Skip to content

Commit

Permalink
RFC-0004: add section about proxy
Browse files Browse the repository at this point in the history
Signed-off-by: Sanskar Jaiswal <[email protected]>
  • Loading branch information
aryan9600 committed Jun 21, 2023
1 parent 67968df commit fdaf054
Showing 1 changed file with 10 additions and 1 deletion.
11 changes: 10 additions & 1 deletion rfcs/0004-insecure-http/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -111,9 +111,18 @@ for the required commands, which will be used for specifying the value of `.spec
> Note: This flag should not be confused with `--insecure-skip-tls-verify` which is meant to skip TLS verification
> when using an HTTPS connection.

### Proxy

The flag shall also apply to all possible proxy configurations. If the flag `--insecure-allow-http` is set to
`false`, then specifying the `HTTP_PROXY` environment variable to the controller will lead to the controller
exiting with a failure on startup.
Similarly, if a proxy is specified using the object's API, such as through `.spec.secretRef` in `Provider` and the proxy
URL has `http` as its scheme, the reconciler will fail and return an error, which can be viewed in the controller logs
and the object's events.

### Precedence & Validity

Objects with `.spec.insecure` as `true ` will only be allowed if HTTP connections are allowed at the controller level.
Objects with `.spec.insecure` as `true` will only be allowed if HTTP connections are allowed at the controller level.
Similarly, an object can have `.spec.insecure` as `true` only if the Saas/Cloud provider allows HTTP connections.
For example, using a `Bucket` with its `.spec.provider` set to `azure` would be invalid since Azure doesn't allow
HTTP connections.
Expand Down

0 comments on commit fdaf054

Please sign in to comment.