Add support for proxy (#2286)

Co-authored-by: Nikola Jokic <jokicnikola07@gmail.com>
Co-authored-by: Tingluo Huang <tingluohuang@github.com>
Co-authored-by: Ferenc Hammerl <fhammerl@github.com>

charts/auto-scaling-runner-set/templates/autoscalingrunnerset.yaml

@@ -12,6 +12,23 @@ spec:
   runnerGroup: {{ . }}
   {{- end }}
 
+  {{- if .Values.proxy }}
+  proxy:
+    {{- if .Values.proxy.http }}
+    http:
+      url: {{ .Values.proxy.http.url }}
+      credentialSecretRef: {{ .Values.proxy.http.credentialSecretRef }}
+    {{ end }}
+    {{- if .Values.proxy.https }}
+    https:
+      url: {{ .Values.proxy.https.url }}
+      credentialSecretRef: {{ .Values.proxy.https.credentialSecretRef }}
+    {{ end }}
+    {{- if and .Values.proxy.noProxy (kindIs "slice" .Values.proxy.noProxy) }}
+    noProxy: {{ .Values.proxy.noProxy | toYaml | nindent 6}}
+    {{ end }}
+  {{ end }}
+
   {{- if and (or (kindIs "int64" .Values.minRunners) (kindIs "float64" .Values.minRunners)) (or (kindIs "int64" .Values.maxRunners) (kindIs "float64" .Values.maxRunners)) }}
     {{- if gt .Values.minRunners .Values.maxRunners }}
       {{- fail "maxRunners has to be greater or equal to minRunners" }}

charts/auto-scaling-runner-set/tests/template_test.go

@@ -737,3 +737,46 @@ func TestTemplateRenderedAutoScalingRunnerSet_ErrorOnEmptyPredefinedSecret(t *te
 
 	assert.ErrorContains(t, err, "Values.githubConfigSecret is required for setting auth with GitHub server")
 }
+
+func TestTemplateRenderedWithProxy(t *testing.T) {
+	t.Parallel()
+
+	// Path to the helm chart we will test
+	helmChartPath, err := filepath.Abs("../../auto-scaling-runner-set")
+	require.NoError(t, err)
+
+	releaseName := "test-runners"
+	namespaceName := "test-" + strings.ToLower(random.UniqueId())
+
+	options := &helm.Options{
+		SetValues: map[string]string{
+			"githubConfigUrl":                 "https://github.com/actions",
+			"githubConfigSecret":              "pre-defined-secrets",
+			"proxy.http.url":                  "http://proxy.example.com",
+			"proxy.http.credentialSecretRef":  "http-secret",
+			"proxy.https.url":                 "https://proxy.example.com",
+			"proxy.https.credentialSecretRef": "https-secret",
+			"proxy.noProxy":                   "{example.com,example.org}",
+		},
+		KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
+	}
+
+	output := helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/autoscalingrunnerset.yaml"})
+
+	var ars v1alpha1.AutoscalingRunnerSet
+	helm.UnmarshalK8SYaml(t, output, &ars)
+
+	require.NotNil(t, ars.Spec.Proxy)
+	require.NotNil(t, ars.Spec.Proxy.HTTP)
+	assert.Equal(t, "http://proxy.example.com", ars.Spec.Proxy.HTTP.Url)
+	assert.Equal(t, "http-secret", ars.Spec.Proxy.HTTP.CredentialSecretRef)
+
+	require.NotNil(t, ars.Spec.Proxy.HTTPS)
+	assert.Equal(t, "https://proxy.example.com", ars.Spec.Proxy.HTTPS.Url)
+	assert.Equal(t, "https-secret", ars.Spec.Proxy.HTTPS.CredentialSecretRef)
+
+	require.NotNil(t, ars.Spec.Proxy.NoProxy)
+	require.Len(t, ars.Spec.Proxy.NoProxy, 2)
+	assert.Contains(t, ars.Spec.Proxy.NoProxy, "example.com")
+	assert.Contains(t, ars.Spec.Proxy.NoProxy, "example.org")
+}

charts/auto-scaling-runner-set/values.yaml

@@ -22,6 +22,20 @@ githubConfigSecret:
 ##   > kubectl create secret generic pre-defined-secret --namespace=my_namespace --from-literal=github_app_id=123456 --from-literal=github_app_installation_id=654321 --from-literal=github_app_private_key='-----BEGIN CERTIFICATE-----*******'
 # githubConfigSecret: pre-defined-secret
 
+## proxy can be used to define proxy settings that will be used by the
+## controller, the listener and the runner of this scale set.
+#
+# proxy:
+#   http:
+#     url: http://proxy.com:1234
+#     credentialSecretRef: proxy-auth # a secret with `username` and `password` keys
+#   https:
+#     url: http://proxy.com:1234
+#     credentialSecretRef: proxy-auth # a secret with `username` and `password` keys
+#   noProxy:
+#     - example.com
+#     - example.org
+
 ## maxRunners is the max number of runners the auto scaling runner set will scale up to.
 # maxRunners: 5