Service deployment¶
OSA Proxy Go uses the osa-proxy.yml configuration file. By default, the service looks for it in the working directory, but the path can be passed as the first startup argument or through the OSA_PROXY_CONFIG_PATH environment variable.
Docker¶
Example container run with an external configuration file:
docker run -d \
--name osa-proxy \
-p 8080:8080 \
-e OSA_PROXY_CONFIG_PATH=/etc/osa-proxy/osa-proxy.yml \
-v /path/to/osa-proxy.yml:/etc/osa-proxy/osa-proxy.yml:ro \
<registry-url>/osa-proxy:<tag>
Availability check:
Docker Compose¶
services:
osa-proxy:
image: <registry-url>/osa-proxy:<tag>
container_name: osa-proxy
ports:
- "8080:8080"
env_file:
- .env
environment:
OSA_PROXY_CONFIG_PATH: /etc/osa-proxy/osa-proxy.yml
volumes:
- ./osa-proxy.yml:/etc/osa-proxy/osa-proxy.yml:ro
healthcheck:
test: ["CMD", "/app/osa-proxy", "healthcheck"]
interval: 30s
timeout: 3s
retries: 3
start_period: 5s
If Redis verdict cache is enabled, add Redis to the Compose file and set its address in cache.redis.address.
.env file¶
When running with Docker Compose, .env is passed into the container only when it is listed in env_file. These variables can be used:
- directly as process environment variables;
- in
osa-proxy.ymlthrough${VAR_NAME:default_value}placeholders.
In the Compose example, the configuration path is set separately through environment.OSA_PROXY_CONFIG_PATH, so do not duplicate it in .env.
Example .env:
CODESCORING_URL=https://codescoring.example.com
CODESCORING_TOKEN=
WORK_MODE=strict_wait
OSA_PROXY_URL=https://osa-proxy.example.com
LOG_LEVEL=info
CACHE_ENABLED=false
REDIS_ADDRESS=redis:6379
REDIS_PASSWORD=
REDIS_DB=0
Example usage in osa-proxy.yml:
codescoring:
url: ${CODESCORING_URL:https://codescoring.example.com}
token: ${CODESCORING_TOKEN:}
work-mode: ${WORK_MODE:strict_wait}
osa-proxy-url: ${OSA_PROXY_URL:http://localhost:8080}
cache:
judge:
enabled: ${CACHE_ENABLED:false}
redis:
address: ${REDIS_ADDRESS:redis:6379}
password: ${REDIS_PASSWORD:}
db: ${REDIS_DB:0}
logging:
level: ${LOG_LEVEL:info}
Store secrets in .env, not as literal values in osa-proxy.yml.
Proxy settings for outgoing HTTP requests¶
OSA Proxy Go uses standard Go HTTP clients. They automatically respect the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables; lowercase variants http_proxy, https_proxy, and no_proxy can also be used.
Example .env for a corporate proxy:
HTTP_PROXY=http://proxy.company.example:3128
HTTPS_PROXY=http://proxy.company.example:3128
NO_PROXY=localhost,127.0.0.1,::1,redis,codescoring.example.com,.svc,.cluster.local
NO_PROXY should include addresses that the service must reach directly: local addresses, Redis, internal Kubernetes/Docker DNS names, internal CodeScoring domains, or internal package registries that should not go through the corporate proxy.
Helm¶
Minimal values.yaml example:
image:
repository: <registry-url>/osa-proxy
tag: "<tag>"
service:
type: ClusterIP
port: 8080
probes:
enabled: true
path: /healthz
ingress:
enabled: true
className: nginx
hosts:
- host: osa-proxy.example.com
paths:
- path: /
pathType: Prefix
config:
create: true
key: osa-proxy.yml
mountPath: /etc/osa-proxy/osa-proxy.yml
content: |
codescoring:
url: https://codescoring.example.com
token: "<token>"
work-mode: strict_wait
osa-proxy-url: https://osa-proxy.example.com
block-on-codescoring-errors: true
remove-blocked-versions: true
block-status-code: 403
npm:
enabled: true
repository:
- name: npm
registry: https://registry.npmjs.org
scan-manifest: true
scan-package: true
work-mode: strict_wait
url-encoded-config: true
logging:
level: info
After installation, check the endpoints: