openshift · openshift-merge-bot · Jan 20, 2026 · Dec 9, 2025 · swghosh · Dec 18, 2025
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -68,7 +68,7 @@ oc apply -f ./test/must-gather.yaml
 
 **API Types** (`api/v1alpha1/mustgather_types.go`):
 - `MustGather` CR defines the specification for must-gather collection jobs
-- Key fields: `caseID`, `caseManagementAccountSecretRef`, `serviceAccountRef`, `audit`, `proxyConfig`, `mustGatherTimeout`, `internalUser`
+- Key fields: `caseID`, `caseManagementAccountSecretRef`, `serviceAccountRef`, `audit`, `mustGatherTimeout`, `internalUser`
 - Status tracking with conditions and completion state
 
 **Controller** (`controllers/mustgather/mustgather_controller.go`):
@@ -94,7 +94,7 @@ oc apply -f ./test/must-gather.yaml
 ### Reconciliation Flow
 
 1. Fetch MustGather instance
-2. Initialize defaults (ServiceAccountRef, ProxyConfig from cluster)
+2. Initialize defaults (ServiceAccountRef from cluster)
 3. Handle deletion via finalizer:
    - Delete secret from operator namespace
    - Delete job and associated pods
@@ -114,7 +114,7 @@ oc apply -f ./test/must-gather.yaml
 - **Two-container approach**: Separate containers for gathering and uploading allows gather to run with cluster permissions while upload runs with limited permissions
 - **Process namespace sharing**: Enables upload container to detect gather completion via `pgrep`
 - **Infra node affinity**: Jobs prefer infra nodes (with tolerations) to avoid impacting application workloads
-- **Proxy support**: Inherits cluster proxy config by default, overridable per MustGather CR
+- **Proxy support**: Inherits cluster proxy config from environment variables
 - **FIPS mode**: Enabled by default (`FIPS_ENABLED=true` in Makefile)
 
 ### Important Files
@@ -133,7 +133,7 @@ Required for operation:
 
 Optional:
 - `OSDK_FORCE_RUN_MODE=local`: Bypasses leader election for local development
-- Proxy variables: `HTTP_PROXY`, `HTTPS_PROXY`, `NO_PROXY` (can be overridden per CR)
+- Proxy variables: `HTTP_PROXY`, `HTTPS_PROXY`, `NO_PROXY`
 
 ### API Group Migration
 

diff --git a/README.md b/README.md
@@ -41,30 +41,6 @@ spec:
   audit: true
 ```
 
-## Proxy Support
-
-The Must Gather operator supports using a proxy. The proxy setting can be specified in the MustGather object. If not specified, the cluster default proxy setting will be used. Here is an example:
-
-```yaml
-apiVersion: operator.openshift.io/v1alpha1
-kind: MustGather
-metadata:
-  name: example-mustgather-proxy
-spec:
-  serviceAccountRef:
-    name: must-gather-admin
-  uploadTarget:
-    type: SFTP
-    sftp:
-      caseID: '02527285'
-      caseManagementAccountSecretRef:
-        name: case-management-creds
-  proxyConfig:
-    httpProxy: http://myproxy
-    httpsProxy: https://my_http_proxy
-    noProxy: master-api
-```
-
 ## Garbage collection
 
 MustGather instances are cleaned up by the Must Gather operator about 6 hours after completion, regardless of whether they were successful.

diff --git a/api/v1alpha1/mustgather_types.go b/api/v1alpha1/mustgather_types.go
@@ -36,10 +36,6 @@ type MustGatherSpec struct {
 	// +kubebuilder:default:=false
 	Audit *bool `json:"audit,omitempty"`
 
-	// This represents the proxy configuration to be used. If left empty it will default to the cluster-level proxy configuration.
-	// +kubebuilder:validation:Optional
-	ProxyConfig *ProxySpec `json:"proxyConfig,omitempty"`
-
 	// A time limit for gather command to complete a floating point number with a suffix:
 	// "s" for seconds, "m" for minutes, "h" for hours.
 	// Will default to no time limit.
@@ -153,21 +149,6 @@ type PersistentVolumeClaimReference struct {
 	Name string `json:"name"`
 }
 
-// +k8s:openapi-gen=true
-type ProxySpec struct {
-	// httpProxy is the URL of the proxy for HTTP requests.
-	// +kubebuilder:validation:Required
-	HTTPProxy string `json:"httpProxy"`
-
-	// httpsProxy is the URL of the proxy for HTTPS requests.
-	// +kubebuilder:validation:Required
-	HTTPSProxy string `json:"httpsProxy"`
-
-	// noProxy is the list of domains for which the proxy should not be used.  Empty means unset and will not result in an env var.
-	// +optional
-	NoProxy string `json:"noProxy,omitempty"`
-}
-
 // MustGatherStatus defines the observed state of MustGather
 type MustGatherStatus struct {
 	Status     string             `json:"status,omitempty"`

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/api/v1alpha1/zz_generated.openapi.go b/api/v1alpha1/zz_generated.openapi.go
diff --git a/boilerplate/openshift/golang-osd-operator/standard.mk b/boilerplate/openshift/golang-osd-operator/standard.mk
@@ -216,13 +216,14 @@ op-generate:
 .PHONY: openapi-generate
 openapi-generate:
 	find ./api -maxdepth 2 -mindepth 1 -type d | xargs -t -I% \
-		$(OPENAPI_GEN) --logtostderr=true \
-			-i % \
-			-o "" \
-			-O zz_generated.openapi \
-			-p % \
-			-h /dev/null \
-			-r "-"
+		$(OPENAPI_GEN) \
+			--logtostderr=true \
+			--output-dir % \
+			--output-pkg % \
+			--output-file zz_generated.openapi.go \
+			--go-header-file /dev/null \
+			--report-filename - \
+			%
 
 .PHONY: manifests
 manifests:

diff --git a/bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml b/bundle/manifests/tech-preview/operator.openshift.io_mustgathers.yaml
@@ -52,25 +52,6 @@ spec:
                   Will default to no time limit.
                 format: duration
                 type: string
-              proxyConfig:
-                description: This represents the proxy configuration to be used. If
-                  left empty it will default to the cluster-level proxy configuration.
-                properties:
-                  httpProxy:
-                    description: httpProxy is the URL of the proxy for HTTP requests.
-                    type: string
-                  httpsProxy:
-                    description: httpsProxy is the URL of the proxy for HTTPS requests.
-                    type: string
-                  noProxy:
-                    description: noProxy is the list of domains for which the proxy
-                      should not be used.  Empty means unset and will not result in
-                      an env var.
-                    type: string
-                required:
-                - httpProxy
-                - httpsProxy
-                type: object
               retainResourcesOnCompletion:
                 default: false
                 description: |-

diff --git a/controllers/mustgather/template.go b/controllers/mustgather/template.go
@@ -56,29 +56,17 @@ func getJobTemplate(operatorImage string, mustGather v1alpha1.MustGather) *batch
 
 	var httpProxy, httpsProxy, noProxy string
 
-	// Check if proxy configuration is provided in the CR
-	if mustGather.Spec.ProxyConfig != nil {
-		if mustGather.Spec.ProxyConfig.HTTPProxy != "" || mustGather.Spec.ProxyConfig.HTTPSProxy != "" || mustGather.Spec.ProxyConfig.NoProxy != "" {
-			// Use proxy configuration from CR
-			httpProxy = mustGather.Spec.ProxyConfig.HTTPProxy
-			httpsProxy = mustGather.Spec.ProxyConfig.HTTPSProxy
-			noProxy = mustGather.Spec.ProxyConfig.NoProxy
-		}
-	}
-
-	// Fallback to operator's environment proxy variables only if not provided in the CR
-	if httpProxy == "" && httpsProxy == "" {
-		envVars := proxy.ReadProxyVarsFromEnv()
-		// the below loop should implicitly handle len(envVars) > 0
-		for _, envVar := range envVars {
-			switch envVar.Name {
-			case "HTTP_PROXY":
-				httpProxy = envVar.Value
-			case "HTTPS_PROXY":
-				httpsProxy = envVar.Value
-			case "NO_PROXY":
-				noProxy = envVar.Value
-			}
+	// Use operator's environment proxy variables
+	envVars := proxy.ReadProxyVarsFromEnv()
+	// the below loop should implicitly handle len(envVars) > 0
+	for _, envVar := range envVars {
+		switch envVar.Name {
+		case "HTTP_PROXY":
+			httpProxy = envVar.Value
+		case "HTTPS_PROXY":
+			httpsProxy = envVar.Value
+		case "NO_PROXY":
+			noProxy = envVar.Value
 		}
 	}