fix(cli): notices don't work behind a proxy

[otaviomacedo]

Issue

Fixes #32304

Reason for this change

The CLI doesn't respect the proxy configuration (either via command line or via environment variables) to fetch notices. As a result, customers who can only access the internet via a proxy will never see notices.

Description of changes

• Proxy agent construction refactored into a public method, to be reused.
• Settings has two new keys: proxy and caBundlePath.
• These new settings are passed to the Notices class, which internally uses them to make the GET request to the notices URL.
• Proxy integ test now also asserts that the notices URL is intercepted by the proxy.

Description of how you validated changes

Proxy integ test, and manual tests with mitmproxy.

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[aws-cdk-automation]

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

[codecov]

Codecov Report

Attention: Patch coverage is 92.30769% with 1 line in your changes missing coverage. Please review.

Project coverage is 79.15%. Comparing base (cbacf4d) to head (742a08a).

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #32590      +/-   ##
==========================================
+ Coverage   79.13%   79.15%   +0.02%     
==========================================
  Files         107      107              
  Lines        7131     7139       +8     
  Branches     1319     1321       +2     
==========================================
+ Hits         5643     5651       +8     
  Misses       1304     1304              
  Partials      184      184              

Flag	Coverage Δ
suite.unit	79.15% <92.30%> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
packages/aws-cdk	79.15% <92.30%> (+0.02%)	⬆️

[kaizencc]

I'm happy with this. Needing to add the relevant global options to the Settings object is exactly what my work is meant to avoid but there's no harm in adding it in right now. You might need to wrestle with codecov and integ tests to merge this though :)

[kaizencc]

this looks good to me

[aws-cdk-automation]

➡️ PR build request submitted to test-main-pipeline ⬅️

A maintainer must now check the pipeline and add the pr-linter/cli-integ-tested label once the pipeline succeeds.

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 742a08a
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

This pull request has been removed from the queue for the following reason: pull request dequeued.

Pull request #32590 has been dequeued. The pull request could not be merged. This could be related to an activated branch protection or ruleset rule that prevents us from merging. (detail: 2 of 6 required status checks are failing.).

You should look at the reason for the failure and decide if the pull request needs to be fixed or if you want to requeue it.

If you want to requeue this pull request, you need to post a comment with the text: @mergifyio requeue

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.