements in the default proxy settings") - - assert.Equal(t, ".svc", proxySettings.Data["NO_PROXY"], "Unexpected proxy settings") - idleSettings := corev1.ConfigMap{} assert.NoError(t, cl.Get(ctx, client.ObjectKey{Name: "che-idle-settings", Namespace: namespace.GetName()}, &idleSettings)) diff --git a/pkg/deploy/server/server_configmap.go b/pkg/deploy/server/server_configmap.go index e7145aee8..99e822a03 100644 --- a/pkg/deploy/server/server_configmap.go +++ b/pkg/deploy/server/server_configmap.go @@ -15,7 +15,6 @@ package server import ( "encoding/json" "fmt" - "os" "strconv" "strings" @@ -89,11 +88,6 @@ func (s *CheServerReconciler) getCheConfigMapData(ctx *chetypes.DeployContext) ( proxyJavaOpts := "" cheWorkspaceNoProxy := ctx.Proxy.NoProxy if ctx.Proxy.HttpProxy != "" { - if ctx.Proxy.NoProxy == "" { - cheWorkspaceNoProxy = os.Getenv("KUBERNETES_SERVICE_HOST") - } else { - cheWorkspaceNoProxy = cheWorkspaceNoProxy + "," + os.Getenv("KUBERNETES_SERVICE_HOST") - } proxyJavaOpts, err = deploy.GenerateProxyJavaOpts(ctx.Proxy, cheWorkspaceNoProxy) if err != nil { logrus.Errorf("Failed to generate java proxy options: %v", err)