From 7e4d38f9a2ed64cf722d3e9b0f174d43c1769629 Mon Sep 17 00:00:00 2001 From: Guillaume Smet Date: Wed, 19 May 2021 19:06:13 +0200 Subject: [PATCH] Support nonProxyHosts for Vault client Fixes #16453 --- .../runtime/client/MutinyVertxClientFactory.java | 4 ++++ .../vault/runtime/config/VaultBootstrapConfig.java | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java index b4ebe50c3fa29..35ad4f4ba25d2 100644 --- a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java +++ b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/client/MutinyVertxClientFactory.java @@ -22,6 +22,10 @@ public static WebClient createHttpClient(Vertx vertx, VaultBootstrapConfig vault .setConnectTimeout((int) vaultBootstrapConfig.connectTimeout.toMillis()) .setIdleTimeout((int) vaultBootstrapConfig.readTimeout.getSeconds()); + if (vaultBootstrapConfig.nonProxyHosts.isPresent()) { + options.setNonProxyHosts(vaultBootstrapConfig.nonProxyHosts.get()); + } + boolean trustAll = vaultBootstrapConfig.tls.skipVerify.orElseGet(() -> tlsConfig.trustAll); if (trustAll) { skipVerify(options); diff --git a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java index 5f82842529cff..561d38880d953 100644 --- a/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java +++ b/extensions/vault/runtime/src/main/java/io/quarkus/vault/runtime/config/VaultBootstrapConfig.java @@ -210,6 +210,17 @@ public class VaultBootstrapConfig { @ConfigItem(defaultValue = DEFAULT_READ_TIMEOUT) public Duration readTimeout; + /** + * List of remote hosts that are not proxied when the client is configured to use a proxy. This + * list serves the same purpose as the JVM {@code nonProxyHosts} configuration. + * + *

+ * Entries can use the * wildcard character for pattern matching, e.g *.example.com matches + * www.example.com. + */ + @ConfigItem + public Optional> nonProxyHosts; + /** * List of named credentials providers, such as: `quarkus.vault.credentials-provider.foo.kv-path=mypath` *