Add HTTP_PROXY support for gpg

[ibcht]

Currently, the cypress/factory base image can't be used behind a corporate proxy. The reason is gpg not taking into account HTTP_PROXY environment variable at build time, so hkps protocol is failing.

This PR aims to fix the issue #1003.

To set-up proxy, you now have have to provide HTTP_PROXY build-arg (which is a Dockerfile predefined arg).

NB: I think that HTTPS_PROXY would be more accurate to use for hpks (443), but as gpg only has keyserver option for http_proxy, it might be preferable to stick with standard HTTP_PROXY (in my use case they use the same proxy url).

[CLAassistant]

All committers have signed the CLA.

[cypress-app-bot]

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.

[MikeMcC399]

@ibcht

Since this PR affects the install scripts it would need to bump the factory version and have a corresponding entry in the change log.

cypress-docker-images/factory/.env

Lines 19 to 21 in 15838fb

	# Update the FACTORY_VERSION to deploy cypress/factory if you make changes to
	# BASE_IMAGE, FACTORY_DEFAULT_NODE_VERSION, YARN_VERSION, factory.Dockerfile or installScripts
	FACTORY_VERSION='5.1.2'

https://github.com/cypress-io/cypress-docker-images/blob/master/factory/CHANGELOG.md

I don't know if it would be possible to test this addition in CI (apart from testing that it doesn't break anything when no HTTP_PROXY is defined). Perhaps the Cypress.io team has some experience here they could add?

If not, and there has already been some response from the Cypress.io team, perhaps you could show some logs from a working external environment using a proxy?

I'm not in an environment where I use a proxy, so I can't review the PR in a detailed way though.

[ibcht]

@ibcht

Since this PR affects the install scripts it would need to bump the factory version and have a corresponding entry in the change log.

cypress-docker-images/factory/.env

Lines 19 to 21 in 15838fb

	# Update the FACTORY_VERSION to deploy cypress/factory if you make changes to
	# BASE_IMAGE, FACTORY_DEFAULT_NODE_VERSION, YARN_VERSION, factory.Dockerfile or installScripts
	FACTORY_VERSION='5.1.2'

https://github.com/cypress-io/cypress-docker-images/blob/master/factory/CHANGELOG.md

I don't know if it would be possible to test this addition in CI (apart from testing that it doesn't break anything when no HTTP_PROXY is defined). Perhaps the Cypress.io team has some experience here they could add?

If not, and there has already been some response from the Cypress.io team, perhaps you could show some logs from a working external environment using a proxy?

I'm not in an environment where I use a proxy, so I can't review the PR in a detailed way though.

Hi @MikeMcC399, thanks for your comment. I will update the changelog as recommended.

Regarding the testing of this contribution, I can definitely share some logs. Also, maybe the users who also reported the issue (#1003) could validate this PR on their side as well. But as this is an environment related option, adding a custom test this to the CircleCI tests looks difficult.

Also, I must admit that since the default.sh file has been updated, this comment is not true anymore as it doesn't reflect the upstream docker-node Dockerfile (https://github.com/nodejs/docker-node/blob/main/20/bookworm-slim/Dockerfile). I don't know if it is acceptable, at least I can add a comment if needed.

[MikeMcC399]

@ibcht

Regarding the testing of this contribution, I can definitely share some logs. Also, maybe the users who also reported the issue (#1003) could validate this PR on their side as well. But as this is an environment related option, adding a custom test this to the CircleCI tests looks difficult.

• @KozelAnatoliy was the submitter of Add http proxy options provisioning for gpg #1003

Also, I must admit that since the default.sh file has been updated, this comment is not true anymore as it doesn't reflect the upstream docker-node Dockerfile (https://github.com/nodejs/docker-node/blob/main/20/bookworm-slim/Dockerfile). I don't know if it is acceptable, at least I can add a comment if needed.

The code was no longer exactly the same even before your PR. I would suggest to add a comment about your change below the other comments.

cypress-docker-images/factory/installScripts/node/default.sh

Lines 6 to 7 in 15838fb

	# The following is borrowed from https://github.com/nodejs/docker-node/blob/main/20/bookworm-slim/Dockerfile
	# Node.js GPG keys are taken from https://github.com/nodejs/node/

One other small suggestion:

In your original posting you write:

This PR aims to fix the issue #1003.

If you write instead:

- This PR aims to fix #1003

then it will automatically link the PR and the issue, and it will pull in a dynamic link of the issue's description into the text as well, similar to the following:

• This PR aims to fix Add http proxy options provisioning for gpg #1003

[ibcht]

Hi @MikeMcC399,

Thanks for your feedback and advices. Latest commit :

• Changelog has been updated
• I added the comment in default.sh file as well
• I also found that the same issue needed to be addressed for yarn scripts (I tested against the all-included image, which indeed covers more cases)

Please feel free to adapt if necessary.

I have proceed to test with and without the feature. Please note that all my containers are launched with HTTP_PROXY set by default, so I didn't have to mention the ARG at build time.

Launching this command ...

FACTORY_VERSION=5.1.2 BUILDKIT_PROGRESS=plain docker compose build test-factory-all-included | tee build-behind-proxy-without-feature.log

I get this output :

#0 building with "default" instance using docker driver

#1 [test-factory-all-included internal] load build definition from included.Dockerfile
#1 transferring dockerfile: 188B done
#1 DONE 0.0s

#2 [test-factory-all-included internal] load metadata for docker.io/cypress/factory:5.1.2
#2 DONE 1.2s

#3 [test-factory-all-included internal] load .dockerignore
#3 transferring context: 2B done
#3 DONE 0.0s

#4 [test-factory-all-included internal] load build context
#4 transferring context: 214.86kB 0.0s done
#4 DONE 0.0s

#5 [test-factory-all-included 1/4] FROM docker.io/cypress/factory:5.1.2@sha256:acde6584f284343028f29eff6045ac1212f8d2f801efe95e9fba05fd91a7b1ec
#5 resolve docker.io/cypress/factory:5.1.2@sha256:acde6584f284343028f29eff6045ac1212f8d2f801efe95e9fba05fd91a7b1ec done
#5 sha256:7fc4daa7f6c36245fc3e18d1633198fef71233f5a9d5240f6f3fd1b41a9f31a1 899B / 899B done
#5 sha256:8d0740a029763a0a99b717c38fd85acd1c767c599e691e3158f168be4dca12ac 3.09kB / 3.09kB done
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 0B / 163.15MB 0.1s
#5 sha256:4c1c3eb1591a9b953a2a465fea1df3a3bf56180c66088e28eb0cf24870ae9366 0B / 4.66kB 0.1s
#5 sha256:acde6584f284343028f29eff6045ac1212f8d2f801efe95e9fba05fd91a7b1ec 683B / 683B done
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 12.58MB / 163.15MB 0.4s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 23.07MB / 163.15MB 0.5s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 44.04MB / 163.15MB 0.7s
#5 sha256:4c1c3eb1591a9b953a2a465fea1df3a3bf56180c66088e28eb0cf24870ae9366 4.66kB / 4.66kB 0.6s done
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 53.48MB / 163.15MB 0.8s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 66.06MB / 163.15MB 0.9s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 91.23MB / 163.15MB 1.1s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 101.71MB / 163.15MB 1.2s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 121.63MB / 163.15MB 1.4s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 132.12MB / 163.15MB 1.5s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 144.70MB / 163.15MB 1.6s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 163.15MB / 163.15MB 1.8s
#5 sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 163.15MB / 163.15MB 1.9s done
#5 extracting sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe
#5 extracting sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 5.1s
#5 extracting sha256:2a9ec7478fa3993eb2cd5a88ebb2cab69b2608b389ac767aa921070db9ae8dbe 9.6s done
#5 extracting sha256:4c1c3eb1591a9b953a2a465fea1df3a3bf56180c66088e28eb0cf24870ae9366
#5 extracting sha256:4c1c3eb1591a9b953a2a465fea1df3a3bf56180c66088e28eb0cf24870ae9366 done
#5 DONE 11.9s

#6 [test-factory-all-included 2/4] RUN bash /opt/installScripts/node/install-node-version.sh 22.13.0
#6 0.710 Installing Node version: 22.13.0
#6 0.838 ++ apt-mark showmanual
#6 2.116 + savedAptMark='bzip2
#6 2.116 ca-certificates
#6 2.116 curl
#6 2.116 dirmngr
#6 2.116 git
#6 2.116 gnupg
#6 2.116 libasound2
#6 2.116 libatk-bridge2.0-0
#6 2.116 libatk1.0-0
#6 2.116 libcups2
#6 2.116 libgbm1
#6 2.116 libglib2.0-0
#6 2.116 libgtk-3-0
#6 2.116 libnss3
#6 2.116 openssh-client
#6 2.116 openssl
#6 2.116 procps
#6 2.116 unzip
#6 2.116 wget
#6 2.116 xvfb
#6 2.116 zstd'
#6 2.116 + apt-get update
#6 2.304 Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
#6 2.362 Get:2 http://deb.debian.org/debian bookworm-updates InRelease [55.4 kB]
#6 2.419 Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
#6 2.922 Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8792 kB]
#6 3.071 Get:5 http://deb.debian.org/debian-security bookworm-security/main amd64 Packages [241 kB]
#6 4.697 Fetched 9288 kB in 3s (3700 kB/s)
#6 4.697 Reading package lists...
#6 5.615 + apt-get install -y curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends
#6 5.624 Reading package lists...
#6 6.496 Building dependency tree...
#6 6.684 Reading state information...
#6 6.953 curl is already the newest version (7.88.1-10+deb12u8).
#6 6.953 wget is already the newest version (1.21.3-1+b2).
#6 6.953 gnupg is already the newest version (2.2.40-1.1).
#6 6.953 dirmngr is already the newest version (2.2.40-1.1).
#6 6.953 The following NEW packages will be installed:
#6 6.954   libatomic1 xz-utils
#6 6.996 0 upgraded, 2 newly installed, 0 to remove and 22 not upgraded.
#6 6.996 Need to get 480 kB of archives.
#6 6.996 After this operation, 1302 kB of additional disk space will be used.
#6 6.996 Get:1 http://deb.debian.org/debian bookworm/main amd64 xz-utils amd64 5.4.1-0.2 [471 kB]
#6 7.022 Get:2 http://deb.debian.org/debian bookworm/main amd64 libatomic1 amd64 12.2.0-14 [9328 B]
#6 7.295 debconf: delaying package configuration, since apt-utils is not installed
#6 7.349 Fetched 480 kB in 0s (8336 kB/s)
#6 7.383 Selecting previously unselected package xz-utils.
#6 7.383 (Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 20065 files and directories currently installed.)
#6 7.425 Preparing to unpack .../xz-utils_5.4.1-0.2_amd64.deb ...
#6 7.427 Unpacking xz-utils (5.4.1-0.2) ...
#6 7.512 Selecting previously unselected package libatomic1:amd64.
#6 7.517 Preparing to unpack .../libatomic1_12.2.0-14_amd64.deb ...
#6 7.522 Unpacking libatomic1:amd64 (12.2.0-14) ...
#6 7.555 Setting up xz-utils (5.4.1-0.2) ...
#6 7.570 update-alternatives: using /usr/bin/xz to provide /usr/bin/lzma (lzma) in auto mode
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzma.1.gz because associated file /usr/share/man/man1/xz.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/unlzma.1.gz because associated file /usr/share/man/man1/unxz.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzcat.1.gz because associated file /usr/share/man/man1/xzcat.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzmore.1.gz because associated file /usr/share/man/man1/xzmore.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzless.1.gz because associated file /usr/share/man/man1/xzless.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzdiff.1.gz because associated file /usr/share/man/man1/xzdiff.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzcmp.1.gz because associated file /usr/share/man/man1/xzcmp.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzgrep.1.gz because associated file /usr/share/man/man1/xzgrep.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzegrep.1.gz because associated file /usr/share/man/man1/xzegrep.1.gz (of link group lzma) doesn't exist
#6 7.570 update-alternatives: warning: skip creation of /usr/share/man/man1/lzfgrep.1.gz because associated file /usr/share/man/man1/xzfgrep.1.gz (of link group lzma) doesn't exist
#6 7.574 Setting up libatomic1:amd64 (12.2.0-14) ...
#6 7.580 Processing triggers for libc-bin (2.36-9+deb12u9) ...
#6 7.675 + rm -rf /var/lib/apt/lists/auxfiles /var/lib/apt/lists/deb.debian.org_debian-security_dists_bookworm-security_InRelease /var/lib/apt/lists/deb.debian.org_debian-security_dists_bookworm-security_main_binary-amd64_Packages.lz4 /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm-updates_InRelease /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm-updates_main_binary-amd64_Packages.lz4 /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm_InRelease /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm_main_binary-amd64_Packages.lz4 /var/lib/apt/lists/lock /var/lib/apt/lists/partial
#6 7.682 + for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 C0D6248439F1D5604AAFFB4021D900FFDB233756
#6 7.682 + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 4ED778F539E3634C779C87C6D7062848A1AB005C
#6 7.686 gpg: directory '/root/.gnupg' created
#6 7.687 gpg: keybox '/root/.gnupg/pubring.kbx' created
#6 68.27 gpg: keyserver receive failed: Connection timed out
#6 68.28 + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 4ED778F539E3634C779C87C6D7062848A1AB005C
#6 113.5 gpg: keyserver receive failed: Connection timed out
#6 113.5 + for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 C0D6248439F1D5604AAFFB4021D900FFDB233756
#6 113.5 + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 141F07595B7B3FFE74309A937405533BE57C7D57
#6 173.6 gpg: keyserver receive failed: Connection timed out
#6 173.6 + gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 141F07595B7B3FFE74309A937405533BE57C7D57
#6 218.7 gpg: keyserver receive failed: Connection timed out
#6 218.7 + for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 C0D6248439F1D5604AAFFB4021D900FFDB233756
#6 218.7 + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 74F12602B6F1C4E913FAA37AD3A89613643B6201

I killed the process here, as it take some times to timeout each time. In the end, the build fails.

And here, with the proxy-support tag, which is based on this PR ...

FACTORY_VERSION=proxy-support BUILDKIT_PROGRESS=plain docker compose build test-factory-all-included | tee build-behind-proxy-with-feature.log

I get this output :

#0 building with "default" instance using docker driver

#1 [test-factory-all-included internal] load build definition from included.Dockerfile
#1 DONE 0.0s

#1 [test-factory-all-included internal] load build definition from included.Dockerfile
#1 transferring dockerfile: 188B done
#1 DONE 0.0s

#2 [test-factory-all-included internal] load metadata for docker.io/cypress/factory:proxy-support
#2 DONE 0.0s

#3 [test-factory-all-included internal] load .dockerignore
#3 transferring context: 2B done
#3 DONE 0.0s

#4 [test-factory-all-included 1/4] FROM docker.io/cypress/factory:proxy-support
#4 CACHED

#5 [test-factory-all-included internal] load build context
#5 transferring context: 2.76kB 0.0s done
#5 DONE 0.0s

#6 [test-factory-all-included 2/4] RUN bash /opt/installScripts/node/install-node-version.sh 22.13.0
#6 0.343 Installing Node version: 22.13.0
#6 0.425 ++ apt-mark showmanual
#6 2.105 + savedAptMark='bzip2
#6 2.105 ca-certificates
#6 2.105 curl
#6 2.105 dirmngr
#6 2.105 git
#6 2.105 gnupg
#6 2.105 libasound2
#6 2.105 libatk-bridge2.0-0
#6 2.105 libatk1.0-0
#6 2.105 libcups2
#6 2.105 libgbm1
#6 2.105 libglib2.0-0
#6 2.105 libgtk-3-0
#6 2.105 libnss3
#6 2.105 openssh-client
#6 2.105 openssl
#6 2.105 procps
#6 2.105 unzip
#6 2.105 wget
#6 2.105 xvfb
#6 2.105 zstd'
#6 2.105 + apt-get update
#6 2.263 Hit:1 http://deb.debian.org/debian bookworm InRelease
#6 2.289 Hit:2 http://deb.debian.org/debian bookworm-updates InRelease
#6 2.324 Hit:3 http://deb.debian.org/debian-security bookworm-security InRelease
#6 2.563 Reading package lists...
#6 3.414 + apt-get install -y curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends
#6 3.427 Reading package lists...
#6 4.273 Building dependency tree...
#6 4.466 Reading state information...
#6 4.779 curl is already the newest version (7.88.1-10+deb12u8).
#6 4.779 wget is already the newest version (1.21.3-1+b2).
#6 4.779 gnupg is already the newest version (2.2.40-1.1).
#6 4.779 dirmngr is already the newest version (2.2.40-1.1).
#6 4.779 The following NEW packages will be installed:
#6 4.781   libatomic1 xz-utils
#6 4.823 0 upgraded, 2 newly installed, 0 to remove and 1 not upgraded.
#6 4.823 Need to get 480 kB of archives.
#6 4.823 After this operation, 1302 kB of additional disk space will be used.
#6 4.823 Get:1 http://deb.debian.org/debian bookworm/main amd64 xz-utils amd64 5.4.1-0.2 [471 kB]
#6 4.848 Get:2 http://deb.debian.org/debian bookworm/main amd64 libatomic1 amd64 12.2.0-14 [9328 B]
#6 5.050 debconf: delaying package configuration, since apt-utils is not installed
#6 5.092 Fetched 480 kB in 0s (8592 kB/s)
#6 5.115 Selecting previously unselected package xz-utils.
#6 5.116 (Reading database ... 
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 20065 files and directories currently installed.)
#6 5.140 Preparing to unpack .../xz-utils_5.4.1-0.2_amd64.deb ...
#6 5.142 Unpacking xz-utils (5.4.1-0.2) ...
#6 5.230 Selecting previously unselected package libatomic1:amd64.
#6 5.234 Preparing to unpack .../libatomic1_12.2.0-14_amd64.deb ...
#6 5.238 Unpacking libatomic1:amd64 (12.2.0-14) ...
#6 5.273 Setting up xz-utils (5.4.1-0.2) ...
#6 5.281 update-alternatives: using /usr/bin/xz to provide /usr/bin/lzma (lzma) in auto mode
#6 5.282 update-alternatives: warning: skip creation of /usr/share/man/man1/lzma.1.gz because associated file /usr/share/man/man1/xz.1.gz (of link group lzma) doesn't exist
#6 5.283 update-alternatives: warning: skip creation of /usr/share/man/man1/unlzma.1.gz because associated file /usr/share/man/man1/unxz.1.gz (of link group lzma) doesn't exist
#6 5.283 update-alternatives: warning: skip creation of /usr/share/man/man1/lzcat.1.gz because associated file /usr/share/man/man1/xzcat.1.gz (of link group lzma) doesn't exist
#6 5.284 update-alternatives: warning: skip creation of /usr/share/man/man1/lzmore.1.gz because associated file /usr/share/man/man1/xzmore.1.gz (of link group lzma) doesn't exist
#6 5.284 update-alternatives: warning: skip creation of /usr/share/man/man1/lzless.1.gz because associated file /usr/share/man/man1/xzless.1.gz (of link group lzma) doesn't exist
#6 5.285 update-alternatives: warning: skip creation of /usr/share/man/man1/lzdiff.1.gz because associated file /usr/share/man/man1/xzdiff.1.gz (of link group lzma) doesn't exist
#6 5.285 update-alternatives: warning: skip creation of /usr/share/man/man1/lzcmp.1.gz because associated file /usr/share/man/man1/xzcmp.1.gz (of link group lzma) doesn't exist
#6 5.286 update-alternatives: warning: skip creation of /usr/share/man/man1/lzgrep.1.gz because associated file /usr/share/man/man1/xzgrep.1.gz (of link group lzma) doesn't exist
#6 5.286 update-alternatives: warning: skip creation of /usr/share/man/man1/lzegrep.1.gz because associated file /usr/share/man/man1/xzegrep.1.gz (of link group lzma) doesn't exist
#6 5.287 update-alternatives: warning: skip creation of /usr/share/man/man1/lzfgrep.1.gz because associated file /usr/share/man/man1/xzfgrep.1.gz (of link group lzma) doesn't exist
#6 5.293 Setting up libatomic1:amd64 (12.2.0-14) ...
#6 5.300 Processing triggers for libc-bin (2.36-9+deb12u9) ...
#6 5.340 + rm -rf /var/lib/apt/lists/auxfiles /var/lib/apt/lists/deb.debian.org_debian-security_dists_bookworm-security_InRelease /var/lib/apt/lists/deb.debian.org_debian-security_dists_bookworm-security_main_binary-amd64_Packages.lz4 /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm-updates_InRelease /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm-updates_main_binary-amd64_Packages.lz4 /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm_InRelease /var/lib/apt/lists/deb.debian.org_debian_dists_bookworm_main_binary-amd64_Packages.lz4 /var/lib/apt/lists/lock /var/lib/apt/lists/partial
#6 5.344 ++ [[ -n http://CptLinuxWeb:[email protected]:3128 ]]
#6 5.344 ++ echo '--keyserver-options http-proxy=http://CptLinuxWeb:[email protected]:3128'
#6 5.344 + keyserver_options='--keyserver-options http-proxy=http://CptLinuxWeb:[email protected]:3128'
#6 5.344 + for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 C0D6248439F1D5604AAFFB4021D900FFDB233756
#6 5.345 + gpg --batch --keyserver hkps://keys.openpgp.org --keyserver-options http-proxy=http://CptLinuxWeb:[email protected]:3128 --recv-keys 4ED778F539E3634C779C87C6D7062848A1AB005C
#6 5.348 gpg: directory '/root/.gnupg' created
#6 5.348 gpg: keybox '/root/.gnupg/pubring.kbx' created
#6 5.751 gpg: /root/.gnupg/trustdb.gpg: trustdb created
#6 5.751 gpg: key D7062848A1AB005C: public key "Beth Griggs <[email protected]>" imported
#6 5.759 gpg: Total number processed: 1
#6 5.759 gpg:               imported: 1
#6 5.760 + for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 C0D6248439F1D5604AAFFB4021D900FFDB233756
#6 5.760 + gpg --batch --keyserver hkps://keys.openpgp.org --keyserver-options http-proxy=http://CptLinuxWeb:[email protected]:3128 --recv-keys 141F07595B7B3FFE74309A937405533BE57C7D57
#6 6.106 gpg: key 7405533BE57C7D57: public key "Bryan English <[email protected]>" imported
#6 6.107 gpg: Total number processed: 1
#6 6.107 gpg:               imported: 1
#6 6.108 + for key in 4ED778F539E3634C779C87C6D7062848A1AB005C 141F07595B7B3FFE74309A937405533BE57C7D57 74F12602B6F1C4E913FAA37AD3A89613643B6201 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 61FC681DFB92A079F1685E77973F295594EC4689 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 C0D6248439F1D5604AAFFB4021D900FFDB233756
#6 6.108 + gpg --batch --keyserver hkps://keys.openpgp.org --keyserver-options http-proxy=http://CptLinuxWeb:[email protected]:3128 --recv-keys 74F12602B6F1C4E913FAA37AD3A89613643B6201
#6 6.466 gpg: key D3A89613643B6201: public key "Danielle Adams <[email protected]>" imported
#6 6.468 gpg: Total number processed: 1
...

No more error on the gpg step. Full log is attached for the working scenario :
build-behind-proxy-with-feature.log

[MikeMcC399]

@ibcht

Thanks for the updates!

You mention

I have proceed to test with and without the feature. Please note that all my containers are launched with HTTP_PROXY set by default, so I didn't have to mention the ARG at build time.

Could you explain in the documentation change whether it is always necessary to build a custom image or whether an existing image can be run by setting an environment variable for the proxy?

Please feel free to adapt if necessary.

It's not possible for me to amend your PR as I don't have write privileges to the repo. That is reserved to the Cypress.io team. Also this isn't my area of expertise, so I can only make some general comments or raise some questions.

[ibcht]

Hi @MikeMcC399,

You mention

I have proceed to test with and without the feature. Please note that all my containers are launched with HTTP_PROXY set by default, so I didn't have to mention the ARG at build time.

Could you explain in the documentation change whether it is always necessary to build a custom image or whether an existing image can be run by setting an environment variable for the proxy?

This PR doesn't change the current Cypress behavior regarding proxy, which honors the http_proxy variable for the http traffic. The only improvement is on the gpg key download during factory-based custom image build. So, yes, an existing image will run without any problem. I am not sure if I understood well your question, if so, I will update the documentation accordingly.

[MikeMcC399]

@ibcht

Sorry that I was a little slow on understanding as I don't have the experience in this area. It sounds like your documentation is fine. Thank you for the additional explanation!

[ibcht]

@ibcht

Sorry that I was a little slow on understanding as I don't have the experience in this area. It sounds like your documentation is fine. Thank you for the additional explanation!

No problem, I wish I didn't have to struggle with this proxy constraint on a daily basis as well ! Thanks for your kind follow-up.

[MikeMcC399]

The maintainers would need to allow the GitHub workflows to run in order to check that no errors have been introduced which affect the examples.

At this time I don't have any additional requests, so as far as I can tell this PR looks good. CircleCI workflows are successful.

[MikeMcC399]

@ibcht

Due the release of Cypress 14 and update of cypress/factory:5.2.0 this PR's branch is now out of date. It would need to be rebased. Sorry for the inconvenience!