cli: notices don't work behind a proxy #32304
Description
Describe the bug
[11:54:39] Could not refresh notices: Error: Request timed out
Regression Issue
- Select this option if this issue appears to be a regression.
Last Known Working CDK Version
No response
Expected Behavior
They work
Current Behavior
Fetching them fails
Reproduction Steps
I'm trying a fairly elaborate setup on Mac OS to prevent a process' network traffic except through a proxy, using the _svn user that's standard on the system but otherwise unused. I probably shouldn't do this, but I'm nothing if not lazy.
# Make the '_svn' user part of 'staff' so it has a fighting chance of reading home directories
$ sudo dseditgroup -o edit -a _svn -t user staff
# Make mitmproxy directory readable by staff
$ chmod -R g+r /Users/huijbers/.mitmproxy# pf.conf
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
# Allow all traffic on loopback interface
pass quick on lo0 all
# Allow established connections
pass in proto tcp from any to any flags S/SA keep state
pass in proto udp from any to any keep state
# Allow localhost traffic
pass in from 127.0.0.1 to 127.0.0.1
pass out from 127.0.0.1 to 127.0.0.1
pass out proto { tcp, udp } from any to 127.0.0.1 user { _svn }
block drop out proto { tcp, udp } all user { _svn }
# Apply firewall rules
sudo pfctl -f pf.conf
# Have mitmproxy running somewhere
# Start CDK CLI as _svn
$ sudo -Eu _svn env CDK_HOME=$HOME/.cdk AWS_CA_BUNDLE=$HOME/.mitmproxy/mitmproxy-ca.pem HTTPS_PROXY=http://localhost:8080 npx cdk deploy -vvPossible Solution
No response
Additional Information/Context
No response
CDK CLI Version
Framework Version
No response
Node.js Version
OS
Language
TypeScript
Language Version
No response
Other information
No response