HTTP Proxy

GitGuardian allows you to configure an HTTP proxy for outgoing traffic from the application.

This includes traffic to services like Replicated, Docker, messaging integrations, and other external connections. For more details, refer to our Network Requirements page.

caution

• You must add 127.0.0.1,10.0.0.0/8 to the list of proxy exceptions NO_PROXY to permit the local and internal cluster traffic through the proxy (replace 10.0.0.0/8 with your internal subnet).
• Verify the proxy FQDNs are resolvable and reachable within your Kubernetes cluster.
• Specifying password in proxy URLs is not supported.
• GitGuardian can be deployed with both HTTP and HTTPS proxies. For the HTTPS proxy, it may be necessary to add a Certificate Authority (CA) so that the proxy's SSL certificate is trusted. This process ensures secure and reliable communication between the application and the proxy. For more information, please refer to the custom CA section.

KOTS-based installation

In the KOTS Admin Console, you can configure the URL(s) for the outgoing HTTP(s) traffic to your proxy server:

Helm-based installation

Update your values file to use a proxy for the outgoing HTTP(s) traffic.

proxy:
  httpProxyUrl: "http://proxy:8080"
  httpsProxyUrl: "http://proxy:8080"
  noProxyHostNames:
    - 127.0.0.1
    - 10.0.0.0/8

replicated:
  privateCASecret: # optional if you use a custom CA for your proxy
    name: custom-ca
    key: ca.crt
  extraEnv:
    - name: HTTP_PROXY
      value: "http://proxy:8080"
    - name: HTTPS_PROXY
      value: "http://proxy:8080"
    - name: NO_PROXY
      value: "127.0.0.1,10.0.0.0/8"