From af70f261831a8c415f460cdc8071e932793a1be7 Mon Sep 17 00:00:00 2001
From: Pavol Loffay <p.loffay@gmail.com>
Date: Fri, 22 Sep 2023 17:17:47 +0200
Subject: [PATCH] Support HTTP proxy env variables (#4769)

Support HTTP proxy variables (some docs
https://superuser.com/questions/944958/are-http-proxy-https-proxy-and-no-proxy-environment-variables-standard).

The codebase already supports it, but some places were missed. There
were also two problems:
1. query grpc gateway was connecting to :16686 which is not recognized
by NO_PROXY
2. grpc reporter in agent when used with all-in-one was connecting to
`:14250` also not recognized by NO_PROXY


Example of proxy vars set on OpenShift
```
 - name: HTTP_PROXY
              value: >-
                http://proxy-user1:foo@ec2-32-138-32-212.us-east-2.compute.amazonaws.com:3128
            - name: http_proxy
              value: >-
                http://proxy-user1:foo@ec2-32-138-32-212.us-east-2.compute.amazonaws.com:3128
            - name: HTTPS_PROXY
              value: >-
                http://proxy-user1:foo@ec2-32-138-32-221.us-east-2.compute.amazonaws.com:3128
            - name: https_proxy
              value: >-
                http://proxy-user1:foo@ec2-32-138-32-212.us-east-2.compute.amazonaws.com:3128
            - name: NO_PROXY
              value: >-
                .cluster.local,.svc,.us-east-2.compute.internal,10.0.0.0/16,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,api-int.rererer.qe.devcluster.openshift.com,localhost,test.no-proxy.com
            - name: no_proxy
              value: >-
                .cluster.local,.svc,.us-east-2.compute.internal,10.0.0.0/16,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,api-int.rerererer.qe.devcluster.openshift.com,localhost,test.no-proxy.com
```

PR is related to
https://github.com/jaegertracing/jaeger-operator/pull/2330
```
make build-binaries-linux
DOCKER_NAMESPACE=pavolloffay DOCKER_TAG=proxy-3 make docker-images-jaeger-backend
```

---------

Signed-off-by: Pavol Loffay <p.loffay@gmail.com>
---
 cmd/agent/app/reporter/grpc/builder.go |  2 ++
 cmd/query/app/apiv3/grpc_gateway.go    |  2 ++
 pkg/es/config/config.go                |  1 +
 pkg/netutils/port.go                   | 14 ++++++++++++++
 pkg/netutils/port_test.go              |  6 ++++++
 5 files changed, 25 insertions(+)

diff --git a/cmd/agent/app/reporter/grpc/builder.go b/cmd/agent/app/reporter/grpc/builder.go
index 9e4bb2c932c..9b6d8da499f 100644
--- a/cmd/agent/app/reporter/grpc/builder.go
+++ b/cmd/agent/app/reporter/grpc/builder.go
@@ -34,6 +34,7 @@ import (
 	"github.com/jaegertracing/jaeger/pkg/discovery"
 	"github.com/jaegertracing/jaeger/pkg/discovery/grpcresolver"
 	"github.com/jaegertracing/jaeger/pkg/metrics"
+	"github.com/jaegertracing/jaeger/pkg/netutils"
 )
 
 // ConnBuilder Struct to hold configurations
@@ -82,6 +83,7 @@ func (b *ConnBuilder) CreateConnection(logger *zap.Logger, mFactory metrics.Fact
 		if b.CollectorHostPorts == nil {
 			return nil, errors.New("at least one collector hostPort address is required when resolver is not available")
 		}
+		b.CollectorHostPorts = netutils.FixLocalhost(b.CollectorHostPorts)
 		if len(b.CollectorHostPorts) > 1 {
 			r := manual.NewBuilderWithScheme("jaeger-manual")
 			dialOptions = append(dialOptions, grpc.WithResolvers(r))
diff --git a/cmd/query/app/apiv3/grpc_gateway.go b/cmd/query/app/apiv3/grpc_gateway.go
index 0abc723bbc5..2d396cd6381 100644
--- a/cmd/query/app/apiv3/grpc_gateway.go
+++ b/cmd/query/app/apiv3/grpc_gateway.go
@@ -26,12 +26,14 @@ import (
 	"google.golang.org/grpc/credentials/insecure"
 
 	"github.com/jaegertracing/jaeger/pkg/config/tlscfg"
+	"github.com/jaegertracing/jaeger/pkg/netutils"
 	"github.com/jaegertracing/jaeger/pkg/tenancy"
 	"github.com/jaegertracing/jaeger/proto-gen/api_v3"
 )
 
 // RegisterGRPCGateway registers api_v3 endpoints into provided mux.
 func RegisterGRPCGateway(ctx context.Context, logger *zap.Logger, r *mux.Router, basePath string, grpcEndpoint string, grpcTLS tlscfg.Options, tm *tenancy.Manager) error {
+	grpcEndpoint = netutils.FixLocalhost([]string{grpcEndpoint})[0]
 	jsonpb := &runtime.JSONPb{}
 
 	muxOpts := []runtime.ServeMuxOption{
diff --git a/pkg/es/config/config.go b/pkg/es/config/config.go
index 9500fbcb883..d54b9be0c2e 100644
--- a/pkg/es/config/config.go
+++ b/pkg/es/config/config.go
@@ -385,6 +385,7 @@ func GetHTTPRoundTripper(c *Configuration, logger *zap.Logger) (http.RoundTrippe
 			return nil, err
 		}
 		return &http.Transport{
+			Proxy:           http.ProxyFromEnvironment,
 			TLSClientConfig: ctlsConfig,
 		}, nil
 	}
diff --git a/pkg/netutils/port.go b/pkg/netutils/port.go
index 79d8ca7aceb..201a18adade 100644
--- a/pkg/netutils/port.go
+++ b/pkg/netutils/port.go
@@ -17,6 +17,7 @@ package netutils
 import (
 	"net"
 	"strconv"
+	"strings"
 )
 
 // GetPort returns the port of an endpoint address.
@@ -33,3 +34,16 @@ func GetPort(addr net.Addr) (int, error) {
 
 	return parsedPort, nil
 }
+
+// FixLocalhost adds explicit localhost to endpoints binding to all interfaces because :port is not recognized by NO_PROXY
+// e.g. :8080 becomes localhost:8080
+func FixLocalhost(hostports []string) []string {
+	var fixed []string
+	for _, e := range hostports {
+		if strings.HasPrefix(e, ":") {
+			e = "localhost" + e
+		}
+		fixed = append(fixed, e)
+	}
+	return fixed
+}
diff --git a/pkg/netutils/port_test.go b/pkg/netutils/port_test.go
index 6a5bb7929ac..8af6edf1ee9 100644
--- a/pkg/netutils/port_test.go
+++ b/pkg/netutils/port_test.go
@@ -66,3 +66,9 @@ func TestGetPort(t *testing.T) {
 		}
 	}
 }
+
+func TestFixLocalhost(t *testing.T) {
+	endpoints := []string{"collector:1111", ":2222"}
+	fixed := FixLocalhost(endpoints)
+	assert.Equal(t, []string{"collector:1111", "localhost:2222"}, fixed)
+}