diff options
| -rw-r--r-- | cmd/podman/common.go | 4 | ||||
| -rw-r--r-- | cmd/podman/shared/create.go | 1 | ||||
| -rw-r--r-- | cmd/podman/shared/intermediate.go | 1 | ||||
| -rw-r--r-- | completions/bash/podman | 1 | ||||
| -rw-r--r-- | docs/podman-create.1.md | 10 | ||||
| -rw-r--r-- | docs/podman-run.1.md | 10 | ||||
| -rw-r--r-- | pkg/spec/createconfig.go | 1 | ||||
| -rw-r--r-- | pkg/spec/spec.go | 18 | ||||
| -rw-r--r-- | test/e2e/run_test.go | 14 |
9 files changed, 60 insertions, 0 deletions
diff --git a/cmd/podman/common.go b/cmd/podman/common.go index eac96d3ba..b02aa5990 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -313,6 +313,10 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "hostname", "h", "", "Set container hostname", ) + createFlags.Bool( + "http-proxy", true, + "Set proxy environment variables in container based on the host proxy vars", + ) createFlags.String( "image-volume", cliconfig.DefaultImageVolume, "Tells podman how to handle the builtin image volumes. The options are: 'bind', 'tmpfs', or 'ignore'", diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index c521f9cb6..48476e177 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -624,6 +624,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. GroupAdd: c.StringSlice("group-add"), Hostname: c.String("hostname"), HostAdd: c.StringSlice("add-host"), + HTTPProxy: c.Bool("http-proxy"), NoHosts: c.Bool("no-hosts"), IDMappings: idmappings, Image: imageName, diff --git a/cmd/podman/shared/intermediate.go b/cmd/podman/shared/intermediate.go index 9c494dec5..a38e4d47a 100644 --- a/cmd/podman/shared/intermediate.go +++ b/cmd/podman/shared/intermediate.go @@ -404,6 +404,7 @@ func NewIntermediateLayer(c *cliconfig.PodmanCommand, remote bool) GenericCLIRes m["healthcheck-start-period"] = newCRString(c, "healthcheck-start-period") m["healthcheck-timeout"] = newCRString(c, "healthcheck-timeout") m["hostname"] = newCRString(c, "hostname") + m["http-proxy"] = newCRBool(c, "http-proxy") m["image-volume"] = newCRString(c, "image-volume") m["init"] = newCRBool(c, "init") m["init-path"] = newCRString(c, "init-path") diff --git a/completions/bash/podman b/completions/bash/podman index 6acdcc05a..b5963f8b9 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -1711,6 +1711,7 @@ _podman_container_run() { --gidmap --group-add --hostname -h + --http-proxy --image-volume --init-path --ip diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 52c965293..884a8adcc 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -244,6 +244,16 @@ inside of the container. Read in a line delimited file of environment variables +**--http-proxy**=*true*|*false* + +By default proxy environment variables are passed into the container if set +for the podman process. This can be disabled by setting the `--http-proxy` +option to `false`. The environment variables passed in include `http_proxy`, +`https_proxy`, `ftp_proxy`, `no_proxy`, and also the upper case versions of +those. + +Defaults to `true` + **--expose**=[] Expose a port, or a range of ports (e.g. --expose=3300-3310) to set up port redirection diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index 4411aca9e..a0c17652a 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -251,6 +251,16 @@ inside of the container. Read in a line delimited file of environment variables +**--http-proxy**=*true*|*false* + +By default proxy environment variables are passed into the container if set +for the podman process. This can be disabled by setting the `--http-proxy` +option to `false`. The environment variables passed in include `http_proxy`, +`https_proxy`, `ftp_proxy`, `no_proxy`, and also the upper case versions of +those. + +Defaults to `true` + **--expose**=[] Expose a port, or a range of ports (e.g. --expose=3300-3310) to set up port redirection diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 064dedd45..9c674d9f1 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -87,6 +87,7 @@ type CreateConfig struct { NoHosts bool HostAdd []string //add-host Hostname string //hostname + HTTPProxy bool Image string ImageID string BuiltinImgVolumes map[string]struct{} // volumes defined in the image config diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go index 4cbed0ea4..383eeadf3 100644 --- a/pkg/spec/spec.go +++ b/pkg/spec/spec.go @@ -192,6 +192,24 @@ func CreateConfigToOCISpec(config *CreateConfig) (*spec.Spec, error) { //nolint } g.SetRootReadonly(config.ReadOnlyRootfs) + if config.HTTPProxy { + for _, envSpec := range []string{ + "http_proxy", + "HTTP_PROXY", + "https_proxy", + "HTTPS_PROXY", + "ftp_proxy", + "FTP_PROXY", + "no_proxy", + "NO_PROXY", + } { + envVal := os.Getenv(envSpec) + if envVal != "" { + g.AddProcessEnv(envSpec, envVal) + } + } + } + hostname := config.Hostname if hostname == "" && (config.NetMode.IsHost() || config.UtsMode.IsHost()) { hostname, err = os.Hostname() diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index a89ee491b..849fcc477 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -763,4 +763,18 @@ USER mail` session.WaitWithDefaultTimeout() Expect(session.ExitCode()).ToNot(Equal(0)) }) + + It("podman run --http-proxy test", func() { + os.Setenv("http_proxy", "1.2.3.4") + session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "http_proxy"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + match, _ := session.GrepString("1.2.3.4") + Expect(match).Should(BeTrue()) + + session = podmanTest.Podman([]string{"run", "--rm", "--http-proxy=false", ALPINE, "printenv", "http_proxy"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(1)) + os.Unsetenv("http_proxy") + }) }) |