Draft: support for deploying behind a proxy
What does this MR do?
This MR includes work I did for a client to make GET work behind a mandatory web proxy. This worked well at least in that customer's case, but it needs a more systematic review and testing. The client was only using certain features of GitLab so it may not correctly configure features that weren't in use, for example.
Two Ansible variables are added - proxy_host and no_proxy. Setting proxy_host should cause the right environment variables to be set in all the right places. There are some assumptions baked into this right now that might not be universal, for example that the proxy should be used to reach the K8s control plane (often true in AWS but probably rarely true on-prem).
I have the ability so spin up a test environment with a mandatory proxy fairly easily but - to be totally honest - I don't know that I'll have the time to do more work on this right now. That said this is a common situation for some PS customers and I would definitely like to help however I can.
Related issues
Author's checklist
When ready for review, the Author applies the workflowready for review label and mention @gl-quality/get-maintainers
:
- Merge request:
-
Corresponding Issue raised and reviewed by the GET maintainers team. -
Merge Request Title and Description are up-to-date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline -
MR has no new security alerts in the widget from the Secret Detection
andIaC Scan (SAST)
jobs.
-
- Code:
-
Check the area changed works as expected. Consider testing it in different environment sizes (1k,3k,10k,etc.). -
Documentation created/updated in the same MR. -
If this MR adds an optional configuration - check that all permutations continue to work. -
For Terraform changes: set up a previous version environment, then run a terraform plan
with your new changes and ensure nothing will be destroyed. If anything will be destroyed and this can't be avoided please add a comment to the current MR.
-
-
Create any follow-up issue(s) to support the new feature across other supported cloud providers or advanced configurations. Create 1 issue for each provider/configuration. Contact the Quality Enablement team if unsure.