`trust_env=False` hardcoded in CLI — no way to configure proxy settings

[marcelo-astrafy]

Describe the issue

All run_* functions in cli.py create the httpx.AsyncClient with trust_env=False hardcoded:

async_client = httpx.AsyncClient(trust_env=False)

This means standard proxy environment variables (HTTPS_PROXY, HTTP_PROXY, NO_PROXY) are always ignored when using the CLI, with no way to override this behaviour. There is no CLI flag, environment variable, or config file option to re-enable proxy support.

Impact

In corporate/enterprise environments where outbound HTTPS traffic is routed through a proxy (commonly configured via HTTPS_PROXY/HTTP_PROXY env vars on CI runners), the spectacles CLI fails with a ConnectError at the TLS handshake stage — even when credentials are correct and the Looker instance is reachable. The same validation works fine when using the spectacles Python API directly with httpx.AsyncClient() (default trust_env=True).

Current workarounds

Neither workaround is acceptable for production use:

1. Bypass the CLI entirely and call LookerClient and Runner directly in a custom Python script, replicating what the CLI does internally. This defeats the purpose of having a CLI.
2. Monkey-patch httpx.AsyncClient at runtime before spectacles imports it, forcing trust_env=True. This is fragile and inappropriate for a CI pipeline.

Proposed fix

Add a --trust-env flag (and corresponding SPECTACLES_TRUST_ENV env var) to the base subparser:

base_subparser.add_argument(
    "--trust-env",
    action=EnvVarStoreTrueAction,
    env_var="SPECTACLES_TRUST_ENV",
    help="Allow httpx to read proxy settings from environment variables (HTTPS_PROXY, HTTP_PROXY, NO_PROXY).",
)

And pass it through to each run_* function:

async_client = httpx.AsyncClient(trust_env=args.trust_env)

Environment

• Spectacles version: 2.4.17
• Python: 3.10