@biru-codeastromer Are you sure the communication goes through unix sockets and not the 8080 TCP port? I'd expect unix:///run/jenkins/jenkins.socket to come up in the config instead of http://jenkins:8080, but I have no experience with Pomerium.

@cmo-pomerium could you please review this?

Thank you for your observation, @zbynek Sir!

I initially configured the route to use unix:///run/jenkins/jenkins.socket, as expected for Unix domain sockets. However, Pomerium returned the following error:

pomerium-1 -* error decoding 'routes[1]': unix:///run/jenkins/jenkins.socket: unix:///run/jenkins/jenkins.socket url does not contain a valid hostname

Due to this, I reverted to using http://jenkins:8080 as a fallback, which worked successfully for the integration. I suspect this might be a limitation or unsupported behavior in Pomerium when using Unix sockets.

If this fallback behavior is acceptable, I will document it explicitly in the PR. However, I would appreciate further input, especially from @cmo-pomerium, to confirm whether this is an expected limitation or if there's a recommended workaround to enable Unix domain socket communication.

Also Sir @kmartens27 may you please review and guide how to improve this .Thanks!
Looking forward to your feedback!

Hi @biru-codeastromer, I think at this point the PR will be closed. As we have not gotten further confirmation about the instructions/whether or not it is using the correct method, closing it for the time being is the best course of action. However, if you are able to confirm or enhance the instruction further to be in line with what the expected behaviors are, you are more than welcome to create a new PR building on the work from this one. Thanks as always for your efforts and contributions.

@kmartens27
Sure! At this point, I have been advised not to raise more PRs. As an aspiring GSoC applicant this year, the maintainers have recommended keeping my PR count not more than 20 until the application period ends.
Therefore, I am focusing on my proposal.
I will be discussing improvements for this issue with the maintainers during the application period.
If the approach is found good, I will proceed with raising the PR once the application period concludes.

Are you aligned with it 🤗?

Hi @biru-codeastromer, I think that's a great idea and definitely want to make sure it's aligned with GSoC if that is your main goal. I think you've got a great plan and am happy to help in whatever ways I can (via the proper channels).

Thank you so much, @kmartens27 for your response ! . Yes, for now, I’m focusing on aligning things with gsoc, but not limited to gsoc. I genuinely enjoy being part of this community, which is why I’ve tried to not keep my contributions limited to gsoc related only... It has been a great experience, and I definitely plan to continue contributing again thoroughly after the application period to the community.

Also looking forward to continuing further discussions on our open PR #7841 till then😇.

Hi @kmartens27,
I looked into it again and noticed that, as of now, Pomerium does not officially support Unix domain sockets for upstream connections that why last time we weren't going to the required ports...
Their documentation mainly covers TCP and UDP protocols over HTTP, and there's currently no mention of UDS support...

Just wanted to clarify whether we should wait for official UDS support in Pomerium before updating the Jenkins reverse proxy docs for it?

or should we give a note / alert in the docs as maybe

NOTE: While Jenkins supports Unix domain sockets, Pomerium currently requires traditional HTTP endpoints in route configurations.

do you have any views in it

I don't think it's worth providing this information if it does not work. Even with providing a note, it can be misleading and it would be best to avoid providing incorrect/non-operable instructions. If it's not supported then it does not make sense to provide instructions to say otherwise.

Thanks very much for your work on this and continued efforts for the project though!

Sure got it thanks for the feedback regarding that...