Commit f729006
fix(control-plane): wire ProxyFromEnvironment into default HTTP transport
installServiceCAIntoDefaultTransport replaced http.DefaultTransport with a
bare &http.Transport{TLSClientConfig: ...} that had no Proxy field set.
Go's net/http silently ignores HTTPS_PROXY/HTTP_PROXY env vars when the
transport's Proxy field is nil, causing all outbound connections to go
direct instead of through the cluster egress proxy.
This manifested as the OIDC token fetch to sso.redhat.com timing out after
~9 minutes (raw TCP connect timeout) despite the proxy env vars being
present on the pod.
Fix: set Proxy: http.ProxyFromEnvironment and restore the standard
DefaultTransport dialer/timeout fields that the bare struct initializer
was silently zeroing out.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>1 parent 7202c50 commit f729006
1 file changed
Lines changed: 9 additions & 0 deletions
Lines changed: 9 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| 8 | + | |
8 | 9 | | |
9 | 10 | | |
10 | 11 | | |
11 | 12 | | |
| 13 | + | |
12 | 14 | | |
13 | 15 | | |
14 | 16 | | |
| |||
216 | 218 | | |
217 | 219 | | |
218 | 220 | | |
| 221 | + | |
| 222 | + | |
| 223 | + | |
| 224 | + | |
| 225 | + | |
| 226 | + | |
| 227 | + | |
219 | 228 | | |
220 | 229 | | |
221 | 230 | | |
| |||
0 commit comments