Skip to content

Added way to send requests to forward proxy for enabled customer and data sources #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bhuvan-teja-glean merged 2 commits into from
Oct 27, 2025
Merged

Added way to send requests to forward proxy for enabled customer and data sources #3

bhuvan-teja-glean merged 2 commits into from
Oct 27, 2025

Conversation

@bhuvan-teja-glean
Copy link
Contributor

@bhuvan-teja-glean bhuvan-teja-glean commented Oct 27, 2025
edited
Loading

Description:
Currently our glean-proxy will make a direct connection to a data source. We want to provide a way to route these requests via forward proxy. So that the requests can be monitored by the forward proxy.

We need to set the following environment variables to make the requests go through the forward proxy:

export FORWARD_PROXY_HOST=<forward-proxy-host>
export FORWARD_PROXY_PORT=<forward-proxy-port>
export FORWARD_PROXY_DATA_SOURCE_HOSTS=<Comma seperated list of data source hosts>
export FORWARD_PROXY_USERNAME=<Username of the forward proxy>
export FORWARD_PROXY_PASSWORD=<Password of the forward proxy>

Context:

We needed this so that the customer can host a forward proxy which can inspect all the requests going to the data sources.

Test plan:
Ran the glean-proxy server with the following environment variable
bazel run //src/main/java/com/glean/proxy:ProxyMain 8080
Environment variables

export CLOUD_PLATFORM=AWS
export AWS_FILTERS=
export GOOGLE_FILTERS=
export CROSS_PLATFORM_FILTERS=
export DEBUG_FILTERS=
export FORWARD_PROXY_HOST=localhost
export FORWARD_PROXY_PORT=8888
export FORWARD_PROXY_DATA_SOURCE_HOSTS=www.google.com,www.glean.com
export FORWARD_PROXY_USERNAME=
export FORWARD_PROXY_PASSWORD=

For the forward proxy we just used the glean-proxy to run as forward proxy with a different port
bazel run //src/main/java/com/glean/proxy:ProxyMain 8888
Environment variables

export CLOUD_PLATFORM=AWS
export AWS_FILTERS=
export GOOGLE_FILTERS=
export CROSS_PLATFORM_FILTERS=
export DEBUG_FILTERS=

Made the following requests

  1. curl --proxy localhost:8080 https://www.example.com
  2. curl --proxy localhost:8080 https://www.google.com

Screenshot of glean-proxy at 8080 logs
Screenshot 2025-10-27 at 11 34 47 AM

Screenshot of forward-proxy at 8888 logs
Screenshot 2025-10-27 at 11 34 30 AM

As you see only www.google.com went through the forward proxy and www.example.com doesn't have any log in the forward proxy as it is a direct connection

Change Type

  • Flag-gated development/Internal fix
  • Bug Fix/Enhancement
  • Security or Permissions related change
  • Feature launch

Platform (Choose one if applicable)

  • AWS only change
  • GCP only change

@bhuvan-teja-glean bhuvan-teja-glean changed the title Bhuvan/add forward proxy Added way to send requests to forward proxy for enabled customer and data sources Oct 27, 2025
@bhuvan-teja-glean bhuvan-teja-glean merged commit 6917492 into main Oct 27, 2025
1 check passed
@bhuvan-teja-glean bhuvan-teja-glean deleted the bhuvan/add_forward_proxy branch October 27, 2025 20:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timmy-xiao-glean timmy-xiao-glean timmy-xiao-glean approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bhuvan-teja-glean @timmy-xiao-glean