diff --git a/src/docker-manager.test.ts b/src/docker-manager.test.ts index 7831fbf9..c993a691 100644 --- a/src/docker-manager.test.ts +++ b/src/docker-manager.test.ts @@ -1518,8 +1518,11 @@ describe('docker-manager', () => { const result = generateDockerCompose(configWithProxy, mockNetworkConfigWithProxy); const agent = result.services.agent; const env = agent.environment as Record; + expect(env.NO_PROXY).toContain('127.0.0.1'); + expect(env.NO_PROXY).toContain('localhost'); expect(env.NO_PROXY).toContain('api-proxy'); expect(env.NO_PROXY).toContain('172.30.0.30'); + expect(env.NO_PROXY).toContain('172.30.0.0/16'); expect(env.no_proxy).toBe(env.NO_PROXY); }); @@ -1529,10 +1532,12 @@ describe('docker-manager', () => { const agent = result.services.agent; const env = agent.environment as Record; // Should contain both the host access NO_PROXY entries and api-proxy + expect(env.NO_PROXY).toContain('127.0.0.1'); expect(env.NO_PROXY).toContain('localhost'); expect(env.NO_PROXY).toContain('host.docker.internal'); expect(env.NO_PROXY).toContain('api-proxy'); expect(env.NO_PROXY).toContain('172.30.0.30'); + expect(env.NO_PROXY).toContain('172.30.0.0/16'); expect(env.no_proxy).toBe(env.NO_PROXY); }); diff --git a/src/docker-manager.ts b/src/docker-manager.ts index cdc5d851..f398d7b9 100644 --- a/src/docker-manager.ts +++ b/src/docker-manager.ts @@ -965,7 +965,8 @@ export function generateDockerCompose( // Add api-proxy to NO_PROXY so agent traffic goes directly to the sidecar // instead of routing through Squid (which would block the "api-proxy" hostname) - const proxyNoProxy = `api-proxy,${networkConfig.proxyIp}`; + // Include localhost, the specific IP, and the network CIDR to ensure all tools can bypass Squid + const proxyNoProxy = `127.0.0.1,localhost,${networkConfig.proxyIp},172.30.0.0/16,api-proxy`; if (environment.NO_PROXY) { environment.NO_PROXY += `,${proxyNoProxy}`; environment.no_proxy = environment.NO_PROXY;