actions/fluxcd-flux2
3
0
Fork 0
mirror of https://github.com/fluxcd/flux2.git synced 2026-02-07 16:27:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

RFC-0004: add section about proxy

Browse source 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
This commit is contained in:
Sanskar Jaiswal 2023-06-20 18:34:05 +05:30
parent 903284fe59
commit ba5c7e4fc3
No known key found for this signature in database
GPG key ID: 5982D0279C227FFD
1 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
rfcs/0004-insecure-http/README.md
View file

@ -4,7 +4,7 @@
**Creation Date:** 2022-09-08
**Last update:** 2022-10-21
**Last update:** 2023-07-26
## Summary
@ -111,6 +111,17 @@ for the required commands, which will be used for specifying the value of `.spec
> Note: This flag should not be confused with `--insecure-skip-tls-verify` which is meant to skip TLS verification
> when using an HTTPS connection.
### Proxy
The flag shall also apply to all possible proxy configurations. If the flag `--insecure-allow-http` is set to
`false`, then specifying the `HTTP_PROXY` environment variable to the controller will lead to the controller
exiting with a failure on startup. This also applies for when the `HTTPS_PROXY` enviornment variable's value is
a URL that has `http` as its scheme.
Similarly, if a proxy is specified using the object's API, such as through `.spec.secretRef` in `Provider` in the
`notification.toolkit.fluxcd.io` API group and the proxy URL has `http` as its scheme, the reconciler will fail and
return an error, which can be viewed in the controller logs and the object's events.
### Precedence & Validity
Objects with `.spec.insecure` as `true` will only be allowed if HTTP connections are allowed at the controller level.