feat: add provider specific proxy option

rancher / terraform-provider-rancher2

Terraform Rancher2 provider

https://www.terraform.io/docs/providers/rancher2/

Mozilla Public License 2.0

260 stars 223 forks source link

feat: add provider specific proxy option #1237

Open sboschman opened 1 year ago

sboschman commented 1 year ago

Issue: #982

Depends on pr rancher/norman #453

As this pr depends on norman it is a draft pr, till we can get the required change merged into norman.

Problem

Currently a proxy url can only be set as environment variable, which is used by all providers in the terraform run. If only Rancher requests should be proxied, a provider based proxy setting is required.

Solution

Added extra provider config option proxy_url to set a proxy server to use to connect to the Rancher instance.

Testing

Engineering Testing

Manual Testing

Locally tested to run a tf plan/apply with a Rancher instance behind a Cloudflare Zero Trust tunnel, requiring a localhost proxy to connect and authenticate to Cloudflare.

Automated Testing

Added testcases to check the validation of the proxy_url config. It should only accept parsable http, https or socks5 urls.

QA Testing Considerations

Regressions Considerations

kkaempf commented 10 months ago

closing stale PRs. If you still intend to work on this, please reopen.

sboschman commented 10 months ago

I am waiting for https://github.com/rancher/norman/pull/453 to be merged, this draft PR is working (we are running with a self compiled provider binary based on this patch as local override).

@kkaempf , do you have any idea who we could ping with regards to that rancher/norman PR to get this moving along?

ericpromislow commented 5 months ago

rancher/norman#453 has been merged, but the go dependencies need to be updated. Could you please do that and re-push?

sboschman commented 5 months ago

@ericpromislow as norman now requires go 1.22 and terraform-provider-rancher2 is on 1.19, perhaps it is better to bump the norman dep in a separate PR?

go: github.com/rancher/norman@v0.0.0-20240416190657-86ac83c8c71e requires go >= 1.22; switching to go1.22.2

From the drone ci logs:

Step 1/3 : FROM golang:1.19.4-alpine3.16

So, I assume bumping norman also requires some changes to the ci steps.

ericpromislow commented 5 months ago

@sboschman Thanks, I'll have a look

ericpromislow commented 5 months ago

Could you pull this out of draft mode so I can see what happens in CI? This repo doesn't have a make ci like most of the other rancher repo's so I can't easily verify it.

ericpromislow commented 5 months ago

Also I noticed the following problems with this repo with go 1.22 on both macos and ubuntu:

$ make build
…
go: modules disabled by GO111MODULE=off; see 'go help modules'
make: *** [lint] Error 1

AFAIK this variable is no longer needed. After I pull out the two GO111MODULE=X constructs from GNUmakefile and run this:

$ make build
# outputs go mod messages
$ go get -u
$ go mod tidy
$ make build

go vet complains about duplicate json tag type in both norman.Resource and v1.Secret embedded in type SecretV2 -- I don't know how this got passed earlier versions of go vet, and don't know if the t-p-r CI runs this.