Using Kosli CLI with an HTTP proxy #
In enterprises with strict network policies, you might want to communicate with Kosli via an HTTP proxy as the single point of egress communication with Kosli.
This tutorial shows how you can setup an HTTP proxy and use it when communicating with Kosli via the CLI.
TLDR #
If you already have an HTTP proxy, start using it with Kosli CLI
In this tutorial, we will setup Tinyproxy (in docker) as an HTTP proxy on a Mac machine. The same steps apply for different HTTP proxies and machines, but commands will differ.
Start the HTTP proxy #
- Start Tinyproxy using docker:
cat <<EOF > tinyproxy.conf
User nobody
Group nobody
Port 8888
EOF
docker run -p 8888:8888 -v $(PWD)/tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro kalaksi/tinyproxy
Now you have an HTTP proxy running at http://localhost:8888
Use the HTTP proxy with Kosli CLI #
To verify if the setup works, you can run this command to list environments of the public demo org Cyber Dojo:
kosli list envs --org cyber-dojo --http-proxy http://localhost:8888 --api-token <<your-token>>
Your request goes through the HTTP proxy and is then forwarded to Kosli. If successful, you should see a similar output to this:
NAME TYPE LAST REPORT LAST MODIFIED TAGS
aws-beta ECS 2024-04-18T15:17:54+02:00 2024-04-18T15:17:54+02:00 [url=https://beta.cyber-dojo.org/]
aws-prod ECS 2024-04-18T15:17:57+02:00 2024-04-18T15:17:57+02:00 [url=https://cyber-dojo.org/]
terraform-state-differ-beta S3 2024-04-18T15:18:23+02:00 2024-04-18T15:18:23+02:00
terraform-state-differ-prod S3 2024-04-18T15:18:17+02:00 2024-04-18T15:18:17+02:00
All you need to do now is to use --http-proxy http://localhost:8888 with your CLI commands.
Alternatively, you can add this to your kosli config so that you don't type it on each command:
kosli config --http-proxy=http://localhost:8888
