feat: Add proxy support to Argo CLI API client

Signed-off-by: shimako55 <[email protected]>
argoproj · Oct 28, 2024 · ab1aaef · ab1aaef
1 parent 3dfea6d
commit ab1aaef
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 7 deletions.
diff --git a/cmd/argo/commands/client/conn.go b/cmd/argo/commands/client/conn.go
@@ -3,6 +3,8 @@ package client
 import (
 	"context"
 	"fmt"
+	"net/http"
+	"net/url"
 	"os"
 
 	log "github.com/sirupsen/logrus"
@@ -55,6 +57,14 @@ func AddAPIClientFlagsToCmd(cmd *cobra.Command) {
 }
 
 func NewAPIClient(ctx context.Context) (context.Context, apiclient.Client, error) {
+	var proxy func(*http.Request) (*url.URL, error)
+	if overrides.ClusterInfo.ProxyURL != "" {
+		proxyURL, err := url.Parse(overrides.ClusterInfo.ProxyURL)
+		if err != nil {
+			return nil, nil, err
+		}
+		proxy = http.ProxyURL(proxyURL)
+	}
 	return apiclient.NewClientFromOpts(
 		apiclient.Opts{
 			ArgoServerOpts: ArgoServerOpts,
@@ -70,7 +80,9 @@ func NewAPIClient(ctx context.Context) (context.Context, apiclient.Client, error
 			Offline:              Offline,
 			OfflineFiles:         OfflineFiles,
 			Context:              ctx,
-		})
+			Proxy:                proxy,
+		}
+	)
 }
 
 func Namespace() string {

diff --git a/pkg/apiclient/apiclient.go b/pkg/apiclient/apiclient.go
@@ -3,6 +3,8 @@ package apiclient
 import (
 	"context"
 	"fmt"
+	"net/http"
+	"net/url"
 
 	log "github.com/sirupsen/logrus"
 	"k8s.io/client-go/tools/clientcmd"
@@ -35,6 +37,7 @@ type Opts struct {
 	Offline              bool
 	OfflineFiles         []string
 	Context              context.Context
+	Proxy                func(*http.Request) (*url.URL, error)
 }
 
 func (o Opts) String() string {
@@ -73,7 +76,7 @@ func NewClientFromOpts(opts Opts) (context.Context, Client, error) {
 		if opts.AuthSupplier == nil {
 			return nil, nil, fmt.Errorf("AuthSupplier cannot be empty when connecting to Argo Server")
 		}
-		return newHTTP1Client(opts.ArgoServerOpts.GetURL(), opts.AuthSupplier(), opts.ArgoServerOpts.InsecureSkipVerify, opts.ArgoServerOpts.Headers, opts.ArgoServerOpts.HTTP1Client)
+		return newHTTP1Client(opts.ArgoServerOpts.GetURL(), opts.AuthSupplier(), opts.ArgoServerOpts.InsecureSkipVerify, opts.ArgoServerOpts.Headers, opts.ArgoServerOpts.HTTP1Client, opts.Proxy)
 	} else if opts.ArgoServerOpts.URL != "" {
 		if opts.AuthSupplier == nil {
 			return nil, nil, fmt.Errorf("AuthSupplier cannot be empty when connecting to Argo Server")

diff --git a/pkg/apiclient/http1-client.go b/pkg/apiclient/http1-client.go
@@ -3,7 +3,7 @@ package apiclient
 import (
 	"context"
 	"net/http"
-
+	"net/url"
 	"github.com/argoproj/argo-workflows/v3/pkg/apiclient/clusterworkflowtemplate"
 	cronworkflowpkg "github.com/argoproj/argo-workflows/v3/pkg/apiclient/cronworkflow"
 	"github.com/argoproj/argo-workflows/v3/pkg/apiclient/http1"
@@ -41,6 +41,6 @@ func (h httpClient) NewInfoServiceClient() (infopkg.InfoServiceClient, error) {
 	return http1.InfoServiceClient(h), nil
 }
 
-func newHTTP1Client(baseUrl string, auth string, insecureSkipVerify bool, headers []string, customHttpClient *http.Client) (context.Context, Client, error) {
-	return context.Background(), httpClient(http1.NewFacade(baseUrl, auth, insecureSkipVerify, headers, customHttpClient)), nil
+func newHTTP1Client(baseUrl string, auth string, insecureSkipVerify bool, headers []string, customHttpClient *http.Client, proxy func(*http.Request) (*url.URL, error)) (context.Context, Client, error) {
+	return context.Background(), httpClient(http1.NewFacade(baseUrl, auth, insecureSkipVerify, headers, customHttpClient, proxy)), nil
 }
diff --git a/pkg/apiclient/http1/facade.go b/pkg/apiclient/http1/facade.go
@@ -27,10 +27,11 @@ type Facade struct {
 	insecureSkipVerify bool
 	headers            []string
 	httpClient         *http.Client
+	proxy              func(*http.Request) (*url.URL, error)
 }
 
-func NewFacade(baseUrl, authorization string, insecureSkipVerify bool, headers []string, httpClient *http.Client) Facade {
-	return Facade{baseUrl, authorization, insecureSkipVerify, headers, httpClient}
+func NewFacade(baseUrl, authorization string, insecureSkipVerify bool, headers []string, httpClient *http.Client, proxy func(*http.Request) (*url.URL, error)) Facade {
+	return Facade{baseUrl, authorization, insecureSkipVerify, headers, httpClient, proxy}
 }
 
 func (h Facade) Get(ctx context.Context, in, out interface{}, path string) error {
@@ -67,10 +68,15 @@ func (h Facade) EventStreamReader(ctx context.Context, in interface{}, path stri
 	req.Header.Set("Accept", "text/event-stream")
 	req.Header.Set("Authorization", h.authorization)
 	log.Debugf("curl -H 'Accept: text/event-stream' -H 'Authorization: ******' '%v'", u)
+	proxyURL, err := h.proxyFunc()(req)
+	if err != nil {
+		return nil, err
+	}
 	client := h.httpClient
 	if h.httpClient == nil {
 		client = &http.Client{
 			Transport: &http.Transport{
+				Proxy: http.ProxyURL(proxyURL),
 				TLSClientConfig: &tls.Config{
 					InsecureSkipVerify: h.insecureSkipVerify,
 				},
@@ -113,10 +119,15 @@ func (h Facade) do(ctx context.Context, in interface{}, out interface{}, method
 	req.Header = headers
 	req.Header.Set("Authorization", h.authorization)
 	log.Debugf("curl -X %s -H 'Authorization: ******' -d '%s' '%v'", method, string(data), u)
+	proxyURL, err := h.proxyFunc()(req)
+	if err != nil {
+		return err
+	}
 	client := h.httpClient
 	if h.httpClient == nil {
 		client = &http.Client{
 			Transport: &http.Transport{
+				Proxy: http.ProxyURL(proxyURL),
 				TLSClientConfig: &tls.Config{
 					InsecureSkipVerify: h.insecureSkipVerify,
 				},