Go net/http proxy support

[qrkourier]

Is there a way to configure ziti CLI to honor the https_proxy or HTTPS_PROXY env vars that appear to be supported by Go lib net/http?

I expected this to work based on https://pkg.go.dev/net/http#ProxyFromEnvironment

HTTPS_PROXY=socks5://localhost:1080 ziti edge policy-advisor services -q SERVICE

@plorenz mused:

I wonder if resty is overriding the default behavior

[andrewpmartinez]

Should be a pretty simple fix, internally we are using resty which supports client.SetProxy() which seems to do just that.

[qrkourier]

My goal was to use an HTTP proxy to reach a dark instance of the OpenZiti Edge Management API, and while this would be a flexible, generic alternative I now thing this RESTY example probably makes more sense: https://github.com/openziti-test-kitchen/go-http/blob/main/cmd/ziti-client-resty/main.go for ziti CLI.

[qrkourier]

I was helping someone set up the proxychains workaround, and I noticed that the first thing they had tried was setting the env var HTTPS_PROXY. This encouraged me to keep thinking it's a widely-used convention for instructing a Linux process to configure itself for a non-transparent proxy.

[qrkourier]

This would mainly serve password authentication to the mgmt API with the ziti edge mgmt CRUD because mTLS won't work through a proxy in any case.