no_proxy config setting is overridden by http_proxy environment variable

Puppet Version: 6.8.0
Puppet Server Version: 6.5.0
OS Name/Version: CentOS 6/7

I'm seeing puppet-agent fail to respect the no_proxy setting when defined in the config file. Having checked the diff that merged this support into 6.8.0, I've added some debug logging to identify the code path being taken, and it correctly determines a proxy should be bypassed, but then tries to use the proxy to connect to the puppetserver anyway, which is blocked by local policy

Desired Behavior:

Puppet agent should respect the no_proxy setting in puppet.conf

Actual Behavior:

puppet agent --test --server_list master1 --noop

# Lots of debug output omitted

Debug: LOCAL Using settings no_proxy 10.0.0.0/8,example.com,*.example.com,local,*.local,127.0.0.1,localhost,master1,master2

Debug: LOCAL not using proxy because destination (?-mix:^master1$) matched a no_proxy entry for master1

Debug: LOCAL not using proxy because no_proxy? returned True

Debug: Starting connection for https://master1:8140

Debug: Unable to connect to server from server_list setting: 403 "Forbidden"

Error: Could not run Puppet configuration client: Could not select a functional puppet master from server_list: 'master1'

# 403 Forbidden is coming from local webproxy

(hostnames and actual value of no_proxy obfuscated. Lines containing LOCAL are local modifications to the puppet code to expose the behaviour).

I only see this happen when the no_proxy setting is being read from puppet.conf. If no_proxy is set as env var, it properly bypasses the proxy for the unqualified hostname which matches the no_proxy value.

It feels like puppet agent is not using the proxy settings from puppet.conf at all. It does all the work to decide whether it should and that answer isn't respected by the thing that actually makes the requests to the puppetserver