From 1480d52c9a05afda7e772ae48e457e6dae686cae Mon Sep 17 00:00:00 2001
From: Mohammed Naser <mnaser@vexxhost.com>
Date: Mon, 17 Jun 2024 12:23:36 -0400
Subject: [PATCH] feat: Introduced http(s)_proxy and no_proxy

---
 roles/containerd/defaults/main.yml               |  4 ++++
 roles/containerd/templates/containerd.service.j2 | 10 +++++++++-
 roles/download_artifact/defaults/main.yml        |  4 ++++
 roles/download_artifact/tasks/main.yml           |  4 ++++
 4 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/roles/containerd/defaults/main.yml b/roles/containerd/defaults/main.yml
index 1126d59..a7ff714 100644
--- a/roles/containerd/defaults/main.yml
+++ b/roles/containerd/defaults/main.yml
@@ -62,6 +62,10 @@ containerd_limit_core: "infinity"
 containerd_limit_open_file_num: "{{ '1048576' if ansible_facts['os_family'] == 'RedHat' else 'infinity' }}"
 containerd_limit_mem_lock: "infinity"
 
+containerd_http_proxy: "{{ http_proxy | default('') }}"
+containerd_https_proxy: "{{ https_proxy | default('') }}"
+containerd_no_proxy: "{{ no_proxy | default('') }}"
+
 # NOTE(jrosser): If you need to override the default containerd snapshotter, for example
 # when the underlying filesystem does not support overlayfs, set it here
 containerd_snapshotter: ""
diff --git a/roles/containerd/templates/containerd.service.j2 b/roles/containerd/templates/containerd.service.j2
index 6870d69..1ec0a90 100644
--- a/roles/containerd/templates/containerd.service.j2
+++ b/roles/containerd/templates/containerd.service.j2
@@ -20,7 +20,15 @@ After=network.target local-fs.target
 [Service]
 ExecStartPre=-/sbin/modprobe overlay
 ExecStart=/usr/bin/containerd --config {{ containerd_cfg_file }}
-
+{% if containerd_http_proxy %}
+Environment="HTTP_PROXY={{ containerd_http_proxy }}"
+{% endif %}
+{% if containerd_https_proxy %}
+Environment="HTTPS_PROXY={{ containerd_https_proxy }}"
+{% endif %}
+{% if containerd_no_proxy %}
+Environment="NO_PROXY={{ containerd_no_proxy }}"
+{% endif %}
 Type=notify
 Delegate=yes
 KillMode=process
diff --git a/roles/download_artifact/defaults/main.yml b/roles/download_artifact/defaults/main.yml
index 01357a3..2fc11da 100644
--- a/roles/download_artifact/defaults/main.yml
+++ b/roles/download_artifact/defaults/main.yml
@@ -24,6 +24,10 @@ download_artifact_validate_certs: true
 # download_artifact_url_username:
 # download_artifact_url_password:
 
+download_artifact_http_proxy: "{{ http_proxy | default('') }}"
+download_artifact_https_proxy: "{{ https_proxy | default('') }}"
+download_artifact_no_proxy: "{{ no_proxy | default('') }}"
+
 # NOTE(fitbeard): If this is false, debug information will be displayed but may
 #                 contain some private data, so it is recommended to set it to
 #                 true a production environment.
diff --git a/roles/download_artifact/tasks/main.yml b/roles/download_artifact/tasks/main.yml
index 65406ad..07684fc 100644
--- a/roles/download_artifact/tasks/main.yml
+++ b/roles/download_artifact/tasks/main.yml
@@ -34,6 +34,10 @@
   #                 environment passwords in the log.
   no_log: "{{ download_artifact_no_log | bool }}"
   notify: "{{ download_artifact_notify }}"
+  environment:
+    http_proxy: "{{ download_artifact_http_proxy }}"
+    https_proxy: "{{ download_artifact_https_proxy }}"
+    no_proxy: "{{ download_artifact_no_proxy }}"
 
 - name: Extract archive
   when: download_artifact_unarchive and not ansible_check_mode