Using zowe-cli behind a corporate proxy

[Crosswind]

I stumbled accross #498 from @jguillaumes and believe that his original request was misunderstood and thus I am opening another issue.

Let me elaborate a bit on the use case: I am currently working on IBM Z Xplore challenges and am asked to access the system through zowe-cli. The system can be routed from the Internet (204.90.115.200:10443). Our company doesn't allow any direct traffic flow towards Internet facing systems which are not going through port 443 and through the browser (i.e. mostly cli utilities and stuff like IDEs). Therefore, a proxy server was setup which has a whitelist of hosts that can be accessed through the proxy server on non-standard ports and protocols. The Z Xplore is whitelisted on our proxy server (access through VS Code is possible). With tools like VS Code, Maven, npm, etc. I use this proxy server to access all kinds of services, e.g.:

# This doesn't work:
npm i -g @zowe/cl

# This works
npm config set proxy http://corp-proxy.telekom.de:8080
npm config set https-proxy http://corp-proxy.telekom.de:8080
npm i -g @zowe/cl

For zowe-cli I need to configure the same thing. Using the --host --protocol and --port option changes the actual host that I am trying to connect to (in my case overriding what is specified in the profile). This is not what I want. The original host (200.90.115.200) is the one I am trying to connect to but since my cli cannot reach that directly it needs to route the requests through a proxy.

As @jguillaumes also noted a variety of possibilities exist on how you can configure different utilities to route requests through a proxy to the eventual target host. I imagine that adding an option to the zowe profile would make a lot of sense. Accessing the ML through VS Code works perfectly fine because I have an option to set the proxy and the plugin honors that.

I'd be happy to support with testing in case this gets enough attention and an implemention ;)

Cheers - David

[jguillaumes]

Hello,

To be honest, I had completely forgotten I opened that issue two years ago... but I've not had that need again. Until now.

@Crosswind is right on target. I want to connect to my zowe apiml which is in my_internal_hostname:7554/api/v1, THRU my proxy at http://192.168.0.92:3128. ZOWE CLI should honor a system wide proxu setting (in windows) or the http_proxy and/or https_proxy environment variables in unix-like environments. Allowing to override that at the profile level would also be awesome.

(Please notice my_internal_hostname is NOT DNS resolvable unless going thru the proxy!)

The only workaround is right now to use an ssh tunnel to a machine with direct connectivity to the mainframes, which is not always posible (and is a very ugly kludge nevertheless).

[github-actions[bot]]

Thank you for raising this enhancement request. The community has 90 days to vote on it. If the enhancement receives at least 5 upvotes, it is added to our development backlog. If it receives fewer votes, the issue is closed.

[phaumer]

@Crosswind @jguillaumes I would like to help realize this and started a simple draft PR with #2151. Would you be interested in testing this and providing feedback if this goes in the right direction?