adding proxy parameters to git pipeline resource

docs/resources.md

@@ -377,6 +377,38 @@ spec:
       value: refs/pull/52525/head
 ```
 
+#### Using HTTP/HTTPS Proxy
+
+The `httpProxy` and `httpsProxy` parameter can be used to proxy non-SSL/SSL requests, for example to use an enterprise
+proxy server for SSL requests:
+
+```yaml
+spec:
+  type: git
+  params:
+    - name: url
+      value: https://github.com/bobcatfish/wizzbang.git
+    - name: httpsProxy
+      value: "my-enterprise.proxy.com"
+```
+
+#### Using No Proxy
+
+The `noProxy` parameter can be used to opt out of proxying, for example, to not proxy HTTP/HTTPS requests to
+`no.proxy.com`:
+
+```yaml
+spec:
+  type: git
+  params:
+    - name: url
+      value: https://github.com/bobcatfish/wizzbang.git
+    - name: noProxy
+      value: "no.proxy.com"
+```
+
+Note: `httpProxy`, `httpsProxy`, and `noProxy` are all optional but no validation done if all three are specified.
+
 ### Pull Request Resource
 
 The `pullRequest` resource represents a pull request event from a source control

examples/v1alpha1/taskruns/git-resource.yaml

@@ -69,3 +69,58 @@ spec:
             value: pull/2932/head
           - name: url
             value: https://github.com/GoogleContainerTools/skaffold
+
+---
+apiVersion: tekton.dev/v1alpha1
+kind: TaskRun
+metadata:
+  generateName: git-resource-sslverify-
+spec:
+  taskSpec:
+    inputs:
+      resources:
+        - name: skaffold
+          type: git
+    steps:
+      - image: ubuntu
+        script: cat skaffold/README.md
+  inputs:
+    resources:
+      - name: skaffold
+        resourceSpec:
+          type: git
+          params:
+            - name: revision
+              value: master
+            - name: url
+              value: https://github.com/GoogleContainerTools/skaffold
+            - name: sslVerify
+              value: "false"
+---
+
+apiVersion: tekton.dev/v1alpha1
+kind: TaskRun
+metadata:
+  generateName: git-resource-no-proxy-
+spec:
+  taskSpec:
+    inputs:
+      resources:
+        - name: skaffold
+          type: git
+    steps:
+      - image: ubuntu
+        script: cat skaffold/README.md
+  inputs:
+    resources:
+      - name: skaffold
+        resourceSpec:
+          type: git
+          params:
+            - name: revision
+              value: master
+            - name: url
+              value: https://github.com/GoogleContainerTools/skaffold
+            - name: noProxy
+              value: "google.com"
+---

pkg/apis/resource/v1alpha1/git/git_resource.go

@@ -44,9 +44,12 @@ type Resource struct {
 	Revision   string `json:"revision"`
 	Submodules bool   `json:"submodules"`
 
-	Depth     uint   `json:"depth"`
-	SSLVerify bool   `json:"sslVerify"`
-	GitImage  string `json:"-"`
+	Depth      uint   `json:"depth"`
+	SSLVerify  bool   `json:"sslVerify"`
+	HTTPProxy  string `json:"httpProxy"`
+	HTTPSProxy string `json:"httpsProxy"`
+	NOProxy    string `json:"noProxy"`
+	GitImage   string `json:"-"`
 }
 
 // NewResource creates a new git resource to pass to a Task
@@ -74,6 +77,12 @@ func NewResource(gitImage string, r *resource.PipelineResource) (*Resource, erro
 			gitResource.Depth = toUint(param.Value, 1)
 		case strings.EqualFold(param.Name, "SSLVerify"):
 			gitResource.SSLVerify = toBool(param.Value, true)
+		case strings.EqualFold(param.Name, "HTTPProxy"):
+			gitResource.HTTPProxy = param.Value
+		case strings.EqualFold(param.Name, "HTTPSProxy"):
+			gitResource.HTTPSProxy = param.Value
+		case strings.EqualFold(param.Name, "NOProxy"):
+			gitResource.NOProxy = param.Value
 		}
 	}
 	// default revision to master if nothing is provided
@@ -120,12 +129,15 @@ func (s *Resource) GetURL() string {
 // Replacements is used for template replacement on a GitResource inside of a Taskrun.
 func (s *Resource) Replacements() map[string]string {
 	return map[string]string{
-		"name":      s.Name,
-		"type":      s.Type,
-		"url":       s.URL,
-		"revision":  s.Revision,
-		"depth":     strconv.FormatUint(uint64(s.Depth), 10),
-		"sslVerify": strconv.FormatBool(s.SSLVerify),
+		"name":       s.Name,
+		"type":       s.Type,
+		"url":        s.URL,
+		"revision":   s.Revision,
+		"depth":      strconv.FormatUint(uint64(s.Depth), 10),
+		"sslVerify":  strconv.FormatBool(s.SSLVerify),
+		"httpProxy":  s.HTTPProxy,
+		"httpsProxy": s.HTTPSProxy,
+		"noProxy":    s.NOProxy,
 	}
 }
 
@@ -147,6 +159,23 @@ func (s *Resource) GetInputTaskModifier(_ *v1alpha1.TaskSpec, path string) (v1al
 		args = append(args, "-sslVerify=false")
 	}
 
+	env := []corev1.EnvVar{{
+		Name:  "TEKTON_RESOURCE_NAME",
+		Value: s.Name,
+	}}
+
+	if len(s.HTTPProxy) != 0 {
+		env = append(env, corev1.EnvVar{Name: "HTTP_PROXY", Value: s.HTTPProxy})
+	}
+
+	if len(s.HTTPSProxy) != 0 {
+		env = append(env, corev1.EnvVar{Name: "HTTPS_PROXY", Value: s.HTTPSProxy})
+	}
+
+	if len(s.NOProxy) != 0 {
+		env = append(env, corev1.EnvVar{Name: "NO_PROXY", Value: s.NOProxy})
+	}
+
 	step := v1alpha1.Step{
 		Container: corev1.Container{
 			Name:       names.SimpleNameGenerator.RestrictLengthWithRandomSuffix(gitSource + "-" + s.Name),
@@ -155,10 +184,7 @@ func (s *Resource) GetInputTaskModifier(_ *v1alpha1.TaskSpec, path string) (v1al
 			Args:       args,
 			WorkingDir: pipeline.WorkspaceDir,
 			// This is used to populate the ResourceResult status.
-			Env: []corev1.EnvVar{{
-				Name:  "TEKTON_RESOURCE_NAME",
-				Value: s.Name,
-			}},
+			Env: env,
 		},
 	}