runtime/client: add util func to check conn options compatibility wit…

…h env

Add `CheckEnvironmentCompatibility()` to check whether the configured
connection options are compatible with the environment, by checking env
vars like `HTTP_PROXY` and `HTTPS_PROXY`.

Signed-off-by: Sanskar Jaiswal <[email protected]>

runtime/controller/connection.go

@@ -16,9 +16,19 @@ limitations under the License.
 
 package controller
 
-import "github.com/spf13/pflag"
+import (
+	"fmt"
+	"net/url"
+	"os"
 
-const flagInsecureAllowHTTP = "insecure-allow-http"
+	"github.com/spf13/pflag"
+)
+
+const (
+	flagInsecureAllowHTTP = "insecure-allow-http"
+	EnvVarHTTPProxy       = "HTTP_PROXY"
+	EnvVarHTTPSProxy      = "HTTPS_PROXY"
+)
 
 // ConnectionOptions defines the configurable options for outbound connections
 // opened by reconcilers.
@@ -34,3 +44,24 @@ func (o *ConnectionOptions) BindFlags(fs *pflag.FlagSet) {
 	fs.BoolVar(&o.AllowHTTP, flagInsecureAllowHTTP, true,
 		"Allow the controller to make HTTP requests to external services like insecure Git servers, container registries, etc.")
 }
+
+// CheckEnvironmentCompatibility checks if the enviornment is compatible with
+// the configured connection options.
+func (o *ConnectionOptions) CheckEnvironmentCompatibility() error {
+	if !o.AllowHTTP {
+		if os.Getenv(EnvVarHTTPProxy) != "" {
+			return fmt.Errorf("usage of HTTP requests is blocked but found %s env var to be non-empty.", EnvVarHTTPProxy)
+		}
+
+		if addr := os.Getenv(EnvVarHTTPSProxy); addr != "" {
+			proxy, err := url.Parse(addr)
+			if err != nil {
+				return fmt.Errorf("unable to parse address specified in the %s env var: %w", EnvVarHTTPSProxy, err)
+			}
+			if proxy.Scheme == "http" {
+				return fmt.Errorf("usage of HTTP requests is blocked but found an HTTP address in the %s env var.", EnvVarHTTPSProxy)
+			}
+		}
+	}
+	return nil
+}