Skip to content

[9.4] [Actions] Fix HTTP connector TLS options through proxies (#269898)#270104

Merged
kibanamachine merged 1 commit into
elastic:9.4from
kibanamachine:backport/9.4/pr-269898
May 20, 2026
Merged

[9.4] [Actions] Fix HTTP connector TLS options through proxies (#269898)#270104
kibanamachine merged 1 commit into
elastic:9.4from
kibanamachine:backport/9.4/pr-269898

Conversation

@kibanamachine
Copy link
Copy Markdown
Contributor

@kibanamachine kibanamachine commented May 20, 2026

Backport

This will backport the following commits from main to 9.4:

Questions ?

Please refer to the Backport tool documentation

@shahargl @cursoragent
[Actions] Fix HTTP connector TLS options through proxies (elastic#269898
169310a 
)

## Summary
- For HTTPS requests through an HTTP proxy, forward target TLS options
to the CONNECT-upgraded request created by `HttpsProxyAgent`.
- Ensures connector `verificationMode: none` and per-request SSL
overrides like `fetcher.skip_ssl_verification` are honored when the
proxy performs TLS inspection.
- Adds a regression test covering target SSL overrides through the proxy
agent callback.

## Test plan
- `node scripts/jest
src/platform/packages/shared/kbn-actions-utils/utils/get_custom_agents.test.ts`
- `node scripts/check_changes.ts`
- Manually reproduced with local mitmproxy before the fix and verified
`_execute` succeeds after the fix.

## References
Closes elastic/security-team#17454
Closes elastic#196602

Made with [Cursor](https://cursor.com)

Co-authored-by: Cursor <cursoragent@cursor.com>
(cherry picked from commit 4783bfa)
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label May 20, 2026
@kibanamachine kibanamachine enabled auto-merge (squash) May 20, 2026 08:59
@kibanamachine kibanamachine mentioned this pull request May 20, 2026
Merged
@kibanamachine
Copy link
Copy Markdown
Contributor Author

kibanamachine commented May 20, 2026

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] Jest Tests #2 / should update rule when save button is clicked
  • [job] [logs] Scout Lane #10 - stateful-classic / default / local-stateful-classic - Observability Landing Page (discover.isEsqlDefault enabled) - redirects to onboarding when no logs data exists

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
stackConnectors 1.7MB 1.7MB +16.0B

cc @shahargl

@kibanamachine kibanamachine merged commit a52796f into elastic:9.4 May 20, 2026
35 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@shahargl shahargl

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kibanamachine @shahargl