fix(proxy): add lowercase proxy vars and NODE_EXTRA_CA_CERTS

[Mossaka]

Summary

Fix Yarn 4 and Corepack EPROTO SSL errors when connecting through the Squid proxy.

• Add lowercase proxy env vars (http_proxy, https_proxy) alongside uppercase variants. Yarn 4 (undici), Corepack, and some Node.js HTTP clients only check lowercase proxy environment variables. Without these, their HTTPS connections bypass the proxy and get DNAT'd to Squid's forward proxy port, which expects HTTP protocol — causing EPROTO errors.
• Set NODE_EXTRA_CA_CERTS when SSL Bump is enabled so Node.js tools trust the AWF session CA certificate. Node.js uses its own CA bundle, not the system CA store updated by update-ca-certificates.
• Add 3 new unit tests covering lowercase proxy vars and NODE_EXTRA_CA_CERTS behavior.

Fixes #949

Test plan

• Verify npm run build && npm test passes (842 tests)
• Verify lowercase proxy env vars appear in agent container environment
• Verify NODE_EXTRA_CA_CERTS is set when SSL Bump is enabled
• Verify NODE_EXTRA_CA_CERTS is NOT set when SSL Bump is disabled

🤖 Generated with Claude Code

[github-actions]

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	82.50%	82.89%	📈 +0.39%
Statements	82.50%	82.87%	📈 +0.37%
Functions	82.69%	82.69%	➡️ +0.00%
Branches	74.78%	75.04%	📈 +0.26%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	84.0% → 85.4% (+1.47%)	83.3% → 84.7% (+1.42%)

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[Copilot]

Pull request overview

This PR updates the container environment setup to improve Node/Yarn/Corepack behavior when running behind the Squid proxy, addressing SSL/proxy handling issues that can surface as EPROTO errors.

Changes:

• Add lowercase http_proxy / https_proxy alongside uppercase proxy env vars.
• Set NODE_EXTRA_CA_CERTS when SSL Bump is enabled so Node-based tooling trusts the session CA.
• Add unit tests covering lowercase proxy vars and NODE_EXTRA_CA_CERTS behavior.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
src/docker-manager.ts	Adds lowercase proxy vars and sets NODE_EXTRA_CA_CERTS under SSL Bump; also propagates lowercase proxy vars to the api-proxy sidecar.
src/docker-manager.test.ts	Adds unit tests validating lowercase proxy vars and NODE_EXTRA_CA_CERTS behavior.
containers/agent/entrypoint.sh	Exports NODE_EXTRA_CA_CERTS during SSL Bump startup after updating CA certificates.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The api-proxy sidecar healthcheck uses curl http://localhost:..., but adding lowercase http_proxy/https_proxy here will cause curl to proxy localhost unless NO_PROXY/no_proxy is set (or the healthcheck explicitly disables proxying). This can make the api-proxy container permanently unhealthy and block agent startup via depends_on: service_healthy. Consider adding NO_PROXY=no_proxy=localhost,127.0.0.1,::1 to the api-proxy environment (or change the healthcheck to curl --noproxy '*' ...).

Suggested change

	https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	// Ensure localhost traffic (e.g., healthcheck) bypasses the proxy
	NO_PROXY: 'localhost,127.0.0.1,::1',
	no_proxy: 'localhost,127.0.0.1,::1',

[Copilot]

When SSL Bump is enabled, Squid presents certificates signed by the session CA for all clients using the proxy port. The api-proxy sidecar routes upstream requests through Squid (HttpsProxyAgent(HTTPS_PROXY)), but the compose spec does not mount the CA cert into the api-proxy container or set NODE_EXTRA_CA_CERTS there, so upstream TLS requests are likely to fail in --ssl-bump --enable-api-proxy mode. Consider mounting the CA cert into the api-proxy container and setting NODE_EXTRA_CA_CERTS (or otherwise exempting api-proxy traffic from SSL bump).

Suggested change

	// Route through Squid to respect domain whitelisting
	HTTP_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	HTTPS_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	http_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	// Route through Squid to respect domain whitelisting when SSL bump is disabled.
	// When SSL bump is enabled, avoid proxying api-proxy HTTPS traffic through Squid
	// to prevent TLS failures due to untrusted session CA certificates.
	...(!config.enableSslBump && {
	HTTP_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	HTTPS_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	http_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
	}),

[Copilot]

Now that both uppercase and lowercase proxy variables are set, --env / additionalEnv overrides can easily desync them (e.g., overriding only HTTP_PROXY leaves http_proxy pointing at the default). Similar to the existing NO_PROXY/no_proxy normalization below, consider normalizing HTTP_PROXY↔http_proxy and HTTPS_PROXY↔https_proxy after applying additionalEnv so a single override behaves consistently across clients.

[github-actions]

feat(cli): add short flags for frequently used options
docs: clarify --image-tag behavior with agent-image presets
Tests: MCP ✅ | GH CLI ✅ | Playwright ✅ | Tavily ❌ | File ✅ | Bash ✅ | Discussion ✅ | Build ✅
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex for issue #1234

[github-actions]

Smoke Test Results

✅ GitHub MCP: #1229 feat(cli): add short flags for frequently used options, #1228 docs: clarify --image-tag behavior with agent-image presets
✅ Playwright: GitHub page title contains "GitHub"
✅ File Write: /tmp/gh-aw/agent/smoke-test-claude-22966761040.txt created
✅ Bash: File verified via cat

Overall: PASS

💥 [THE END] — Illustrated by Smoke Claude for issue #1234

[github-actions]

Smoke test results for @Mossaka:

✅ GitHub MCP — Last 2 merged PRs: #1229 feat(cli): add short flags for frequently used options, #1228 docs: clarify --image-tag behavior with agent-image presets
✅ Playwright — github.com title contains "GitHub"
✅ File write — /tmp/gh-aw/agent/smoke-test-copilot-22966761046.txt created and verified
✅ Bash — cat confirmed file contents

Overall: PASS

📰 BREAKING: Report filed by Smoke Copilot for issue #1234

[github-actions]

Chroot Version Comparison Results

Runtime	Host Version	Chroot Version	Match?
Python	Python 3.12.12	Python 3.12.3	❌
Node.js	v24.14.0	v20.20.0	❌
Go	go1.22.12	go1.22.12	✅

Result: ❌ Not all versions match. Go matches, but Python and Node.js differ between host and chroot environments.

Tested by Smoke Chroot for issue #1234

[github-actions]

🤖 Smoke test results for PR #1234 by @Mossaka:

✅ GitHub MCP — Last 2 merged PRs: test(docker): verify capsh execution chain after PR #715 (#1240), fix(cli): clear LD_PRELOAD after one-shot-token library loads (#1232)
✅ Playwright — github.com title contains "GitHub"
✅ File Write — /tmp/gh-aw/agent/smoke-test-copilot-22969603660.txt created
✅ Bash — File verified via cat

Overall: PASS

📰 BREAKING: Report filed by Smoke Copilot for issue #1234

[github-actions]

test: expand credential hiding tests to all 14 protected paths | test(docker): verify capsh execution chain after PR #715
GitHub MCP merged PR review: ✅
safeinputs-gh PR list: ✅
Playwright title check: ✅
Tavily search: ❌ (tool unavailable)
File write: ✅
Bash cat verify: ✅
Discussion comment: ✅
Build (npm ci && npm run build): ✅
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex for issue #1234

[github-actions]

Smoke Test Results

• ✅ GitHub MCP: test: expand credential hiding tests to all 14 protected paths #1163 test: expand credential hiding tests to all 14 protected paths, test(docker): verify capsh execution chain after PR #715 #1240 test(docker): verify capsh execution chain after PR fix: eliminate nested bash layer in chroot command execution for Java/.NET #715
• ✅ Playwright: GitHub page title verified
• ✅ File write: /tmp/gh-aw/agent/smoke-test-claude-22969603649.txt created
• ✅ Bash: File contents confirmed

Overall: PASS

💥 [THE END] — Illustrated by Smoke Claude for issue #1234

[github-actions]

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	ok	✅ PASS
Go	env	✅	ok	✅ PASS
Go	uuid	✅	ok	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	All passed	✅ PASS
Node.js	execa	✅	All passed	✅ PASS
Node.js	p-limit	✅	All passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Generated by Build Test Suite for issue #1234 · ◷

[github-actions]

Chroot Version Comparison Results

Runtime	Host Version	Chroot Version	Match?
Python	Python 3.12.12	Python 3.12.3	❌ NO
Node.js	v24.14.0	v20.20.0	❌ NO
Go	go1.22.12	go1.22.12	✅ YES

Overall: ❌ Not all tests passed — Python and Node.js versions differ between host and chroot environments.

Tested by Smoke Chroot for issue #1234