Commit 1fe1010
Redesign cli-proxy: connect to external DIFC proxy started by compiler (#1809)
* Initial plan
* feat: redesign cli-proxy to connect to external DIFC proxy
Replace internal mcpg container management with external DIFC proxy
connection. The gh-aw compiler now starts mcpg on the host; AWF only
launches the cli-proxy container and connects via TCP tunnel.
New CLI flags:
- --difc-proxy-host <host:port>: connect to external DIFC proxy
- --difc-proxy-ca-cert <path>: TLS CA cert from DIFC proxy
Removed CLI flags:
- --enable-cli-proxy
- --cli-proxy-writable
- --cli-proxy-policy
- --cli-proxy-mcpg-image
Key changes:
- Remove mcpg service from Docker Compose generation
- cli-proxy gets its own IP (172.30.0.50) with extra_hosts
- TCP tunnel forwards localhost to host DIFC proxy for TLS
- Write control delegated to DIFC guard policy
- Remove cli-proxy-tls named volume (CA cert bind-mounted)
- Update all tests (1374 pass)
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/a38ec447-a23c-4104-be85-bd7328c48559
* docs: update gh-cli-proxy-design.md for external DIFC proxy
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/a38ec447-a23c-4104-be85-bd7328c48559
* fix: address review feedback for cli-proxy redesign
- Add port validation and error logging to tcp-tunnel.js
- Make NODE_EXTRA_CA_CERTS conditional on cert existence
- Fix CLI help text for --difc-proxy-ca-cert
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/a38ec447-a23c-4104-be85-bd7328c48559
* fix: apply PR review feedback for cli-proxy redesign
- Use URL-based parser for difcProxyHost (IPv6 support)
- Add host iptables rule for cli-proxy → DIFC proxy port
- Add 'alias' to ALWAYS_DENIED_SUBCOMMANDS (shell exec)
- Fail fast when CA cert not found in entrypoint.sh
- Add server.on('error') handler in tcp-tunnel.js
- Rename --enable-cli-proxy to --difc-proxy in predownload
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/11e4f4ef-6a07-4318-9e6f-aba436bd9590
* refactor: extract parseDifcProxyHost to shared utility
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/11e4f4ef-6a07-4318-9e6f-aba436bd9590
* fix: remove CA cert poll loop, update stale flag comments
The CA cert is now a bind mount (not generated at runtime by mcpg),
so it's immediately available at container start. Replace the 30s
polling loop with a single existence check for faster startup.
Also update stale comments referencing --enable-cli-proxy to
--difc-proxy-host in setup-iptables.sh and gh-cli-proxy-wrapper.sh.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Potential fix for pull request finding 'CodeQL / Log injection'
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Landon Cox <landon.cox@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>1 parent acffaea commit 1fe1010
File tree
20 files changed
+516
-910
lines changed- containers
- agent
- cli-proxy
- docs
- src
- commands
- tests
- fixtures
- integration
20 files changed
+516
-910
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
| 5 | + | |
6 | 6 | | |
7 | 7 | | |
8 | 8 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
174 | 174 | | |
175 | 175 | | |
176 | 176 | | |
177 | | - | |
| 177 | + | |
178 | 178 | | |
179 | 179 | | |
180 | 180 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
5 | | - | |
6 | | - | |
7 | | - | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
8 | 7 | | |
9 | 8 | | |
10 | 9 | | |
| |||
25 | 24 | | |
26 | 25 | | |
27 | 26 | | |
28 | | - | |
| 27 | + | |
29 | 28 | | |
30 | 29 | | |
31 | 30 | | |
| |||
38 | 37 | | |
39 | 38 | | |
40 | 39 | | |
41 | | - | |
| 40 | + | |
42 | 41 | | |
43 | 42 | | |
44 | 43 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
4 | | - | |
5 | | - | |
6 | | - | |
7 | | - | |
8 | | - | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
9 | 8 | | |
10 | 9 | | |
11 | 10 | | |
12 | 11 | | |
13 | 12 | | |
| 13 | + | |
14 | 14 | | |
15 | | - | |
16 | | - | |
17 | | - | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
18 | 18 | | |
19 | | - | |
| 19 | + | |
20 | 20 | | |
21 | | - | |
22 | | - | |
23 | | - | |
24 | | - | |
25 | | - | |
26 | | - | |
27 | | - | |
28 | | - | |
29 | | - | |
30 | | - | |
31 | | - | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
32 | 26 | | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
33 | 31 | | |
34 | | - | |
| 32 | + | |
| 33 | + | |
35 | 34 | | |
36 | 35 | | |
| 36 | + | |
37 | 37 | | |
38 | | - | |
39 | | - | |
40 | | - | |
41 | | - | |
42 | | - | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
43 | 42 | | |
| 43 | + | |
| 44 | + | |
44 | 45 | | |
45 | | - | |
| 46 | + | |
46 | 47 | | |
47 | | - | |
| 48 | + | |
48 | 49 | | |
49 | 50 | | |
50 | 51 | | |
51 | 52 | | |
52 | 53 | | |
53 | 54 | | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
54 | 59 | | |
55 | 60 | | |
56 | 61 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
10 | | - | |
11 | 10 | | |
12 | 11 | | |
13 | 12 | | |
| 13 | + | |
14 | 14 | | |
15 | | - | |
16 | | - | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
17 | 18 | | |
18 | 19 | | |
19 | 20 | | |
| |||
23 | 24 | | |
24 | 25 | | |
25 | 26 | | |
26 | | - | |
27 | | - | |
28 | | - | |
29 | | - | |
30 | | - | |
31 | | - | |
32 | | - | |
33 | | - | |
34 | | - | |
35 | | - | |
36 | | - | |
37 | | - | |
38 | | - | |
39 | | - | |
40 | | - | |
41 | | - | |
42 | | - | |
43 | | - | |
44 | | - | |
45 | | - | |
46 | | - | |
47 | | - | |
48 | | - | |
49 | | - | |
50 | | - | |
51 | | - | |
52 | | - | |
53 | | - | |
54 | | - | |
55 | | - | |
56 | | - | |
57 | | - | |
58 | | - | |
59 | | - | |
60 | | - | |
61 | | - | |
62 | | - | |
63 | | - | |
64 | | - | |
65 | | - | |
66 | | - | |
67 | | - | |
68 | | - | |
69 | | - | |
70 | | - | |
71 | | - | |
72 | | - | |
73 | | - | |
74 | | - | |
75 | | - | |
76 | | - | |
77 | | - | |
78 | | - | |
79 | 27 | | |
80 | | - | |
| 28 | + | |
81 | 29 | | |
82 | 30 | | |
83 | 31 | | |
| 32 | + | |
84 | 33 | | |
85 | 34 | | |
86 | 35 | | |
87 | 36 | | |
88 | 37 | | |
89 | 38 | | |
90 | | - | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
91 | 42 | | |
92 | 43 | | |
93 | | - | |
94 | 44 | | |
95 | 45 | | |
96 | | - | |
| 46 | + | |
97 | 47 | | |
98 | 48 | | |
99 | 49 | | |
| |||
105 | 55 | | |
106 | 56 | | |
107 | 57 | | |
108 | | - | |
109 | | - | |
110 | | - | |
111 | | - | |
112 | | - | |
113 | 58 | | |
114 | | - | |
115 | 59 | | |
116 | 60 | | |
117 | 61 | | |
| |||
125 | 69 | | |
126 | 70 | | |
127 | 71 | | |
128 | | - | |
129 | 72 | | |
130 | 73 | | |
131 | 74 | | |
| |||
140 | 83 | | |
141 | 84 | | |
142 | 85 | | |
143 | | - | |
144 | | - | |
145 | | - | |
146 | | - | |
147 | | - | |
148 | | - | |
149 | | - | |
150 | | - | |
151 | | - | |
152 | | - | |
153 | | - | |
154 | | - | |
155 | | - | |
156 | | - | |
157 | | - | |
158 | | - | |
159 | | - | |
160 | | - | |
161 | | - | |
162 | | - | |
163 | | - | |
164 | | - | |
165 | 86 | | |
166 | 87 | | |
167 | 88 | | |
| |||
221 | 142 | | |
222 | 143 | | |
223 | 144 | | |
224 | | - | |
| 145 | + | |
225 | 146 | | |
226 | 147 | | |
227 | 148 | | |
| |||
261 | 182 | | |
262 | 183 | | |
263 | 184 | | |
264 | | - | |
| 185 | + | |
265 | 186 | | |
266 | 187 | | |
267 | 188 | | |
| |||
364 | 285 | | |
365 | 286 | | |
366 | 287 | | |
367 | | - | |
| 288 | + | |
368 | 289 | | |
369 | 290 | | |
370 | 291 | | |
| |||
373 | 294 | | |
374 | 295 | | |
375 | 296 | | |
376 | | - | |
| 297 | + | |
0 commit comments