From 5d6d5d3f1eadd5f66698e93462a6ac4b5416d78b Mon Sep 17 00:00:00 2001
From: anaik91 <ashwinknaik@google.com>
Date: Fri, 10 Nov 2023 12:36:11 +0530
Subject: [PATCH] feat: added support for http proxy credentials

---
 .../templates/http_proxy.j2                   | 18 +++++++++++++++
 .../templates/overrides.yaml.j2               | 12 ++++------
 vars/vars.yaml                                | 22 +++++++++++++------
 3 files changed, 37 insertions(+), 15 deletions(-)
 create mode 100644 roles/apigee-hybrid-overrides/templates/http_proxy.j2

diff --git a/roles/apigee-hybrid-overrides/templates/http_proxy.j2 b/roles/apigee-hybrid-overrides/templates/http_proxy.j2
new file mode 100644
index 0000000..45c12ec
--- /dev/null
+++ b/roles/apigee-hybrid-overrides/templates/http_proxy.j2
@@ -0,0 +1,18 @@
+{% macro proxy_settings(enabled, host, port, scheme, username, password) %}
+{% if enabled  -%}
+httpProxy:
+  host: {{ host }}
+  port: {{ port }}
+  scheme: {{ scheme }}
+  {{ creds(username, password) }}
+{%- endif %}
+{% endmacro %}
+
+
+
+{% macro creds(username, password) %}
+{% if username != ""  -%}
+  username: {{ username }}
+  password: {{ password }}
+{%- endif %}
+{% endmacro %}
\ No newline at end of file
diff --git a/roles/apigee-hybrid-overrides/templates/overrides.yaml.j2 b/roles/apigee-hybrid-overrides/templates/overrides.yaml.j2
index f41562d..d03d5bc 100644
--- a/roles/apigee-hybrid-overrides/templates/overrides.yaml.j2
+++ b/roles/apigee-hybrid-overrides/templates/overrides.yaml.j2
@@ -1,5 +1,6 @@
 {% from 'images.j2' import container_image %}
 {% from 'service_account.j2' import svc_account %}
+{% from 'http_proxy.j2' import proxy_settings %}
 namespace: apigee
 gcp:
   region: {{ overrides.gcp.region }}
@@ -19,13 +20,7 @@ imagePullSecrets:
 - name: {{ overrides.imagePullSecrets }}
 {%- endif %}
 
-{% if overrides.httpProxy|default(false) -%}
-httpProxy:
-  host: {{ overrides.httpProxy.host }}
-  port: {{ overrides.httpProxy.port }}
-  scheme: {{ overrides.httpProxy.scheme|default('HTTPS') }}
-{%- endif %}
-
+{{ proxy_settings(overrides.httpProxy|default(false), overrides.httpProxy.host, overrides.httpProxy.port, overrides.httpProxy.scheme|default('HTTPS'), overrides.httpProxy.username|default(''), overrides.httpProxy.password|default('')) }}
 
 {% if overrides.nodeSelector.requiredForScheduling != "" -%}
 nodeSelector:
@@ -84,6 +79,7 @@ envs:
     synchronizer: {{ svc_account(create_service_account, deployment_environment,'synchronizer', overrides.synchronizer.serviceAccountRef) | indent( width=4)}}
     udca: {{ svc_account(create_service_account, deployment_environment,'udca', overrides.udca.serviceAccountRef) | indent( width=4)}}
     runtime: {{ svc_account(create_service_account, deployment_environment,'runtime', overrides.runtime.serviceAccountRef) | indent( width=4)}}
+  {{ proxy_settings(each_env.httpProxy|default(false), each_env.httpProxy.host, each_env.httpProxy.port, each_env.httpProxy.scheme|default('HTTPS'), each_env.httpProxy.username|default(''), each_env.httpProxy.password|default(''))| indent( width=2) }}
 {% endfor %}
 
 mart:
@@ -194,7 +190,7 @@ metrics:
   sdSidecar:
     {{ container_image(overrides.metrics.sdSidecar.image.url,overrides.metrics.sdSidecar.image.tag,overrides.metrics.sdSidecar.image.pullPolicy,) | indent( width=4)}}
   serviceAccountRef: {{ svc_account(create_service_account, deployment_environment,'metrics', overrides.metrics.serviceAccountRef) | indent( width=2)}}
-  {% if overrides.logger.metrics|default('',true) != '' -%}
+  {% if overrides.metrics.proxyURL|default('',true) != '' -%}
   proxyURL: {{ overrides.metrics.proxyURL }}
   {%- endif %}
 
diff --git a/vars/vars.yaml b/vars/vars.yaml
index 6f06d32..66c05bd 100644
--- a/vars/vars.yaml
+++ b/vars/vars.yaml
@@ -117,17 +117,19 @@ overrides:
   #
   imagePullSecrets:
 
-  # httpProxy:
-    # host: 172.23.3.99
-    # port: 8080
-    # scheme: HTTP
+  httpProxy:
+    host: 172.23.3.99
+    port: 8080
+    scheme: HTTP
+    # username: test
+    # password: test1
 
 
   nodeSelector:
     requiredForScheduling: true
     apigeeRuntime:
       key: "cloud.google.com/gke-nodepool"
-      value: "apigee-runtime"
+      value: "apigee-runtime1"
     apigeeData:
       key: "cloud.google.com/gke-nodepool"
       value: "apigee-data"
@@ -169,6 +171,12 @@ overrides:
         replicaCountMax: 4
       runtime:
         replicaCountMax: 3
+      # httpProxy:
+      #   host: 172.23.3.99
+      #   port: 8080
+      #   scheme: HTTP
+      #   username: testenv
+      #   password: testenv1
 
     - name: test2
 
@@ -313,7 +321,7 @@ overrides:
       requests:
         cpu: 100m
         memory: 250Mi
-    proxyURL:
+    # proxyURL: http://172.23.3.99:8080
   #
   # Apigee Metrics.
   #
@@ -352,7 +360,7 @@ overrides:
         url: "gcr.io/apigee-release/hybrid/apigee-stackdriver-prometheus-sidecar"
         tag: "0.9.0"
         pullPolicy: IfNotPresent
-    proxyURL:
+    # proxyURL: http://172.23.3.99:8080
   # Apigee Connect Agent
   connectAgent:
     serviceAccountRef: apigee-hybrid-secret