Add TLS and proxy settings to connection settings

proto/opamp.proto

@@ -277,6 +277,16 @@ message OpAMPConnectionSettings {
     // If this field has no value or is set to 0, the Agent should not send any heartbeats.
     // Status: [Development]
     uint64 heartbeat_interval_seconds = 4;
+
+    // Additional connection settings. These are Agent-specific and are up to the Agent
+    // interpret.
+    map<string, string> other_settings = 5;
+
+    // Optional connection specific TLS settings.
+    TLSConnectionSettings tls = 6;
+
+    // Optional connection specific proxy settings.
+    ProxyConnectionSettings proxy = 7;
 }
 
 // The TelemetryConnectionSettings message is a collection of fields which comprise an
@@ -303,6 +313,16 @@ message TelemetryConnectionSettings {
     // This field is optional: if omitted the client SHOULD NOT use a client-side certificate.
     // This field can be used to perform a client certificate revocation/rotation.
     TLSCertificate certificate = 3;
+
+    // Additional connection settings. These are Agent-specific and are up to the Agent
+    // interpret.
+    map<string, string> other_settings = 4;
+
+    // Optional connection specific TLS settings.
+    TLSConnectionSettings tls = 5;
+
+    // Optional connection specific proxy settings.
+    ProxyConnectionSettings proxy = 6;
 }
 
 // The OtherConnectionSettings message is a collection of fields which comprise an
@@ -348,6 +368,71 @@ message OtherConnectionSettings {
     // Other connection settings. These are Agent-specific and are up to the Agent
     // interpret.
     map<string, string> other_settings = 4;
+
+    // Optional connection specific TLS settings.
+    TLSConnectionSettings tls = 5;
+
+    // Optional connection specific proxy settings.
+    ProxyConnectionSettings proxy = 6;
+}
+
+// Status: [Beta]
+message TLSConnectionSettings {
+  // Insecure is false by default, if true TLS will be disabled for the connection.
+  bool insecure = 1;
+
+  // Optional path to the CA file on disk
+  string ca_file = 2;
+
+  // Alternative to ca_file, Provides CA cert contents as a string
+  string ca_pem = 3;
+
+  // Load system CA pool alongside any specifed CAs (provided through ca_file or ca_path).
+  bool include_system_ca_certs_pool = 4;
+
+  // skip certificate verification
+  bool insecure_skip_verify = 5;
+
+  // Miniumum accepted TLS version; default "1.2".
+  string min_version = 6;
+
+  // Maxiumum accepted TLS version; default "".
+  string max_version = 7;
+
+  // Explicit list of cipher suites.
+  repeated string cipher_suites = 8;
+}
+
+// Status: [Beta]
+message ProxyConnectionSettings {
+    // disable using a proxy for the connection.
+    // If true configured settings, and environment variables are ignored for the connection.
+    bool disable = 1;
+
+    // A URL, host:port or some other destination specifier.
+    string destination_endpoint = 2;
+
+    // Optional headers to use when connecting. Typically used to set access tokens or
+    // other authorization headers. For HTTP-based protocols the Agent should
+    // set these in the request headers.
+    // For example:
+    // key="Authorization", Value="Basic YWxhZGRpbjpvcGVuc2VzYW1l".
+    Headers headers = 3;
+
+    // The Agent should use the offered certificate to connect to the destination
+    // from now on. If the Agent is able to validate and connect using the offered
+    // certificate the Agent SHOULD forget any previous client certificates
+    // for this connection.
+    // This field is optional: if omitted the client SHOULD NOT use a client-side certificate.
+    // This field can be used to perform a client certificate revocation/rotation.
+    TLSCertificate certificate = 4;
+
+    // Other connection settings. These are Agent-specific and are up to the Agent
+    // interpret.
+    map<string, string> other_settings = 5;
+
+    // Connection specific TLS settings.
+    TLSConnectionSettings tls = 6;
 }
 
 // Status: [Beta]