# Per-bottle egress-proxy sidecar image (PRD 0017). # # Replaces cred-proxy (PRD 0010). Sits on the agent's HTTP_PROXY / # HTTPS_PROXY path (wiring lands in chunk 2) and owns three jobs: # 1. MITM HTTPS using the per-bottle CA (chunk 2 moves the CA # generation from pipelock). # 2. Enforce manifest-declared path_allowlist per route. # 3. Inject Authorization headers for routes that declare an auth # block. # # Chunk 1 of PRD 0017 ships this image and the addon. Wiring it # into the bottle launch (and the per-bottle CA + the pipelock # upstream proxy) is chunk 2. # mitmproxy base image. mitmdump + addon API are already there; we # only need to drop our addon in. TODO(chunk-2): pin by digest. FROM mitmproxy/mitmproxy:11.1.3 USER root # The addon ships as two files. `_core.py` is pure-logic, importable # both inside the container and from the host's tests; `_addon.py` is # the mitmproxy hook wrapper. Both land flat in /app/ so mitmdump's # loader finds them as top-level sibling modules. COPY claude_bottle/egress_proxy_addon_core.py /app/egress_proxy_addon_core.py COPY claude_bottle/egress_proxy_addon.py /app/egress_proxy_addon.py # Pre-create the runtime directory the backend's start step will # `docker cp` routes.yaml into. docker cp does not create # intermediate dirs, so the mkdir must be baked into the image. # Ownership lets the unprivileged mitmproxy user read the file. RUN mkdir -p /etc/egress-proxy \ && chown -R mitmproxy:mitmproxy /etc/egress-proxy /app USER mitmproxy # Listening port. Agents will dial egress-proxy on this port via # their HTTP_PROXY env (chunk 2). Surfaced as EXPOSE for # documentation; not required for the internal network to route to it. EXPOSE 9099 # --mode regular@9099: standard HTTP/HTTPS forward proxy on :9099. # -s /app/egress_proxy_addon.py: loads our addon, which reads the # route table from /etc/egress-proxy/routes.yaml. # (Upstream-trust + CA-cert hooks land in chunk 2 when the per-bottle # pipelock CA wiring moves over from cred-proxy.) ENTRYPOINT ["mitmdump", "--mode", "regular@9099", "-s", "/app/egress_proxy_addon.py"]