Allow loading preload page without authorization (#1360)

* feat: remove entry point from server getaway Signed-off-by: Oleksii Orel <oorel@redhat.com> * feat: add entry point for dashboard getaway Signed-off-by: Oleksii Orel <oorel@redhat.com> * feat: allow loading preload page without authorization Signed-off-by: Oleksii Orel <oorel@redhat.com>
2022-04-22 21:59:05 +03:00 · 2022-04-22 21:59:05 +03:00 · 96574bb600
parent 09fc028cbc
commit 96574bb600
4 changed files with 8 additions and 6 deletions
--- a/pkg/deploy/dashboard/dashboard.go
+++ b/pkg/deploy/dashboard/dashboard.go
@ -120,7 +120,7 @@ func (d *DashboardReconciler) Finalize(ctx *deploy.DeployContext) bool {
 func (d *DashboardReconciler) createGatewayConfig(ctx *deploy.DeployContext) *gateway.TraefikConfig {
 	cfg := gateway.CreateCommonTraefikConfig(
 		d.getComponentName(ctx),
-		fmt.Sprintf("PathPrefix(`%s`)", exposePath),
+		fmt.Sprintf("Path(`/`, `/f`) || PathPrefix(`%s`)", exposePath),
 		10,
 		"http://"+d.getComponentName(ctx)+":8080",
 		[]string{})
--- a/pkg/deploy/gateway/gateway.go
+++ b/pkg/deploy/gateway/gateway.go
@ -218,7 +218,7 @@ func DeleteGatewayRouteConfig(componentName string, deployContext *deploy.Deploy
 func getGatewayServerConfigSpec(deployContext *deploy.DeployContext) (corev1.ConfigMap, error) {
 	cfg := CreateCommonTraefikConfig(
 		serverComponentName,
-		"Path(`/`, `/f`) || PathPrefix(`/api`, `/swagger`, `/_app`)",
+		"PathPrefix(`/api`, `/swagger`, `/_app`)",
 		1,
 		"http://"+deploy.CheServiceName+":8080",
 		[]string{})
--- a/pkg/deploy/gateway/gateway_test.go
+++ b/pkg/deploy/gateway/gateway_test.go
@ -153,7 +153,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) {

 		configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol")
 		config := configmap.Data["oauth-proxy.cfg"]
-		if !strings.Contains(config, "skip_auth_regex = \"/healthz$\"") {
+		if !strings.Contains(config, "skip_auth_regex = \"^/$|/healthz$|^/dashboard/static/preload\"") {
 			t.Errorf("oauth config shold not contain any skip auth when both registries are external")
 		}
 	})
@ -170,7 +170,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) {

 		configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol")
 		config := configmap.Data["oauth-proxy.cfg"]
-		if !strings.Contains(config, "skip_auth_regex = \"^/devfile-registry|/healthz$\"") {
+		if !strings.Contains(config, "skip_auth_regex = \"^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload\"") {
 			t.Error("oauth config should skip auth for devfile registry", config)
 		}
 	})
@ -187,7 +187,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) {

 		configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol")
 		config := configmap.Data["oauth-proxy.cfg"]
-		if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|/healthz$\"") {
+		if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/$|/healthz$|^/dashboard/static/preload\"") {
 			t.Error("oauth config should skip auth for plugin registry", config)
 		}
 	})
@ -204,7 +204,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) {

 		configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol")
 		config := configmap.Data["oauth-proxy.cfg"]
-		if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/devfile-registry|/healthz$\"") {
+		if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload\"") {
 			t.Error("oauth config should skip auth for plugin and devfile registry.", config)
 		}
 	})
--- a/pkg/deploy/gateway/oauth_proxy.go
+++ b/pkg/deploy/gateway/oauth_proxy.go
@ -118,7 +118,9 @@ func skipAuthConfig(instance *orgv1.CheCluster) string {
 	if !instance.Spec.Server.ExternalDevfileRegistry {
 		skipAuthPaths = append(skipAuthPaths, "^/"+deploy.DevfileRegistryName)
 	}
+	skipAuthPaths = append(skipAuthPaths, "^/$")
 	skipAuthPaths = append(skipAuthPaths, "/healthz$")
+	skipAuthPaths = append(skipAuthPaths, "^/dashboard/static/preload")
 	if len(skipAuthPaths) > 0 {
 		propName := "skip_auth_routes"
 		if util.IsOpenShift {