Add proxy support

manifests/03-rbac-role-cluster.yaml

@@ -22,6 +22,14 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - config.openshift.io
+  resources:
+  - proxies
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - config.openshift.io
   resources:

pkg/console/operator/operator.go

@@ -13,6 +13,7 @@ import (
 	corev1 "k8s.io/client-go/informers/core/v1"
 	appsv1 "k8s.io/client-go/kubernetes/typed/apps/v1"
 	coreclientv1 "k8s.io/client-go/kubernetes/typed/core/v1"
+	"k8s.io/client-go/tools/cache"
 	"k8s.io/klog"
 
 	// openshift
@@ -32,13 +33,15 @@ import (
 
 	// informers
 	configinformer "github.com/openshift/client-go/config/informers/externalversions"
+	configinformerv1 "github.com/openshift/client-go/config/informers/externalversions/config/v1"
 	operatorinformerv1 "github.com/openshift/client-go/operator/informers/externalversions/operator/v1"
 
 	routesinformersv1 "github.com/openshift/client-go/route/informers/externalversions/route/v1"
 	appsinformersv1 "k8s.io/client-go/informers/apps/v1"
 
 	// clients
 	configclientv1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1"
+	configlisterv1 "github.com/openshift/client-go/config/listers/config/v1"
 	operatorclientv1 "github.com/openshift/client-go/operator/clientset/versioned/typed/operator/v1"
 
 	// operator
@@ -71,6 +74,9 @@ type consoleOperator struct {
 	// recorder
 	recorder       events.Recorder
 	resourceSyncer resourcesynccontroller.ResourceSyncer
+	//proxy
+	proxyCfgLister   configlisterv1.ProxyLister
+	proxyCfgInformer cache.SharedIndexInformer
 }
 
 func NewConsoleOperator(
@@ -83,6 +89,7 @@ func NewConsoleOperator(
 	deployments appsinformersv1.DeploymentInformer,
 	routes routesinformersv1.RouteInformer,
 	oauthClients oauthinformersv1.OAuthClientInformer,
+	proxyCfgInformer configinformerv1.ProxyInformer,
 
 	// clients
 	operatorConfigClient operatorclientv1.OperatorV1Interface,
@@ -114,6 +121,9 @@ func NewConsoleOperator(
 		// recorder
 		recorder:       recorder,
 		resourceSyncer: resourceSyncer,
+		// proxy
+		proxyCfgLister:   proxyCfgInformer.Lister(),
+		proxyCfgInformer: proxyCfgInformer.Informer(),
 	}
 
 	secretsInformer := coreV1.Secrets()
@@ -130,6 +140,7 @@ func NewConsoleOperator(
 		operator.WithInformer(configV1Informers.Consoles(), configNameFilter),
 		operator.WithInformer(operatorConfigInformer, configNameFilter),
 		operator.WithInformer(configV1Informers.Infrastructures(), configNameFilter),
+		operator.WithInformer(proxyCfgInformer, configNameFilter),
 		// console resources
 		operator.WithInformer(deployments, targetNameFilter),
 		operator.WithInformer(routes, targetNameFilter),
@@ -151,6 +162,7 @@ type configSet struct {
 	Console        *configv1.Console
 	Operator       *operatorsv1.Console
 	Infrastructure *configv1.Infrastructure
+	Proxy          *configv1.Proxy
 }
 
 func (c *consoleOperator) Sync(obj metav1.Object) error {
@@ -175,10 +187,19 @@ func (c *consoleOperator) Sync(obj metav1.Object) error {
 		return err
 	}
 
+	proxyConfig, err := c.proxyCfgLister.Get("cluster")
+	if err != nil {
+		if !errors.IsNotFound(err) {
+			return err
+		}
+		proxyConfig = nil
+	}
+
 	configs := configSet{
 		Console:        consoleConfig,
 		Operator:       operatorConfig,
 		Infrastructure: infrastructureConfig,
+		Proxy:          proxyConfig,
 	}
 
 	if err := c.handleSync(configs); err != nil {

pkg/console/operator/sync_v400.go

@@ -109,7 +109,7 @@ func (co *consoleOperator) sync_v400(updatedOperatorConfig *operatorv1.Console,
 	}
 	toUpdate = toUpdate || oauthChanged
 
-	actualDeployment, depChanged, depErr := co.SyncDeployment(set.Operator, cm, serviceCAConfigMap, sec, rt, customLogoCanMount)
+	actualDeployment, depChanged, depErr := co.SyncDeployment(set.Operator, cm, serviceCAConfigMap, sec, rt, set.Proxy, customLogoCanMount)
 	if depErr != nil {
 		msg := fmt.Sprintf("%q: %v", "deployment", depErr)
 		klog.V(4).Infof("incomplete sync: %v", msg)
@@ -227,8 +227,8 @@ func (co *consoleOperator) SyncConsolePublicConfig(consoleURL string) (*corev1.C
 	return resourceapply.ApplyConfigMap(co.configMapClient, co.recorder, requiredConfigMap)
 }
 
-func (co *consoleOperator) SyncDeployment(operatorConfig *operatorv1.Console, cm *corev1.ConfigMap, serviceCAConfigMap *corev1.ConfigMap, sec *corev1.Secret, rt *routev1.Route, canMountCustomLogo bool) (*appsv1.Deployment, bool, error) {
-	requiredDeployment := deploymentsub.DefaultDeployment(operatorConfig, cm, serviceCAConfigMap, sec, rt, canMountCustomLogo)
+func (co *consoleOperator) SyncDeployment(operatorConfig *operatorv1.Console, cm *corev1.ConfigMap, serviceCAConfigMap *corev1.ConfigMap, sec *corev1.Secret, rt *routev1.Route, proxyConfig *configv1.Proxy, canMountCustomLogo bool) (*appsv1.Deployment, bool, error) {
+	requiredDeployment := deploymentsub.DefaultDeployment(operatorConfig, cm, serviceCAConfigMap, sec, rt, proxyConfig, canMountCustomLogo)
 	expectedGeneration := getDeploymentGeneration(co)
 	genChanged := operatorConfig.ObjectMeta.Generation != operatorConfig.Status.ObservedGeneration
 

pkg/console/starter/starter.go

@@ -136,6 +136,7 @@ func RunOperator(ctx *controllercmd.ControllerContext) error {
 		kubeInformersNamespaced.Apps().V1().Deployments(), // Deployments
 		routesInformersNamespaced.Route().V1().Routes(),   // Route
 		oauthInformers.Oauth().V1().OAuthClients(),        // OAuth clients
+		configInformers.Config().V1().Proxies(),           // Proxy
 		// clients
 		operatorConfigClient.OperatorV1(),
 		configClient.ConfigV1(),

pkg/console/subresource/deployment/deployment.go

@@ -12,6 +12,7 @@ import (
 	"k8s.io/klog"
 
 	// openshift
+	configv1 "github.com/openshift/api/config/v1"
 	operatorv1 "github.com/openshift/api/operator/v1"
 	routev1 "github.com/openshift/api/route/v1"
 	"github.com/openshift/console-operator/pkg/api"
@@ -54,7 +55,7 @@ type volumeConfig struct {
 	isConfigMap bool
 }
 
-func DefaultDeployment(operatorConfig *operatorv1.Console, cm *corev1.ConfigMap, serviceCAConfigMap *corev1.ConfigMap, sec *corev1.Secret, rt *routev1.Route, canMountCustomLogo bool) *appsv1.Deployment {
+func DefaultDeployment(operatorConfig *operatorv1.Console, cm *corev1.ConfigMap, serviceCAConfigMap *corev1.ConfigMap, sec *corev1.Secret, rt *routev1.Route, proxyConfig *configv1.Proxy, canMountCustomLogo bool) *appsv1.Deployment {
 	labels := util.LabelsForConsole()
 	meta := util.SharedMeta()
 	meta.Labels = labels
@@ -137,7 +138,7 @@ func DefaultDeployment(operatorConfig *operatorv1.Console, cm *corev1.ConfigMap,
 					TerminationGracePeriodSeconds: &gracePeriod,
 					SecurityContext:               &corev1.PodSecurityContext{},
 					Containers: []corev1.Container{
-						consoleContainer(operatorConfig, volumeConfig),
+						consoleContainer(operatorConfig, volumeConfig, proxyConfig),
 					},
 					Volumes: consoleVolumes(volumeConfig),
 				},
@@ -230,7 +231,7 @@ func GetLogLevelFlag(logLevel operatorv1.LogLevel) string {
 	return flag
 }
 
-func consoleContainer(cr *operatorv1.Console, volConfigList []volumeConfig) corev1.Container {
+func consoleContainer(cr *operatorv1.Console, volConfigList []volumeConfig, proxyConfig *configv1.Proxy) corev1.Container {
 	volumeMounts := consoleVolumeMounts(volConfigList)
 	// Since the console-operator logging has different logging levels then the capnslog,
 	// that we use for console server(bridge) we need to map them to each other
@@ -252,6 +253,7 @@ func consoleContainer(cr *operatorv1.Console, volConfigList []volumeConfig) core
 		//	Name:  publicURLName,
 		//	Value: consoleURL(),
 		//}},
+		Env: setEnvironmentVariables(proxyConfig),
 		Ports: []corev1.ContainerPort{{
 			Name:          consolePortName,
 			Protocol:      corev1.ProtocolTCP,
@@ -270,6 +272,32 @@ func consoleContainer(cr *operatorv1.Console, volConfigList []volumeConfig) core
 	}
 }
 
+func setEnvironmentVariables(proxyConfig *configv1.Proxy) []corev1.EnvVar {
+	envVars := []corev1.EnvVar{}
+	if proxyConfig == nil {
+		return envVars
+	}
+	if len(proxyConfig.Status.HTTPSProxy) != 0 {
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "HTTPS_PROXY",
+			Value: proxyConfig.Status.HTTPSProxy,
+		})
+	}
+	if len(proxyConfig.Status.HTTPProxy) != 0 {
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "HTTP_PROXY",
+			Value: proxyConfig.Status.HTTPProxy,
+		})
+	}
+	if len(proxyConfig.Status.NoProxy) != 0 {
+		envVars = append(envVars, corev1.EnvVar{
+			Name:  "NO_PROXY",
+			Value: proxyConfig.Status.NoProxy,
+		})
+	}
+	return envVars
+}
+
 func defaultProbe() *corev1.Probe {
 	return &corev1.Probe{
 		Handler: corev1.Handler{

pkg/console/subresource/deployment/deployment_test.go

@@ -9,6 +9,7 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+	configv1 "github.com/openshift/api/config/v1"
 	operatorsv1 "github.com/openshift/api/operator/v1"
 	v1 "github.com/openshift/api/route/v1"
 	"github.com/openshift/console-operator/pkg/api"
@@ -27,6 +28,7 @@ func TestDefaultDeployment(t *testing.T) {
 		ca                 *corev1.ConfigMap
 		sec                *corev1.Secret
 		rt                 *v1.Route
+		proxy              *configv1.Proxy
 		canMountCustomLogo bool
 	}
 
@@ -40,6 +42,17 @@ func TestDefaultDeployment(t *testing.T) {
 		},
 		Status: operatorsv1.ConsoleStatus{},
 	}
+
+	proxyConfig := &configv1.Proxy{
+		TypeMeta:   metav1.TypeMeta{},
+		ObjectMeta: metav1.ObjectMeta{},
+		Spec: configv1.ProxySpec{
+			HTTPSProxy: "https://testurl.openshift.com",
+		},
+		Status: configv1.ProxyStatus{
+			HTTPSProxy: "https://testurl.openshift.com",
+		},
+	}
 	tests := []struct {
 		name string
 		args args
@@ -84,6 +97,7 @@ func TestDefaultDeployment(t *testing.T) {
 					TypeMeta:   metav1.TypeMeta{},
 					ObjectMeta: metav1.ObjectMeta{},
 				},
+				proxy: proxyConfig,
 			},
 			want: &appsv1.Deployment{
 				TypeMeta: metav1.TypeMeta{},
@@ -171,7 +185,7 @@ func TestDefaultDeployment(t *testing.T) {
 							TerminationGracePeriodSeconds: &gracePeriod,
 							SecurityContext:               &corev1.PodSecurityContext{},
 							Containers: []corev1.Container{
-								consoleContainer(consoleOperatorConfig, defaultVolumeConfig()),
+								consoleContainer(consoleOperatorConfig, defaultVolumeConfig(), proxyConfig),
 							},
 							Volumes: consoleVolumes(defaultVolumeConfig()),
 						},
@@ -188,7 +202,7 @@ func TestDefaultDeployment(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if diff := deep.Equal(DefaultDeployment(tt.args.config, tt.args.cm, tt.args.cm, tt.args.sec, tt.args.rt, tt.args.canMountCustomLogo), tt.want); diff != nil {
+			if diff := deep.Equal(DefaultDeployment(tt.args.config, tt.args.cm, tt.args.cm, tt.args.sec, tt.args.rt, tt.args.proxy, tt.args.canMountCustomLogo), tt.want); diff != nil {
 				t.Error(diff)
 			}
 		})