From 66eb29cf75f5e42d4a4ba8c46781a3112ba13562 Mon Sep 17 00:00:00 2001 From: Sanskar Jaiswal Date: Tue, 20 Jun 2023 18:34:05 +0530 Subject: [PATCH] RFC-0004: add section about proxy Signed-off-by: Sanskar Jaiswal --- rfcs/0004-insecure-http/README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/rfcs/0004-insecure-http/README.md b/rfcs/0004-insecure-http/README.md index bcf9782a0f..1a2278b611 100644 --- a/rfcs/0004-insecure-http/README.md +++ b/rfcs/0004-insecure-http/README.md @@ -111,9 +111,16 @@ for the required commands, which will be used for specifying the value of `.spec > Note: This flag should not be confused with `--insecure-skip-tls-verify` which is meant to skip TLS verification > when using an HTTPS connection. +### Proxy + +The flag shall also respect all possible proxy configurations. If HTTP requests are blocked, then specifying the +`HTTP_PROXY` environment variable to the controller will lead to an error. Similarly, if a proxy is specified using the +object's API, such as `.spec.proxy` in `Provider` and the proxy URL has `http` as its scheme, the controller will +raise an error. + ### Precedence & Validity -Objects with `.spec.insecure` as `true ` will only be allowed if HTTP connections are allowed at the controller level. +Objects with `.spec.insecure` as `true` will only be allowed if HTTP connections are allowed at the controller level. Similarly, an object can have `.spec.insecure` as `true` only if the Saas/Cloud provider allows HTTP connections. For example, using a `Bucket` with its `.spec.provider` set to `azure` would be invalid since Azure doesn't allow HTTP connections.