OpenID Connect via https_proxy

Hello

I have the following issue:
I need to use openID Connect to authenticate users in an azure active directory.
The problem is: my gitlab instance does not have direct access to the internet, but has to use a https_proxy.

What is the problem/error message:

The UI throws an HTTP 500 error, when clicking on the button in order to authenticate with the openID connect provider.
The production.log is more detailed:

OpenIDConnect::Discovery::DiscoveryFailed (getaddrinfo: Name or service not known (login.microsoftonline.com:443)):

So basically the hostname of the provider can’t be resolved. Which is fine, as the gitlab host itself cannot resolve this dns entry. But our https_proxy could (tested by curling the URL).

What did I do in order to tell gitlab about our proxy?

I added this to the gitlab.rb:

gitlab_rails['env'] = {
  'BUNDLE_GEMFILE' => "/data/opt/gitlab/embedded/service/gitlab-rails/Gemfile",
  'PATH' => "/data/opt/gitlab/bin:/data/opt/gitlab/embedded/bin:/bin:/usr/bin",
  'https_proxy' => "http://myproxy.intern:8880",
  'http_proxy' => "http://myproxy.intern:8880"
}

gitaly['env'] = {
  'https_proxy' => "http://myproxy.intern:8880",
  'http_proxy' => "http://myproxy.intern:8880"
}

gitlab_workhorse['env'] = {
  'https_proxy' => "http://myproxy.intern:8880",
  'http_proxy' => "http://myproxy.intern:8880"
}

gitaly and workhorse are just tests. IMHO rails should be enough

Anyone has an idea howto tu use an openID connect provider via https_proxy?

consider use env “no_proxy” instead of modifying gitlab.rb?