ProxyTransport returns an http.RoundTripper that routes traffic through Docker Desktop's PAC-aware HTTP proxy when DD exposes the proxy socket, or nil when no override is needed (callers should use their own default transport in that case — for the OCI resolver this means containerd's built-in trans
(endpoint string)
| 105 | // http.DefaultTransport with only Proxy and DialContext overridden, so it |
| 106 | // preserves stdlib timeout, pooling, and HTTP/2 defaults. |
| 107 | func ProxyTransport(endpoint string) http.RoundTripper { |
| 108 | proxyEndpoint := httpProxySocketEndpoint(endpoint) |
| 109 | if proxyEndpoint == "" { |
| 110 | logrus.Debug("Docker Desktop HTTP proxy not available; deferring to caller's default transport") |
| 111 | return nil |
| 112 | } |
| 113 | logrus.Debugf("routing OCI traffic through Docker Desktop HTTP proxy at %s", proxyEndpoint) |
| 114 | // Clone http.DefaultTransport to inherit stdlib timeout, pool, and |
| 115 | // HTTP/2 defaults. Type-assertion is guarded since a process may have |
| 116 | // replaced http.DefaultTransport with a wrapping RoundTripper (e.g. |
| 117 | // instrumentation libraries); fall back to a fresh transport in that |
| 118 | // case rather than panicking. |
| 119 | var tr *http.Transport |
| 120 | if defaultTr, ok := http.DefaultTransport.(*http.Transport); ok { |
| 121 | tr = defaultTr.Clone() |
| 122 | } else { |
| 123 | tr = &http.Transport{} |
| 124 | } |
| 125 | |
| 126 | tr.Proxy = ddProxyFunc() |
| 127 | |
| 128 | // Bypassed (direct) requests reach DialContext with their real target |
| 129 | // address and use the standard dialer; proxied requests reach it with the |
| 130 | // sentinel proxy address and are routed to the Docker Desktop socket. |
| 131 | baseDial := tr.DialContext |
| 132 | if baseDial == nil { |
| 133 | baseDial = (&net.Dialer{}).DialContext |
| 134 | } |
| 135 | proxyAddr := net.JoinHostPort(ddProxyHost, "80") |
| 136 | tr.DialContext = func(ctx context.Context, network, addr string) (net.Conn, error) { |
| 137 | if addr == proxyAddr { |
| 138 | return memnet.DialEndpoint(ctx, proxyEndpoint) |
| 139 | } |
| 140 | return baseDial(ctx, network, addr) |
| 141 | } |
| 142 | return tr |
| 143 | } |
| 144 | |
| 145 | // ddProxyFunc returns a transport Proxy function that routes every request |
| 146 | // through the Docker Desktop proxy except loopback targets, which connect |