Support HTTP proxy with mTLS #679
Conversation
AlessandroPatti
force-pushed
the
apatti/http-proxy-mls
branch
from
de0d425
to
7fa90a5
Compare
There was a problem hiding this comment.
Thanks for the feature submission. This looks pretty good, just a few comments...
Once the help text is finalized, we will need to update the help text that's in README.md.
We should also add a test for this feature. We could try to add one to .bazelci/system-test.sh, but it already runs slowly on bazelci/buildkite, so it might be time to refactor that and split it into more jobs. I will try to have a look at that tomorrow.
utils/flags/flags.go
Outdated
| &cli.StringFlag{ | ||
| Name: "http_proxy.key_file", | ||
| Value: "", | ||
| Usage: "Path to the key used to autheticate with the proxy backend. Enables mTLS.", |
There was a problem hiding this comment.
The help text for these two new options should each mention that the other must also be specified.
|
Merged with some minor adjustments to the help text. I'll have a think about how best to test this, it's probably doable in .bazelci/system-test.sh after some refactoring, now that I have sped it up. Thanks! |
Support passing a key and certificate pair to enable mTLS with the http proxy backend