Add Proxy Support for self-hosted runner. (#206)

2025-12-13 19:03:44 +00:00 · 2019-12-09 15:15:54 -05:00
parent 56e18f3606
commit d81a7656a4
24 changed files with 743 additions and 682 deletions
--- a/src/Runner.Common/Constants.cs
+++ b/src/Runner.Common/Constants.cs
@@ -29,9 +29,6 @@ namespace GitHub.Runner.Common
        Service,
        CredentialStore,
        Certificates,
-        Proxy,
-        ProxyCredentials,
-        ProxyBypass,
        Options,
    }

@@ -97,8 +94,6 @@ namespace GitHub.Runner.Common
                    public static readonly string Auth = "auth";
                    public static readonly string MonitorSocketAddress = "monitorsocketaddress";
                    public static readonly string Pool = "pool";
-                    public static readonly string ProxyUrl = "proxyurl";
-                    public static readonly string ProxyUserName = "proxyusername";
                    public static readonly string SslCACert = "sslcacert";
                    public static readonly string SslClientCert = "sslclientcert";
                    public static readonly string SslClientCertKey = "sslclientcertkey";
@@ -111,14 +106,12 @@ namespace GitHub.Runner.Common

                    // Secret args. Must be added to the "Secrets" getter as well.
                    public static readonly string Password = "password";
-                    public static readonly string ProxyPassword = "proxypassword";
                    public static readonly string SslClientCertPassword = "sslclientcertpassword";
                    public static readonly string Token = "token";
                    public static readonly string WindowsLogonPassword = "windowslogonpassword";
                    public static string[] Secrets => new[]
                    {
                        Password,
-                        ProxyPassword,
                        SslClientCertPassword,
                        Token,
                        WindowsLogonPassword,
--- a/src/Runner.Common/HostContext.cs
+++ b/src/Runner.Common/HostContext.cs
@@ -26,6 +26,7 @@ namespace GitHub.Runner.Common
        ShutdownReason RunnerShutdownReason { get; }
        ISecretMasker SecretMasker { get; }
        ProductInfoHeaderValue UserAgent { get; }
+        RunnerWebProxy WebProxy { get; }
        string GetDirectory(WellKnownDirectory directory);
        string GetConfigFile(WellKnownConfigFile configFile);
        Tracing GetTrace(string name);
@@ -67,12 +68,14 @@ namespace GitHub.Runner.Common
        private IDisposable _diagListenerSubscription;
        private StartupType _startupType;
        private string _perfFile;
+        private RunnerWebProxy _webProxy = new RunnerWebProxy();

        public event EventHandler Unloading;
        public CancellationToken RunnerShutdownToken => _runnerShutdownTokenSource.Token;
        public ShutdownReason RunnerShutdownReason { get; private set; }
        public ISecretMasker SecretMasker => _secretMasker;
        public ProductInfoHeaderValue UserAgent => _userAgent;
+        public RunnerWebProxy WebProxy => _webProxy;
        public HostContext(string hostType, string logFile = null)
        {
            // Validate args.
@@ -147,6 +150,48 @@ namespace GitHub.Runner.Common
                    _trace.Error(ex);
                }
            }
+
+            // Check and trace proxy info
+            if (!string.IsNullOrEmpty(WebProxy.HttpProxyAddress))
+            {
+                if (string.IsNullOrEmpty(WebProxy.HttpProxyUsername) && string.IsNullOrEmpty(WebProxy.HttpProxyPassword))
+                {
+                    _trace.Info($"Configuring anonymous proxy {WebProxy.HttpProxyAddress} for all HTTP requests.");
+                }
+                else
+                {
+                    // Register proxy password as secret
+                    if (!string.IsNullOrEmpty(WebProxy.HttpProxyPassword))
+                    {
+                        this.SecretMasker.AddValue(WebProxy.HttpProxyPassword);
+                    }
+
+                    _trace.Info($"Configuring authenticated proxy {WebProxy.HttpProxyAddress} for all HTTP requests.");
+                }
+            }
+
+            if (!string.IsNullOrEmpty(WebProxy.HttpsProxyAddress))
+            {
+                if (string.IsNullOrEmpty(WebProxy.HttpsProxyUsername) && string.IsNullOrEmpty(WebProxy.HttpsProxyPassword))
+                {
+                    _trace.Info($"Configuring anonymous proxy {WebProxy.HttpsProxyAddress} for all HTTPS requests.");
+                }
+                else
+                {
+                    // Register proxy password as secret
+                    if (!string.IsNullOrEmpty(WebProxy.HttpsProxyPassword))
+                    {
+                        this.SecretMasker.AddValue(WebProxy.HttpsProxyPassword);
+                    }
+
+                    _trace.Info($"Configuring authenticated proxy {WebProxy.HttpsProxyAddress} for all HTTPS requests.");
+                }
+            }
+
+            if (string.IsNullOrEmpty(WebProxy.HttpProxyAddress) && string.IsNullOrEmpty(WebProxy.HttpsProxyAddress))
+            {
+                _trace.Info($"No proxy settings were found based on environmental variables (http_proxy/https_proxy/HTTP_PROXY/HTTPS_PROXY)");
+            }
        }

        public RunMode RunMode
@@ -282,24 +327,6 @@ namespace GitHub.Runner.Common
                        ".certificates");
                    break;

-                case WellKnownConfigFile.Proxy:
-                    path = Path.Combine(
-                        GetDirectory(WellKnownDirectory.Root),
-                        ".proxy");
-                    break;
-
-                case WellKnownConfigFile.ProxyCredentials:
-                    path = Path.Combine(
-                        GetDirectory(WellKnownDirectory.Root),
-                        ".proxycredentials");
-                    break;
-
-                case WellKnownConfigFile.ProxyBypass:
-                    path = Path.Combine(
-                        GetDirectory(WellKnownDirectory.Root),
-                        ".proxybypass");
-                    break;
-
                case WellKnownConfigFile.Options:
                    path = Path.Combine(
                        GetDirectory(WellKnownDirectory.Root),
@@ -580,8 +607,7 @@ namespace GitHub.Runner.Common
        public static HttpClientHandler CreateHttpClientHandler(this IHostContext context)
        {
            HttpClientHandler clientHandler = new HttpClientHandler();
-            var runnerWebProxy = context.GetService<IRunnerWebProxy>();
-            clientHandler.Proxy = runnerWebProxy.WebProxy;
+            clientHandler.Proxy = context.WebProxy;
            return clientHandler;
        }
    }
--- a/src/Runner.Common/RunnerWebProxy.cs
+++ b/src/Runner.Common/RunnerWebProxy.cs
@@ -1,196 +0,0 @@
-using GitHub.Runner.Common.Util;
-using System;
-using System.Linq;
-using System.Net;
-using System.IO;
-using System.Collections.Generic;
-using System.Text.RegularExpressions;
-using GitHub.Runner.Sdk;
-
-namespace GitHub.Runner.Common
-{
-    [ServiceLocator(Default = typeof(RunnerWebProxy))]
-    public interface IRunnerWebProxy : IRunnerService
-    {
-        string ProxyAddress { get; }
-        string ProxyUsername { get; }
-        string ProxyPassword { get; }
-        List<string> ProxyBypassList { get; }
-        IWebProxy WebProxy { get; }
-    }
-
-    public class RunnerWebProxy : RunnerService, IRunnerWebProxy
-    {
-        private readonly List<Regex> _regExBypassList = new List<Regex>();
-        private readonly List<string> _bypassList = new List<string>();
-        private RunnerWebProxyCore _runnerWebProxy = new RunnerWebProxyCore();
-
-        public string ProxyAddress { get; private set; }
-        public string ProxyUsername { get; private set; }
-        public string ProxyPassword { get; private set; }
-        public List<string> ProxyBypassList => _bypassList;
-        public IWebProxy WebProxy => _runnerWebProxy;
-
-        public override void Initialize(IHostContext context)
-        {
-            base.Initialize(context);
-            LoadProxySetting();
-        }
-
-        // This should only be called from config
-        public void SetupProxy(string proxyAddress, string proxyUsername, string proxyPassword)
-        {
-            ArgUtil.NotNullOrEmpty(proxyAddress, nameof(proxyAddress));
-            Trace.Info($"Update proxy setting from '{ProxyAddress ?? string.Empty}' to'{proxyAddress}'");
-            ProxyAddress = proxyAddress;
-            ProxyUsername = proxyUsername;
-            ProxyPassword = proxyPassword;
-
-            if (string.IsNullOrEmpty(ProxyUsername) || string.IsNullOrEmpty(ProxyPassword))
-            {
-                Trace.Info($"Config proxy use DefaultNetworkCredentials.");
-            }
-            else
-            {
-                Trace.Info($"Config authentication proxy as: {ProxyUsername}.");
-            }
-
-            _runnerWebProxy.Update(ProxyAddress, ProxyUsername, ProxyPassword, ProxyBypassList);
-        }
-
-        // This should only be called from config
-        public void SaveProxySetting()
-        {
-            if (!string.IsNullOrEmpty(ProxyAddress))
-            {
-                string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy);
-                IOUtil.DeleteFile(proxyConfigFile);
-                Trace.Info($"Store proxy configuration to '{proxyConfigFile}' for proxy '{ProxyAddress}'");
-                File.WriteAllText(proxyConfigFile, ProxyAddress);
-                File.SetAttributes(proxyConfigFile, File.GetAttributes(proxyConfigFile) | FileAttributes.Hidden);
-
-                string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials);
-                IOUtil.DeleteFile(proxyCredFile);
-                if (!string.IsNullOrEmpty(ProxyUsername) && !string.IsNullOrEmpty(ProxyPassword))
-                {
-                    string lookupKey = Guid.NewGuid().ToString("D").ToUpperInvariant();
-                    Trace.Info($"Store proxy credential lookup key '{lookupKey}' to '{proxyCredFile}'");
-                    File.WriteAllText(proxyCredFile, lookupKey);
-                    File.SetAttributes(proxyCredFile, File.GetAttributes(proxyCredFile) | FileAttributes.Hidden);
-
-                    var credStore = HostContext.GetService<IRunnerCredentialStore>();
-                    credStore.Write($"GITHUB_ACTIONS_RUNNER_PROXY_{lookupKey}", ProxyUsername, ProxyPassword);
-                }
-            }
-            else
-            {
-                Trace.Info("No proxy configuration exist.");
-            }
-        }
-
-        // This should only be called from unconfig
-        public void DeleteProxySetting()
-        {
-            string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials);
-            if (File.Exists(proxyCredFile))
-            {
-                Trace.Info("Delete proxy credential from credential store.");
-                string lookupKey = File.ReadAllLines(proxyCredFile).FirstOrDefault();
-                if (!string.IsNullOrEmpty(lookupKey))
-                {
-                    var credStore = HostContext.GetService<IRunnerCredentialStore>();
-                    credStore.Delete($"GITHUB_ACTIONS_RUNNER_PROXY_{lookupKey}");
-                }
-
-                Trace.Info($"Delete .proxycredentials file: {proxyCredFile}");
-                IOUtil.DeleteFile(proxyCredFile);
-            }
-
-            string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass);
-            if (File.Exists(proxyBypassFile))
-            {
-                Trace.Info($"Delete .proxybypass file: {proxyBypassFile}");
-                IOUtil.DeleteFile(proxyBypassFile);
-            }
-
-            string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy);
-            Trace.Info($"Delete .proxy file: {proxyConfigFile}");
-            IOUtil.DeleteFile(proxyConfigFile);
-        }
-
-        private void LoadProxySetting()
-        {
-            string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy);
-            if (File.Exists(proxyConfigFile))
-            {
-                // we expect the first line of the file is the proxy url
-                Trace.Verbose($"Try read proxy setting from file: {proxyConfigFile}.");
-                ProxyAddress = File.ReadLines(proxyConfigFile).FirstOrDefault() ?? string.Empty;
-                ProxyAddress = ProxyAddress.Trim();
-                Trace.Verbose($"{ProxyAddress}");
-            }
-
-            if (!string.IsNullOrEmpty(ProxyAddress) && !Uri.IsWellFormedUriString(ProxyAddress, UriKind.Absolute))
-            {
-                Trace.Info($"The proxy url is not a well formed absolute uri string: {ProxyAddress}.");
-                ProxyAddress = string.Empty;
-            }
-
-            if (!string.IsNullOrEmpty(ProxyAddress))
-            {
-                Trace.Info($"Config proxy at: {ProxyAddress}.");
-
-                string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials);
-                if (File.Exists(proxyCredFile))
-                {
-                    string lookupKey = File.ReadAllLines(proxyCredFile).FirstOrDefault();
-                    if (!string.IsNullOrEmpty(lookupKey))
-                    {
-                        var credStore = HostContext.GetService<IRunnerCredentialStore>();
-                        var proxyCred = credStore.Read($"GITHUB_ACTIONS_RUNNER_PROXY_{lookupKey}");
-                        ProxyUsername = proxyCred.UserName;
-                        ProxyPassword = proxyCred.Password;
-                    }
-                }
-
-                if (!string.IsNullOrEmpty(ProxyPassword))
-                {
-                    HostContext.SecretMasker.AddValue(ProxyPassword);
-                }
-
-                if (string.IsNullOrEmpty(ProxyUsername) || string.IsNullOrEmpty(ProxyPassword))
-                {
-                    Trace.Info($"Config proxy use DefaultNetworkCredentials.");
-                }
-                else
-                {
-                    Trace.Info($"Config authentication proxy as: {ProxyUsername}.");
-                }
-
-                string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass);
-                if (File.Exists(proxyBypassFile))
-                {
-                    Trace.Verbose($"Try read proxy bypass list from file: {proxyBypassFile}.");
-                    foreach (string bypass in File.ReadAllLines(proxyBypassFile))
-                    {
-                        if (string.IsNullOrWhiteSpace(bypass))
-                        {
-                            continue;
-                        }
-                        else
-                        {
-                            Trace.Info($"Bypass proxy for: {bypass}.");
-                            ProxyBypassList.Add(bypass.Trim());
-                        }
-                    }
-                }
-
-                _runnerWebProxy.Update(ProxyAddress, ProxyUsername, ProxyPassword, ProxyBypassList);
-            }
-            else
-            {
-                Trace.Info($"No proxy setting found.");
-            }
-        }
-    }
-}