Unix socket transport

[h2o2-stripe]

The intention was to allow to use unix socket as transport. In our case a proxy service opens unix socket and adds certificates and credentials on the way to Artifactory.

[jamestoyer]

@h2o2-stripe could you give some more context around the need to use a unix socket? Most other providers I'm aware of or use don't have this functionality, so this seems like an interesting request

[h2o2-stripe]

@jamestoyer, thanks for the response!

We use an HTTP proxy that runs on developer laptops that allows command line tools to access internal sites that require client certificates.

In particular, it exposes a Unix domain socket that acts as an HTTP proxy. Plain HTTP requests to this proxy will be forwarded over HTTPS using the user's client certificate.

[jamestoyer]

That's certainly not a use case I've heard of or seen before.

How are you getting around this for other providers? Or do you not use them locally?

[h2o2-stripe]

Most of our other providers either: (a) don't connect to things inside the VPN, which need this support (e.g. AWS, G Suite, etc.), or (b) are run from server infrastructure, which doesn't need the Unix socket (if we ever actually use the Jira provider like we were thinking, it'd be run on the server, since it's mostly for centralized configuration, and not something that we'd want everyone running) However, for developers to manage Artifactory, we'd want them to both run from a laptop, and since we're hosting the server, it needs to run through our authenticating proxy.

[ttsangAtlassian]

@h2o2-stripe Have you tried using the HTTP_PROXY env variable?

DefaultTransport is the default implementation of Transport and is used by DefaultClient. It establishes network connections as needed and caches them for reuse by subsequent calls. It uses HTTP proxies as directed by the $HTTP_PROXY and $NO_PROXY (or $http_proxy and $no_proxy) environment variables.

From: https://golang.org/pkg/net/http/

It feels like this is the more correct solution. If it doesn't work, we can try and fix that instead

[jamestoyer]

The more I think about his PR the more I believe it's not something that should exist in this provider for two reasons.

1. When I look at the other providers, and the AWS provider in particular, there are no settings in them to set a unix socket. The AWS provider is a first class provider and doesn't support it, so that suggests it shouldn't live in a provider
2. This feels like it's something Terraform the CLI should provide as it's something that would be useful for many providers. Implementing on a case by case basis means that will be divergent implementations and would require setting different values for each