Proxy settings via ENV #3260

mercedes-benz · Jul 3, 2024 · 48cbfb3 · 48cbfb3
1 parent 6a603ce
commit 48cbfb3
Show file tree

Hide file tree

Showing 6 changed files with 42 additions and 24 deletions.
diff --git a/sechub-pds-solutions/prepare/docker/pds-config.json b/sechub-pds-solutions/prepare/docker/pds-config.json
@@ -5,7 +5,7 @@
     {
       "id": "PDS_PREPARE",
       "path": "/pds/scripts/prepare.sh",
-      "envWhitelist" : [ "TOOL_FOLDER","PDS_STORAGE_*","HTTPS_PROXY","NO_PROXY"],
+      "envWhitelist" : [ "TOOL_FOLDER","PDS_STORAGE_*","PDS_HTTPS_PROXY","PDS_NO_PROXY"],
       "scanType": "prepare",
       "description": "Runs the prepare wrapper application to prepare remote data for SecHub scans.",
 
@@ -45,16 +45,6 @@
             "key": "pds.prepare.proxy.enabled",
             "description": "Flag to enable the proxy settings for prepare",
             "default": false
-          },
-          {
-            "key": "https.proxy",
-            "description": "The https proxy to use for prepare",
-            "default": ""
-          },
-          {
-            "key": "no.proxy",
-            "description": "The no proxy settings to use for prepare as comma seperated list",
-            "default": ""
           }
         ]
       }

diff --git a/sechub-pds-solutions/prepare/docker/scripts/prepare.sh b/sechub-pds-solutions/prepare/docker/scripts/prepare.sh
@@ -21,6 +21,11 @@ if [[ ! -f "$prepare_wrapper" ]]; then
     exit 1
 fi
 
+if [[ "$PDS_PREPARE_PROXY_ENABLED" = "true" ]]; then
+  export HTTPS_PROXY="$PDS_HTTPS_PROXY"
+  export NO_PROXY="$PDS_NO_PROXY"
+fi
+
 if [[ "$PDS_INTEGRATIONTEST_ENABLED" = "true" ]]; then
     options="-Dspring.profiles.active=pds_integrationtest"
 fi

diff --git a/sechub-pds-solutions/prepare/env b/sechub-pds-solutions/prepare/env
@@ -4,26 +4,40 @@
 # Possible values are:
 # - copy (copies jar into container)
 # - download (downloads the jar from github.com releases)
-BUILD_TYPE=download
+BUILD_TYPE=copy
 
-PDS_CONFIG_PRODUCT_TIMEOUT_MINUTES=30
+# The base image to use
+# uncomment to use local image
+# BASE_IMAGE="pds-base-pds"
+BASE_IMAGE="ghcr.io/mercedes-benz/sechub/pds-base"
 
 # The Prepare Wrapper version to use
 # See: https://github.com/mercedes-benz/sechub/releases
 PREPARE_WRAPPER_VERSION="1.0.0"
 
-# Timeout seconds for started processes, default: -1 (use of pds config timeout
+# Enable/ Disable Debugging
+PDS_WRAPPER_REMOTE_DEBUGGING_ENABLED=true
+
+PDS_CONFIG_PRODUCT_TIMEOUT_MINUTES=30
+
+# Timeout seconds for started processes, default: -1 (use of PDS_CONFIG_PRODUCT_TIMEOUT_MINUTES)
 PDS_PREPARE_SECONDS_TO_WAIT_PREPARE_PROCESSES=-1
 
+# PROXY settings
+# Enabled/ Disable Proxy
+PDS_PREPARE_PROXY_ENABLED=false
+# Use Proxy with standard Proxy ENVs:
+# HTTPS_PROXY=<your proxy>:<your proxy port>
+# NO_PROXY=<list for no proxy>
+
 # Variables for Prepare-Wrapper modules
+# GIT
 # Enable/Disable git module
 PDS_PREPARE_MODULE_ENABLED_GIT="true"
-# Remove git related files and folder after download (clones without history)
-PDS_PREPARE_AUTO_CLEANUP_GIT_FOLDER="true"
-
-# The base image to use
-# uncomment to use local image
-# BASE_IMAGE="pds-base-pds"
-BASE_IMAGE="ghcr.io/mercedes-benz/sechub/pds-base"
-PDS_STORAGE_SHAREDVOLUME_UPLOAD_DIR=/shared_volumes/uploads/
-PDS_WRAPPER_REMOTE_DEBUGGING_ENABLED=true
+# Remove git related files and folder after download
+PDS_PREPARE_MODULE_GIT_REMOVE_GIT_FILES_BEFORE_UPLOAD="ture"
+# Clone git without history, if history should be scanned, set PDS_PREPARE_MODULE_GIT_REMOVE_GIT_FILES_BEFORE_UPLOAD to false
+PDS_PREPARE_MODULE_GIT_CLONE_WITHOUT_GIT_HISTORY="true"
+# SKOPEO
+# Enable/ Disable skopeo module
+PDS_PREPARE_MODULE_SKOPEO_ENABLED="true"
diff --git a/sechub-pds-solutions/prepare/helm/pds-prepare/Chart.yaml b/sechub-pds-solutions/prepare/helm/pds-prepare/Chart.yaml
@@ -13,4 +13,4 @@ maintainers:
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.0
+version: 1.1.0
diff --git a/sechub-pds-solutions/prepare/helm/pds-prepare/templates/deployment.yaml b/sechub-pds-solutions/prepare/helm/pds-prepare/templates/deployment.yaml
@@ -110,6 +110,11 @@ spec:
             - name: SHARED_VOLUME_UPLOAD_DIR
               value: "{{ .Values.storage.sharedVolume.upload.dir }}"
 {{- end}}
+            # Proxy varibles
+            - name: PDS_HTTPS_PROXY
+              value: {{ .Values.proxy.httpsHost }}
+            - name: PDS_NO_PROXY
+              value: {{ .Values.proxy.noProxy }}
           ports:
             - name: pds-https-port
               containerPort: 8444

diff --git a/sechub-pds-solutions/prepare/helm/pds-prepare/values.yaml b/sechub-pds-solutions/prepare/helm/pds-prepare/values.yaml
@@ -42,6 +42,10 @@ pds:
     enabled: false
   keepContainerAliveAfterPDSCrashed: false
 
+proxy:
+  httpsHost:  "<https proxy>"
+  noProxy:  "<no proxy>"
+
 users:
   technical:
     id: "techuser"