Skip to content

Fixing the Proxy issue with the PCCRV2 #21384

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fixing the Proxy issue with the PCCRV2 #21384

wants to merge 1 commit into from
+142 −3

Conversation

@vinayakmsft
Copy link
Contributor

@vinayakmsft vinayakmsft commented Oct 16, 2025
edited
Loading

Context

This PR resolves the core issue of socket timeout errors in corporate proxy environments while maintaining full backward compatibility and adding comprehensive security measures.

Customers using the PublishCodeCoverageResultsV2 task in corporate environments with proxy servers were experiencing socket timeout errors when attempting to upload coverage data to Azure blob storage (ufxtcmprodweu21.vstmrblob.vsassets.io:443). This occurred even when the blob storage endpoints were whitelisted in their proxy configuration.

Root Cause: The underlying .NET application (CoveragePublisher.Console) was failing to properly initialize HttpClient.DefaultProxy settings, causing network requests to bypass proxy configuration despite environment variables being set.

Solution Overview
This PR implements a comprehensive proxy configuration system that ensures proper .NET HttpClient proxy initialization by:

Enhanced Proxy Detection: Priority-based proxy configuration (Azure agent → Environment variables)
Comprehensive Environment Variables: Sets both standard and .NET-specific proxy environment variables
Security Hardening: Input validation, credential masking, and secure credential handling
Cross-Platform Support: Handles proxy configuration across Windows, Linux, and macOS

Task Name

PublishCodeCoverageResultsV2

Risk Assessment (Low / Medium / High)

Low

Additional Testing Performed

List all other tests performed (manual or automated, including integration, regression, scenario tests, etc.).

image image image image image

Checklist

  • Related issue linked (if applicable)
  • Task version was bumped — see versioning guide
  • Verified the task behaves as expected

@vinayakmsft vinayakmsft requested a review from a team as a code owner October 16, 2025 10:25
@KathanS
Copy link
Contributor

KathanS commented Oct 16, 2025
edited
Loading

@vinayakmsft, do we need to move this changes behind FF?

KathanS
KathanS reviewed Oct 16, 2025
View reviewed changes
Tasks/Common/coveragepublisher/coveragepublisher.ts
const parsedUrl = new URL(url);
if (parsedUrl.username || parsedUrl.password) {
// Mask both username and password for security
return `${parsedUrl.protocol}//***: ***@${parsedUrl.host}${parsedUrl.pathname}${parsedUrl.search}`;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is space after : expected? "{parsedUrl.protocol}//***:(space)"

@KathanS
Copy link
Contributor

KathanS commented Oct 16, 2025

Can you please share info on testing this specific scenario?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KathanS KathanS KathanS left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vinayakmsft @KathanS