engineerd · chaijmin · Feb 6, 2023
diff --git a/cmd/main.go b/cmd/main.go
@@ -17,6 +17,7 @@ var (
 	trustDir    string
 	logLevel    string
 	timeout     string
+	proxyURL    string
 
 	insecure bool
 	useHTTP  bool
@@ -42,6 +43,7 @@ func main() {
 	cmd.PersistentFlags().StringVarP(&timeout, "timeout", "t", "5s", `Timeout for the trust server`)
 	cmd.PersistentFlags().BoolVarP(&insecure, "insecure", "", false, "Allow connections to SSL registry without certs")
 	cmd.PersistentFlags().BoolVarP(&useHTTP, "use-http", "", false, "Use plain http instead of https")
+	cmd.PersistentFlags().StringVarP(&proxyURL, "proxy", "", "", `Allow connections to use proxy server`)
 
 	cmd.AddCommand(newPushCmd(), newPullCmd())
 	if err := cmd.Execute(); err != nil {

diff --git a/cmd/pull.go b/cmd/pull.go
@@ -34,7 +34,7 @@ func newPullCmd() *cobra.Command {
 }
 
 func (p *pullOptions) run() error {
-	err := oci.Pull(p.ref, p.outFile, insecure, useHTTP)
+	err := oci.Pull(p.ref, p.outFile, proxyURL, insecure, useHTTP)
 	if err != nil {
 		return err
 	}

diff --git a/cmd/push.go b/cmd/push.go
@@ -45,5 +45,5 @@ func (p *pushOptions) run() error {
 
 	}
 
-	return oci.Push(p.ref, p.module, insecure, useHTTP)
+	return oci.Push(p.ref, p.module, proxyURL, insecure, useHTTP)
 }
diff --git a/pkg/oci/pull.go b/pkg/oci/pull.go
@@ -8,8 +8,8 @@ import (
 )
 
 // Pull pulls a Wasm module from an OCI registry given a reference
-func Pull(ref, outFile string, insecure, useHTTP bool) error {
-	ctx, resolver, store := newORASContext(insecure, useHTTP)
+func Pull(ref, outFile string, proxyURL string, insecure, useHTTP bool) error {
+	ctx, resolver, store := newORASContext(proxyURL, insecure, useHTTP)
 
 	pullOpts := []oras.PullOpt{
 		oras.WithAllowedMediaType(ContentLayerMediaType),

diff --git a/pkg/oci/push.go b/pkg/oci/push.go
@@ -9,8 +9,8 @@ import (
 )
 
 // Push pushes a WASM module to an OCI registry
-func Push(ref, module string, insecure, useHTTP bool) error {
-	ctx, resolver, store := newORASContext(insecure, useHTTP)
+func Push(ref, module string, proxyURL string, insecure, useHTTP bool) error {
+	ctx, resolver, store := newORASContext(proxyURL, insecure, useHTTP)
 
 	contents, err := ioutil.ReadFile(module)
 	if err != nil {

diff --git a/pkg/oci/utils.go b/pkg/oci/utils.go
@@ -5,6 +5,7 @@ import (
 	"crypto/tls"
 	"fmt"
 	"net/http"
+	"net/url"
 	"os"
 
 	"github.com/containerd/containerd/remotes"
@@ -14,22 +15,34 @@ import (
 	orasctx "oras.land/oras-go/pkg/context"
 )
 
-func newORASContext(insecure, useHTTP bool) (context.Context, remotes.Resolver, *orascnt.Memorystore) {
+func newORASContext(proxyURL string, insecure, useHTTP bool) (context.Context, remotes.Resolver, *orascnt.Memorystore) {
+	var transport *http.Transport
 	ctx := orasctx.Background()
 	memoryStore := orascnt.NewMemoryStore()
 	cli, err := auth.NewClient()
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "WARNING: Error loading auth file: %v\n", err)
 	}
 
-	client := http.DefaultClient
 	if insecure {
-		client.Transport = &http.Transport{
+		transport = &http.Transport{
 			TLSClientConfig: &tls.Config{
 				InsecureSkipVerify: true,
 			},
 		}
 	}
+	if proxyURL != "" {
+		if transport == nil {
+			transport = &http.Transport{}
+		}
+		proxyURLParse, _ := url.Parse(proxyURL)
+		transport.Proxy = http.ProxyURL(proxyURLParse)
+	}
+
+	if transport == nil {
+		transport = &http.Transport{}
+	}
+	client := &http.Client{Transport: transport}
 
 	resolver, err := cli.Resolver(context.Background(), client, useHTTP)
 	if err != nil {
-Original file line number
+Diff line change
@@ Expand Up / @@ -45,5 +45,5 @@ func (p *pushOptions) run() error { @@
     	}
-    	return oci.Push(p.ref, p.module, insecure, useHTTP)
+    	return oci.Push(p.ref, p.module, proxyURL, insecure, useHTTP)
     }