support add-on proxy config

Signed-off-by: Yang Le <yangle@redhat.com>

cmd/example/helloworld_helm/main.go

@@ -110,6 +110,7 @@ func runController(ctx context.Context, kubeConfig *rest.Config) error {
 			addonfactory.GetAddOnDeploymentConfigValues(
 				addonfactory.NewAddOnDeploymentConfigGetter(addonClient),
 				addonfactory.ToAddOnNodePlacementValues,
+				addonfactory.ToAddOnProxyConfigValues,
 			),
 			addonfactory.GetAgentImageValues(
 				addonfactory.NewAddOnDeploymentConfigGetter(addonClient),

examples/helloworld/manifests/templates/deployment.yaml

@@ -42,6 +42,21 @@ spec:
       - name: helloworld-agent
         image: {{ .Image }}
         imagePullPolicy: IfNotPresent
+{{- if or .HTTPProxy .HTTPSProxy}}
+        env:
+        {{- if .HTTPProxy }}
+          - name: HTTP_PROXY
+            value: {{ .HTTPProxy }}
+        {{- end }}
+        {{- if .HTTPSProxy }}
+          - name: HTTPS_PROXY
+            value: {{ .HTTPSProxy }}
+        {{- end }}
+        {{- if .NoProxy }}
+          - name: NO_PROXY
+            value: {{ .NoProxy }}
+        {{- end }}
+{{- end }}
         args:
           - "/helloworld"
           - "agent"

examples/helloworld_helm/manifests/charts/helloworld/templates/deployment.yaml

@@ -41,6 +41,21 @@ spec:
       - name: {{ template "helloworldhelm.name" . }}-agent
         image: {{ .Values.global.imageOverrides.helloWorldHelm }}
         imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        {{- if or .Values.global.proxyConfig.HTTP_PROXY .Values.global.proxyConfig.HTTPS_PROXY }}
+        env:
+          {{- if .Values.global.proxyConfig.HTTP_PROXY }}
+          - name: HTTP_PROXY
+            value: {{ .Values.global.proxyConfig.HTTP_PROXY }}
+          {{- end }}
+          {{- if .Values.global.proxyConfig.HTTPS_PROXY }}
+          - name: HTTPS_PROXY
+            value: {{ .Values.global.proxyConfig.HTTPS_PROXY }}
+          {{- end }}
+          {{- if .Values.global.proxyConfig.NO_PROXY }}
+          - name: NO_PROXY
+            value: {{ .Values.global.proxyConfig.NO_PROXY }}
+          {{- end }}
+        {{- end }}
         resources:
           {{- toYaml .Values.resources | nindent 10 }}
         args:

examples/helloworld_helm/manifests/charts/helloworld/values.yaml

@@ -20,3 +20,7 @@ global:
   imageOverrides:
     helloWorldHelm: quay.io/open-cluster-management/addon-examples:latest
   nodeSelector: {}
+  proxyConfig:
+    HTTP_PROXY: null
+    HTTPS_PROXY: null
+    NO_PROXY: null

go.mod

@@ -21,7 +21,7 @@ require (
 	k8s.io/component-base v0.26.1
 	k8s.io/klog/v2 v2.80.1
 	k8s.io/utils v0.0.0-20221128185143-99ec85e7a448
-	open-cluster-management.io/api v0.11.1-0.20230727093131-915f5826cff9
+	open-cluster-management.io/api v0.11.1-0.20230731134013-26e75df27f50
 	sigs.k8s.io/controller-runtime v0.14.4
 )
 

go.sum

@@ -819,8 +819,8 @@ k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+O
 k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4=
 k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y=
 k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-open-cluster-management.io/api v0.11.1-0.20230727093131-915f5826cff9 h1:P5yjl8w09JYsTE1D6JV6y1vY9X2bBN8m494ZYg9HoyY=
-open-cluster-management.io/api v0.11.1-0.20230727093131-915f5826cff9/go.mod h1:WgKUCJ7+Bf40DsOmH1Gdkpyj3joco+QLzrlM6Ak39zE=
+open-cluster-management.io/api v0.11.1-0.20230731134013-26e75df27f50 h1:njvnCHeYMQvBWjKW97xa2r3A0/tN8H0FI9kL4AeCqVs=
+open-cluster-management.io/api v0.11.1-0.20230731134013-26e75df27f50/go.mod h1:WgKUCJ7+Bf40DsOmH1Gdkpyj3joco+QLzrlM6Ak39zE=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=

pkg/addonfactory/addondeploymentconfig.go

@@ -144,6 +144,52 @@ func ToAddOnNodePlacementValues(config addonapiv1alpha1.AddOnDeploymentConfig) (
 	return values, nil
 }
 
+// ToAddOnProxyConfigValues transform the spec.proxyConfig of AddOnDeploymentConfig into Values object that has
+// a specific for helm chart values
+// for example: the spec of one AddOnDeploymentConfig is:
+//
+//	{
+//	 proxyConfig: {"httpProxy": "http://10.11.12.13:3128", "httpsProxy": "https://10.11.12.13:3129", "noProxy": "example.com"},
+//	}
+//
+// after transformed, the Values will be:
+// map[global:map[proxyConfig:map[httpProxy:http://10.11.12.13:3128 httpsProxy:https://10.11.12.13:3129 noProxy:example.com]]]
+func ToAddOnProxyConfigValues(config addonapiv1alpha1.AddOnDeploymentConfig) (Values, error) {
+	proxyConfig := map[string]string{}
+	if len(config.Spec.ProxyConfig.HTTPProxy) > 0 {
+		proxyConfig["HTTP_PROXY"] = config.Spec.ProxyConfig.HTTPProxy
+	}
+	if len(config.Spec.ProxyConfig.HTTPSProxy) > 0 {
+		proxyConfig["HTTPS_PROXY"] = config.Spec.ProxyConfig.HTTPSProxy
+	}
+	if len(proxyConfig) == 0 {
+		return nil, nil
+	}
+
+	if len(config.Spec.ProxyConfig.NoProxy) > 0 {
+		proxyConfig["NO_PROXY"] = config.Spec.ProxyConfig.NoProxy
+	}
+
+	type global struct {
+		ProxyConfig map[string]string `json:"proxyConfig"`
+	}
+
+	jsonStruct := struct {
+		Global global `json:"global"`
+	}{
+		Global: global{
+			ProxyConfig: proxyConfig,
+		},
+	}
+
+	values, err := JsonStructToValues(jsonStruct)
+	if err != nil {
+		return nil, err
+	}
+
+	return values, nil
+}
+
 // ToAddOnCustomizedVariableValues only transform the CustomizedVariables in the spec of AddOnDeploymentConfig into Values object.
 // for example: the spec of one AddOnDeploymentConfig is:
 //
@@ -228,6 +274,17 @@ func ToAddOnDeploymentConfigValues(config addonapiv1alpha1.AddOnDeploymentConfig
 		values["Tolerations"] = config.Spec.NodePlacement.Tolerations
 	}
 
+	// load add-on proxy settings
+	if len(config.Spec.ProxyConfig.HTTPProxy) > 0 {
+		values["HTTPProxy"] = config.Spec.ProxyConfig.HTTPProxy
+	}
+	if len(config.Spec.ProxyConfig.HTTPSProxy) > 0 {
+		values["HTTPSProxy"] = config.Spec.ProxyConfig.HTTPSProxy
+	}
+	if len(config.Spec.ProxyConfig.NoProxy) > 0 {
+		values["NoProxy"] = config.Spec.ProxyConfig.NoProxy
+	}
+
 	return values, nil
 }
 

pkg/addonfactory/addondeploymentconfig_test.go

@@ -199,6 +199,90 @@ func TestGetAddOnDeploymentConfigValues(t *testing.T) {
 				"managedKubeConfigSecret": "external-managed-kubeconfig",
 			},
 		},
+		{
+			name:          "to addon proxy config",
+			toValuesFuncs: []AddOnDeploymentConfigToValuesFunc{ToAddOnDeploymentConfigValues},
+			addOnObjs: []runtime.Object{
+				func() *addonapiv1alpha1.ManagedClusterAddOn {
+					addon := addontesting.NewAddon("test", "cluster1")
+					addon.Status.ConfigReferences = []addonapiv1alpha1.ConfigReference{
+						{
+							ConfigGroupResource: addonapiv1alpha1.ConfigGroupResource{
+								Group:    "addon.open-cluster-management.io",
+								Resource: "addondeploymentconfigs",
+							},
+							ConfigReferent: addonapiv1alpha1.ConfigReferent{
+								Namespace: "cluster1",
+								Name:      "config",
+							},
+						},
+					}
+					return addon
+				}(),
+				&addonapiv1alpha1.AddOnDeploymentConfig{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "config",
+						Namespace: "cluster1",
+					},
+					Spec: addonapiv1alpha1.AddOnDeploymentConfigSpec{
+						ProxyConfig: addonapiv1alpha1.ProxyConfig{
+							HTTPProxy:  "http://10.2.3.4:3128",
+							HTTPSProxy: "https://10.2.3.4.3129",
+							NoProxy:    "example.com",
+						},
+					},
+				},
+			},
+			expectedValues: Values{
+				"HTTPProxy":  "http://10.2.3.4:3128",
+				"HTTPSProxy": "https://10.2.3.4.3129",
+				"NoProxy":    "example.com",
+			},
+		},
+		{
+			name:          "to addon proxy config for helm chart",
+			toValuesFuncs: []AddOnDeploymentConfigToValuesFunc{ToAddOnProxyConfigValues},
+			addOnObjs: []runtime.Object{
+				func() *addonapiv1alpha1.ManagedClusterAddOn {
+					addon := addontesting.NewAddon("test", "cluster1")
+					addon.Status.ConfigReferences = []addonapiv1alpha1.ConfigReference{
+						{
+							ConfigGroupResource: addonapiv1alpha1.ConfigGroupResource{
+								Group:    "addon.open-cluster-management.io",
+								Resource: "addondeploymentconfigs",
+							},
+							ConfigReferent: addonapiv1alpha1.ConfigReferent{
+								Namespace: "cluster1",
+								Name:      "config",
+							},
+						},
+					}
+					return addon
+				}(),
+				&addonapiv1alpha1.AddOnDeploymentConfig{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "config",
+						Namespace: "cluster1",
+					},
+					Spec: addonapiv1alpha1.AddOnDeploymentConfigSpec{
+						ProxyConfig: addonapiv1alpha1.ProxyConfig{
+							HTTPProxy:  "http://10.2.3.4:3128",
+							HTTPSProxy: "https://10.2.3.4:3129",
+							NoProxy:    "example.com",
+						},
+					},
+				},
+			},
+			expectedValues: Values{
+				"global": map[string]interface{}{
+					"proxyConfig": map[string]interface{}{
+						"HTTP_PROXY":  "http://10.2.3.4:3128",
+						"HTTPS_PROXY": "https://10.2.3.4:3129",
+						"NO_PROXY":    "example.com",
+					},
+				},
+			},
+		},
 	}
 
 	for _, c := range cases {

test/e2e/helloworld_helm_test.go

@@ -518,4 +518,75 @@ var _ = ginkgo.Describe("install/uninstall helloworld helm addons", func() {
 		}, eventuallyTimeout, eventuallyInterval).ShouldNot(gomega.HaveOccurred())
 	})
 
+	ginkgo.It("addon should pick up the proxy settings from addondeploymentconfig", func() {
+		ginkgo.By("Prepare a AddOnDeploymentConfig for proxy settings")
+		gomega.Eventually(func() error {
+			return prepareProxyConfigAddOnDeploymentConfig(managedClusterName)
+		}, eventuallyTimeout, eventuallyInterval).ShouldNot(gomega.HaveOccurred())
+
+		ginkgo.By("Add the configs to ManagedClusterAddOn")
+		gomega.Eventually(func() error {
+			addon, err := hubAddOnClient.AddonV1alpha1().ManagedClusterAddOns(managedClusterName).Get(
+				context.Background(), helloWorldHelmAddonName, metav1.GetOptions{})
+			if err != nil {
+				return err
+			}
+			newAddon := addon.DeepCopy()
+			newAddon.Spec.Configs = []addonapiv1alpha1.AddOnConfig{
+				{
+					ConfigGroupResource: addonapiv1alpha1.ConfigGroupResource{
+						Group:    "addon.open-cluster-management.io",
+						Resource: "addondeploymentconfigs",
+					},
+					ConfigReferent: addonapiv1alpha1.ConfigReferent{
+						Namespace: managedClusterName,
+						Name:      deployProxyConfigName,
+					},
+				},
+			}
+			_, err = hubAddOnClient.AddonV1alpha1().ManagedClusterAddOns(managedClusterName).Update(
+				context.Background(), newAddon, metav1.UpdateOptions{})
+			if err != nil {
+				return err
+			}
+			return nil
+		}, eventuallyTimeout, eventuallyInterval).ShouldNot(gomega.HaveOccurred())
+
+		ginkgo.By("Make sure addon is configured")
+		gomega.Eventually(func() error {
+			agentDeploy, err := hubKubeClient.AppsV1().Deployments(addonInstallNamespace).Get(
+				context.Background(), "helloworldhelm-agent", metav1.GetOptions{})
+			if err != nil {
+				return err
+			}
+
+			containers := agentDeploy.Spec.Template.Spec.Containers
+			if len(containers) != 1 {
+				return fmt.Errorf("expect one container, but %v", containers)
+			}
+
+			// check the proxy settings
+			deployProxyConfig := addonapiv1alpha1.ProxyConfig{}
+			for _, envVar := range containers[0].Env {
+				if envVar.Name == "HTTP_PROXY" {
+					deployProxyConfig.HTTPProxy = envVar.Value
+				}
+
+				if envVar.Name == "HTTPS_PROXY" {
+					deployProxyConfig.HTTPSProxy = envVar.Value
+				}
+
+				if envVar.Name == "NO_PROXY" {
+					deployProxyConfig.NoProxy = envVar.Value
+				}
+			}
+
+			if !equality.Semantic.DeepEqual(proxyConfig, deployProxyConfig) {
+				return fmt.Errorf("expected proxy settings %v, but got %v", proxyConfig, deployProxyConfig)
+			}
+
+			return nil
+		}, eventuallyTimeout, eventuallyInterval).ShouldNot(gomega.HaveOccurred())
+	})
+
 })