Skip to content

Commit 00bba13

Browse files
criamicokibanamachineelasticmachine
authored
[Fleet] Add proxy ssl options to download sources (#241115)
Fixes #235050 ## Summary Currently, when a proxy is chosen from download source settings, its SSL/TLS options are ignored - only the proxy url is passed. This part was never implemented a left a gap for users that try to set up a proxy with TLS options. This PR adds all the fields from the proxy to the `agent.download` section of the generated agent policy and does some additional changes to the UI. ### Testing - Create a new proxy from settings and make sure that it has SSL options. Note that we currently don't support secrets yet, there is a separate ticket for it: #208748 - Create a new download source entry and apply the proxy. With a proxy selected, the Authentication section and all its children are disabled to avoid errors: <img width="800" height="601" alt="Screenshot 2025-10-29 at 12 40 43" src="https://github.com/user-attachments/assets/fa03bfc3-3de8-4f13-9fa3-f0dca5c940e7" /> - Verify that the generated agent policy contains the data from the proxy: <img width="807" height="477" alt="Screenshot 2025-10-29 at 12 26 48" src="https://github.com/user-attachments/assets/63d063ab-6bad-4035-b630-b5607d797989" /> - Verify also in the agent policy that the values are correct ### Checklist - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Elastic Machine <[email protected]>
1 parent 3faf8f7 commit 00bba13

File tree

12 files changed

+310
-70
lines changed

12 files changed

+310
-70
lines changed

oas_docs/bundle.json

Lines changed: 56 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17671,6 +17671,26 @@
1767117671
"download": {
1767217672
"additionalProperties": false,
1767317673
"properties": {
17674+
"proxy_headers": {
17675+
"additionalProperties": {
17676+
"anyOf": [
17677+
{
17678+
"type": "string"
17679+
},
17680+
{
17681+
"type": "boolean"
17682+
},
17683+
{
17684+
"type": "number"
17685+
}
17686+
]
17687+
},
17688+
"nullable": true,
17689+
"type": "object"
17690+
},
17691+
"proxy_url": {
17692+
"type": "string"
17693+
},
1767417694
"secrets": {
1767517695
"additionalProperties": true,
1767617696
"properties": {
@@ -17880,7 +17900,23 @@
1788017900
},
1788117901
"type": "array"
1788217902
},
17883-
"proxy_headers": {},
17903+
"proxy_headers": {
17904+
"additionalProperties": {
17905+
"anyOf": [
17906+
{
17907+
"type": "string"
17908+
},
17909+
{
17910+
"type": "boolean"
17911+
},
17912+
{
17913+
"type": "number"
17914+
}
17915+
]
17916+
},
17917+
"nullable": true,
17918+
"type": "object"
17919+
},
1788417920
"proxy_url": {
1788517921
"type": "string"
1788617922
},
@@ -17934,8 +17970,7 @@
1793417970
}
1793517971
},
1793617972
"required": [
17937-
"hosts",
17938-
"proxy_headers"
17973+
"hosts"
1793917974
],
1794017975
"type": "object"
1794117976
},
@@ -18141,7 +18176,23 @@
1814118176
},
1814218177
"type": "array"
1814318178
},
18144-
"proxy_headers": {},
18179+
"proxy_headers": {
18180+
"additionalProperties": {
18181+
"anyOf": [
18182+
{
18183+
"type": "string"
18184+
},
18185+
{
18186+
"type": "boolean"
18187+
},
18188+
{
18189+
"type": "number"
18190+
}
18191+
]
18192+
},
18193+
"nullable": true,
18194+
"type": "object"
18195+
},
1814518196
"proxy_url": {
1814618197
"type": "string"
1814718198
},
@@ -18150,8 +18201,7 @@
1815018201
}
1815118202
},
1815218203
"required": [
18153-
"type",
18154-
"proxy_headers"
18204+
"type"
1815518205
],
1815618206
"type": "object"
1815718207
},
@@ -46292,7 +46342,6 @@
4629246342
}
4629346343
},
4629446344
"required": [
46295-
"proxy_headers",
4629646345
"certificate_authorities",
4629746346
"certificate",
4629846347
"certificate_key"

oas_docs/bundle.serverless.json

Lines changed: 56 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17671,6 +17671,26 @@
1767117671
"download": {
1767217672
"additionalProperties": false,
1767317673
"properties": {
17674+
"proxy_headers": {
17675+
"additionalProperties": {
17676+
"anyOf": [
17677+
{
17678+
"type": "string"
17679+
},
17680+
{
17681+
"type": "boolean"
17682+
},
17683+
{
17684+
"type": "number"
17685+
}
17686+
]
17687+
},
17688+
"nullable": true,
17689+
"type": "object"
17690+
},
17691+
"proxy_url": {
17692+
"type": "string"
17693+
},
1767417694
"secrets": {
1767517695
"additionalProperties": true,
1767617696
"properties": {
@@ -17880,7 +17900,23 @@
1788017900
},
1788117901
"type": "array"
1788217902
},
17883-
"proxy_headers": {},
17903+
"proxy_headers": {
17904+
"additionalProperties": {
17905+
"anyOf": [
17906+
{
17907+
"type": "string"
17908+
},
17909+
{
17910+
"type": "boolean"
17911+
},
17912+
{
17913+
"type": "number"
17914+
}
17915+
]
17916+
},
17917+
"nullable": true,
17918+
"type": "object"
17919+
},
1788417920
"proxy_url": {
1788517921
"type": "string"
1788617922
},
@@ -17934,8 +17970,7 @@
1793417970
}
1793517971
},
1793617972
"required": [
17937-
"hosts",
17938-
"proxy_headers"
17973+
"hosts"
1793917974
],
1794017975
"type": "object"
1794117976
},
@@ -18141,7 +18176,23 @@
1814118176
},
1814218177
"type": "array"
1814318178
},
18144-
"proxy_headers": {},
18179+
"proxy_headers": {
18180+
"additionalProperties": {
18181+
"anyOf": [
18182+
{
18183+
"type": "string"
18184+
},
18185+
{
18186+
"type": "boolean"
18187+
},
18188+
{
18189+
"type": "number"
18190+
}
18191+
]
18192+
},
18193+
"nullable": true,
18194+
"type": "object"
18195+
},
1814518196
"proxy_url": {
1814618197
"type": "string"
1814718198
},
@@ -18150,8 +18201,7 @@
1815018201
}
1815118202
},
1815218203
"required": [
18153-
"type",
18154-
"proxy_headers"
18204+
"type"
1815518205
],
1815618206
"type": "object"
1815718207
},
@@ -46292,7 +46342,6 @@
4629246342
}
4629346343
},
4629446344
"required": [
46295-
"proxy_headers",
4629646345
"certificate_authorities",
4629746346
"certificate",
4629846347
"certificate_key"

oas_docs/output/kibana.serverless.yaml

Lines changed: 26 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -25512,6 +25512,16 @@ paths:
2551225512
additionalProperties: false
2551325513
type: object
2551425514
properties:
25515+
proxy_headers:
25516+
additionalProperties:
25517+
anyOf:
25518+
- type: string
25519+
- type: boolean
25520+
- type: number
25521+
nullable: true
25522+
type: object
25523+
proxy_url:
25524+
type: string
2551525525
secrets:
2551625526
additionalProperties: true
2551725527
type: object
@@ -25653,7 +25663,14 @@ paths:
2565325663
items:
2565425664
type: string
2565525665
type: array
25656-
proxy_headers: {}
25666+
proxy_headers:
25667+
additionalProperties:
25668+
anyOf:
25669+
- type: string
25670+
- type: boolean
25671+
- type: number
25672+
nullable: true
25673+
type: object
2565725674
proxy_url:
2565825675
type: string
2565925676
secrets:
@@ -25690,7 +25707,6 @@ paths:
2569025707
type: string
2569125708
required:
2569225709
- hosts
25693-
- proxy_headers
2569425710
- additionalProperties: false
2569525711
type: object
2569625712
properties:
@@ -25827,14 +25843,20 @@ paths:
2582725843
items:
2582825844
type: string
2582925845
type: array
25830-
proxy_headers: {}
25846+
proxy_headers:
25847+
additionalProperties:
25848+
anyOf:
25849+
- type: string
25850+
- type: boolean
25851+
- type: number
25852+
nullable: true
25853+
type: object
2583125854
proxy_url:
2583225855
type: string
2583325856
type:
2583425857
type: string
2583525858
required:
2583625859
- type
25837-
- proxy_headers
2583825860
type: object
2583925861
processors:
2584025862
additionalProperties: {}
@@ -45794,7 +45816,6 @@ paths:
4579445816
url:
4579545817
type: string
4579645818
required:
45797-
- proxy_headers
4579845819
- certificate_authorities
4579945820
- certificate
4580045821
- certificate_key

oas_docs/output/kibana.yaml

Lines changed: 26 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -28065,6 +28065,16 @@ paths:
2806528065
additionalProperties: false
2806628066
type: object
2806728067
properties:
28068+
proxy_headers:
28069+
additionalProperties:
28070+
anyOf:
28071+
- type: string
28072+
- type: boolean
28073+
- type: number
28074+
nullable: true
28075+
type: object
28076+
proxy_url:
28077+
type: string
2806828078
secrets:
2806928079
additionalProperties: true
2807028080
type: object
@@ -28206,7 +28216,14 @@ paths:
2820628216
items:
2820728217
type: string
2820828218
type: array
28209-
proxy_headers: {}
28219+
proxy_headers:
28220+
additionalProperties:
28221+
anyOf:
28222+
- type: string
28223+
- type: boolean
28224+
- type: number
28225+
nullable: true
28226+
type: object
2821028227
proxy_url:
2821128228
type: string
2821228229
secrets:
@@ -28243,7 +28260,6 @@ paths:
2824328260
type: string
2824428261
required:
2824528262
- hosts
28246-
- proxy_headers
2824728263
- additionalProperties: false
2824828264
type: object
2824928265
properties:
@@ -28380,14 +28396,20 @@ paths:
2838028396
items:
2838128397
type: string
2838228398
type: array
28383-
proxy_headers: {}
28399+
proxy_headers:
28400+
additionalProperties:
28401+
anyOf:
28402+
- type: string
28403+
- type: boolean
28404+
- type: number
28405+
nullable: true
28406+
type: object
2838428407
proxy_url:
2838528408
type: string
2838628409
type:
2838728410
type: string
2838828411
required:
2838928412
- type
28390-
- proxy_headers
2839128413
type: object
2839228414
processors:
2839328415
additionalProperties: {}
@@ -48347,7 +48369,6 @@ paths:
4834748369
url:
4834848370
type: string
4834948371
required:
48350-
- proxy_headers
4835148372
- certificate_authorities
4835248373
- certificate
4835348374
- certificate_key

x-pack/platform/plugins/shared/fleet/common/types/models/agent_policy.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -193,6 +193,8 @@ export interface FullAgentPolicyDownload {
193193
sourceURI: string;
194194
ssl?: BaseSSLConfig;
195195
secrets?: BaseSSLSecrets;
196+
proxy_url?: string;
197+
proxy_headers?: any;
196198
}
197199

198200
export interface FullAgentPolicy {

x-pack/platform/plugins/shared/fleet/public/applications/fleet/sections/settings/components/download_source_flyout/index.tsx

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ export const EditDownloadSourceFlyout: React.FunctionComponent<EditDownloadSourc
202202
helpText={
203203
<FormattedMessage
204204
id="xpack.fleet.settings.editDownloadSourcesFlyout.proxyInputDescription"
205-
defaultMessage="Proxy used for accessing the download source. Currently only the proxy URL is used, headers and certificates are not supported."
205+
defaultMessage="Proxy used for accessing the download source. When selected, the SSL settings and headers from the proxy will be used."
206206
/>
207207
}
208208
>

0 commit comments

Comments
 (0)