logcli: live tail does not work with https proxiesย #6499
Description
Describe the bug
Followup issue as requested from: #6484 (review)
Support for connecting through http and https forward/CONNECT-style proxies was added to logcli in #6484 with the --proxy-url flag. The current state is that both http:// and https:// proxies are supported for standard lookups. However when -t (follow/tail) is used only http:// proxies work as expected. If an https:// proxy is used the websocket proxy code in gorilla/websocket library will fail with:
Tailing logs failed: proxy: unknown scheme: https
There are a couple open issues and PR about adding https proxy support to gorilla/websocket. One in particular that I have tested as working as expected with logcli is gorilla/websocket#740
This can be swapped in by modifying go.mod:
replace github.com/gorilla/websocket v1.4.2 => github.com/philipatl/websocket v1.4.3-0.20211206152948-d16969baa130
It is not clear when upstream gorilla/websocket will finish the work to bring in support for https proxies. It's apparent they intend to support this since there is some existing code in place, but it's not complete nor working yet.
To Reproduce
Steps to reproduce the behavior:
- use a build of
logclifrom this PR or later: logcli: add --proxy-url flag for http/https proxy supportย #6484 - You will need a connect-style proxy like envoy or squid setup in front of loki to fully test this
- Run a command such as:
logcli \
--addr="https://loki-distributed-querier.loki.svc.cluster.local.:3100/" \
--proxy-url "https://envoy.dom.tld/" \
--cert tls.crt \
--key tls.key \
--ca-cert ca.crt \
-f \
query '{app="foo"}'
Expected behavior
Tailing of logs should work as expected as if no --proxy-url was specified.
Environment:
- Infrastructure: Kubernetes