From 5689d8954ce82bd00108442d9d9c62710559f2de Mon Sep 17 00:00:00 2001
From: Ioannis Igoumenos <ioigoume@gmail.com>
Date: Mon, 25 Nov 2024 11:36:31 +0200
Subject: [PATCH] containers:Add support for forward proxy.

---
 container/registry/base/Dockerfile        | 10 ++++-
 container/registry/base/comanage_utils.sh | 49 +++++++++++++++++------
 2 files changed, 46 insertions(+), 13 deletions(-)

diff --git a/container/registry/base/Dockerfile b/container/registry/base/Dockerfile
index 7f25ac754..0ea6c580c 100644
--- a/container/registry/base/Dockerfile
+++ b/container/registry/base/Dockerfile
@@ -16,7 +16,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-ARG PHP_IMAGE_VERSION=8.1.27
+ARG PHP_IMAGE_VERSION=8.2.26
 FROM php:${PHP_IMAGE_VERSION}-apache-bookworm
 
 # Official PHP image with Apache HTTPD includes
@@ -52,6 +52,14 @@ ARG LDAPTLS_CACERT
 ENV LDAPTLS_CACERT ${LDAPTLS_CACERT:-/etc/ssl/certs/ca-certificates.crt}
 LABEL ldaptls_cacert=${LDAPTLS_CACERT}
 
+# Forward proxy configuration
+ARG HTTPS_PROXY
+ARG HTTP_PROXY
+ARG NO_PROXY
+ENV HTTP_PROXY=${HTTP_PROXY:-""}
+ENV HTTPS_PROXY=${HTTPS_PROXY:-""}
+ENV NO_PROXY=${NO_PROXY:-""}
+
 # Build the redis extension to use Redis for session storage.
 RUN docker-php-source extract \
     && pecl bundle -d /usr/src/php/ext redis \
diff --git a/container/registry/base/comanage_utils.sh b/container/registry/base/comanage_utils.sh
index a30ef9683..7b82c8825 100644
--- a/container/registry/base/comanage_utils.sh
+++ b/container/registry/base/comanage_utils.sh
@@ -126,28 +126,31 @@ function comanage_utils::consume_injected_environment() {
     local injectable_config_vars
 
     injectable_config_vars=( 
-        COMANAGE_REGISTRY_ADMIN_GIVEN_NAME
         COMANAGE_REGISTRY_ADMIN_FAMILY_NAME
+        COMANAGE_REGISTRY_ADMIN_GIVEN_NAME
         COMANAGE_REGISTRY_ADMIN_USERNAME
-        COMANAGE_REGISTRY_CRON_USER
         COMANAGE_REGISTRY_CRONTAB
-        COMANAGE_REGISTRY_DATASOURCE
+        COMANAGE_REGISTRY_CRON_USER
         COMANAGE_REGISTRY_DATABASE
         COMANAGE_REGISTRY_DATABASE_HOST
         COMANAGE_REGISTRY_DATABASE_PORT
         COMANAGE_REGISTRY_DATABASE_POSTGRES_SSLMODE
         COMANAGE_REGISTRY_DATABASE_USER
         COMANAGE_REGISTRY_DATABASE_USER_PASSWORD
+        COMANAGE_REGISTRY_DATASOURCE
+        COMANAGE_REGISTRY_EMAIL_ACCOUNT
+        COMANAGE_REGISTRY_EMAIL_ACCOUNT_PASSWORD
         COMANAGE_REGISTRY_EMAIL_FROM
-        COMANAGE_REGISTRY_EMAIL_TRANSPORT
         COMANAGE_REGISTRY_EMAIL_HOST
         COMANAGE_REGISTRY_EMAIL_PORT
-        COMANAGE_REGISTRY_EMAIL_ACCOUNT
-        COMANAGE_REGISTRY_EMAIL_ACCOUNT_PASSWORD
-        COMANAGE_REGISTRY_HTTP_LISTEN_PORT
-        COMANAGE_REGISTRY_HTTP_NO
+        COMANAGE_REGISTRY_EMAIL_TRANSPORT
         COMANAGE_REGISTRY_HTTPS_LISTEN_PORT
         COMANAGE_REGISTRY_HTTPS_NO
+        COMANAGE_REGISTRY_HTTP_LISTEN_PORT
+        COMANAGE_REGISTRY_HTTP_NO
+        COMANAGE_REGISTRY_NO_DATABASE_CONFIG
+        COMANAGE_REGISTRY_NO_EMAIL_CONFIG
+        COMANAGE_REGISTRY_NO_PROXY
         COMANAGE_REGISTRY_OIDC_AUTH_REQUEST_PARAMS
         COMANAGE_REGISTRY_OIDC_CLIENT_ID
         COMANAGE_REGISTRY_OIDC_CLIENT_SECRET
@@ -158,8 +161,7 @@ function comanage_utils::consume_injected_environment() {
         COMANAGE_REGISTRY_OIDC_SCOPES
         COMANAGE_REGISTRY_OIDC_SESSION_INACTIVITY_TIMEOUT
         COMANAGE_REGISTRY_OIDC_SESSION_MAX_DURATION
-        COMANAGE_REGISTRY_NO_DATABASE_CONFIG
-        COMANAGE_REGISTRY_NO_EMAIL_CONFIG
+        COMANAGE_REGISTRY_PHP_SESSION_REDIS_URL
         COMANAGE_REGISTRY_REMOTE_IP
         COMANAGE_REGISTRY_REMOTE_IP_HEADER
         COMANAGE_REGISTRY_REMOTE_IP_INTERNAL_PROXY
@@ -171,16 +173,18 @@ function comanage_utils::consume_injected_environment() {
         COMANAGE_REGISTRY_REMOTE_IP_TRUSTED_PROXY_LIST
         COMANAGE_REGISTRY_SECURITY_SALT
         COMANAGE_REGISTRY_SECURITY_SEED
-        COMANAGE_REGISTRY_PHP_SESSION_REDIS_URL
         COMANAGE_REGISTRY_SKIP_SETUP
         COMANAGE_REGISTRY_SKIP_UPGRADE
         COMANAGE_REGISTRY_SLASH_ROOT_DIRECTORY
         COMANAGE_REGISTRY_VIRTUAL_HOST_FQDN
+        COMANAGE_REGISTRY_VIRTUAL_HOST_PORT
         COMANAGE_REGISTRY_VIRTUAL_HOST_REDIRECT_HTTP_NO
         COMANAGE_REGISTRY_VIRTUAL_HOST_SCHEME
-        COMANAGE_REGISTRY_VIRTUAL_HOST_PORT
         HTTPS_CERT_FILE
         HTTPS_PRIVKEY_FILE
+        HTTPS_PROXY
+        HTTP_PROXY
+        NO_PROXY
         SERVER_NAME
     )
 
@@ -340,6 +344,8 @@ function comanage_utils::exec_apache_http_server() {
 
     comanage_utils::enable_virtual_host
 
+    comanage_utils::http_proxy
+
     comanage_utils::prepare_php_session
 
     comanage_utils::wait_database_connectivity
@@ -1417,6 +1423,25 @@ EOF
 
 }
 
+##########################################
+# Write HTTP proxy stanza
+# Globals:
+#   HTTPS_PROXY
+#   HTTP_PROXY
+# Arguments:
+#   None
+# Returns:
+#   None
+##########################################
+function comanage_utils::http_proxy() {
+       if [ -n "${HTTP_PROXY}" ]; then
+         echo 'Acquire::http::Proxy "'${HTTP_PROXY}'";' >> /etc/apt/apt.conf
+       fi
+       if [ -n "${HTTPS_PROXY}" ]; then
+         echo 'Acquire::https::Proxy "'${HTTPS_PROXY}'";' >> /etc/apt/apt.conf
+       fi
+}
+
 
 ##########################################
 # Wait until able to connect to database