Add proxy support for corporate environments

[manoharnv]

Problem

The Dynatrace MCP Server was not honoring system proxy settings (https_proxy, HTTPS_PROXY, no_proxy, NO_PROXY environment variables), causing connection failures when running behind corporate proxies. This prevented users in enterprise environments from using the MCP server to connect to their Dynatrace environments.

Solution

This PR implements proxy support by configuring undici's ProxyAgent early in the application startup process, before any HTTP requests are made. The solution leverages undici (already available as a transitive dependency via dt-app), which is the underlying implementation of Node.js's global fetch API.

Key Changes

New proxy configuration utility (src/utils/proxy-config.ts):

• Detects and parses proxy environment variables (https_proxy, HTTPS_PROXY, http_proxy, HTTP_PROXY)
• Configures undici's global dispatcher to route all HTTP requests through the proxy
• Supports no_proxy / NO_PROXY for documenting bypass hosts (parsed and logged)
• Includes case-insensitive environment variable support
• Handles errors gracefully, allowing the server to continue without proxy if configuration fails

Integration (src/index.ts):

• Calls configureProxyFromEnvironment() early in the startup process
• Ensures all HTTP requests (OAuth token requests, Dynatrace API calls, environment checks) honor proxy settings

Documentation:

• Added comprehensive proxy configuration section to README.md
• Updated CHANGELOG.md with the new feature
• Added proxy examples to .env.template
• Includes clear note about no_proxy limitation

Testing

• Added 14 comprehensive unit tests covering all proxy scenarios
• All 99 unit tests passing
• Tested with multiple configurations: HTTPS_PROXY, HTTP_PROXY fallback, NO_PROXY lists, and no proxy
• Verified server starts correctly with and without proxy configuration

Usage Example

# Set proxy environment variables
export HTTPS_PROXY=http://proxy.company.com:8080
export NO_PROXY=localhost,127.0.0.1,.company.local
export DT_ENVIRONMENT=https://abc12345.apps.dynatrace.com

# Start the MCP server
npx @dynatrace-oss/dynatrace-mcp-server

Expected output:

Initializing Dynatrace MCP Server v0.9.2...
Configuring proxy from environment: http://proxy.company.com:8080
No proxy hosts configured: localhost, 127.0.0.1, .company.local
✅ Proxy configured successfully: http://proxy.company.com:8080

Known Limitation

The no_proxy environment variable is currently parsed and logged for informational purposes but not fully enforced by undici's ProxyAgent. This is a limitation of the underlying HTTP client library. Users who need no_proxy functionality should configure their proxy servers to handle these exclusions. This limitation is clearly documented in both code comments and user-facing documentation.

Impact

• No breaking changes - Proxy configuration is completely optional
• Zero additional dependencies - Uses existing undici package
• Backward compatible - Works exactly as before when no proxy is configured
• Production ready - Comprehensive testing and error handling

[dynatrace-cla-bot]

All committers have signed the CLA.

[christian-kreuzberger-dtx]

Thank you for the contribution! On the surface, this already looks great, I'll dive into the details later.

One question upfront though: Do we need undici (a fetch polyfil) for this to work properly? Since Node v20 (or was it 22?), fetch is built-in, and we should not require to interact with undici.

[manoharnv]

Thank you for the contribution! On the surface, this already looks great, I'll dive into the details later.

One question upfront though: Do we need undici (a fetch polyfil) for this to work properly? Since Node v20 (or was it 22?), fetch is built-in, and we should not require to interact with undici.

we could use https-proxy-agent. However I chose to use undici since it is already a transitive dependency of fetch

[christian-kreuzberger-dtx]

we could use https-proxy-agent. However I chose to use undici since it is already a transitive dependency of fetch

Thanks, didn't know that - I also just checked, and you're right, undici is already there 👍

Using this as a proxy is the way to go: https://undici.nodejs.org/#/docs/api/ProxyAgent?id=example-basic-proxyagent-instantiation

[christian-kreuzberger-dtx]

Conditional approval for the proposed changes 👍

Still to be done:

• Move the text in README.md a couple of lines towards the bottom, so it's not in between the config description for DT_ENVIRONMENT
• Consider removing the shouldBypassProxy helper, as it's not used

edit: Please sign the CLA

[manoharnv]

Conditional approval for the proposed changes 👍

Still to be done:

• Move the text in README.md a couple of lines towards the bottom, so it's not in between the config description for DT_ENVIRONMENT
• Consider removing the shouldBypassProxy helper, as it's not used

edit: Please sign the CLA

Issues addressed.
CLA signed for myself. Do we need to sign for copilot too? how to do it?

[christian-kreuzberger-dtx]

LGTM

[christian-kreuzberger-dtx]

@manoharnv Thank you for the changes ;)
I've reached out internally to get the CLA stuff for copilot handled. If that doesn't work... we will find a way 🤷