diff --git a/pkg/deploy/dashboard/dashboard.go b/pkg/deploy/dashboard/dashboard.go index 0b6a2b124..d1b3c1f03 100644 --- a/pkg/deploy/dashboard/dashboard.go +++ b/pkg/deploy/dashboard/dashboard.go @@ -120,7 +120,7 @@ func (d *DashboardReconciler) Finalize(ctx *deploy.DeployContext) bool { func (d *DashboardReconciler) createGatewayConfig(ctx *deploy.DeployContext) *gateway.TraefikConfig { cfg := gateway.CreateCommonTraefikConfig( d.getComponentName(ctx), - fmt.Sprintf("PathPrefix(`%s`)", exposePath), + fmt.Sprintf("Path(`/`, `/f`) || PathPrefix(`%s`)", exposePath), 10, "http://"+d.getComponentName(ctx)+":8080", []string{}) diff --git a/pkg/deploy/gateway/gateway.go b/pkg/deploy/gateway/gateway.go index 2468b37d5..e9d8999d0 100644 --- a/pkg/deploy/gateway/gateway.go +++ b/pkg/deploy/gateway/gateway.go @@ -218,7 +218,7 @@ func DeleteGatewayRouteConfig(componentName string, deployContext *deploy.Deploy func getGatewayServerConfigSpec(deployContext *deploy.DeployContext) (corev1.ConfigMap, error) { cfg := CreateCommonTraefikConfig( serverComponentName, - "Path(`/`, `/f`) || PathPrefix(`/api`, `/swagger`, `/_app`)", + "PathPrefix(`/api`, `/swagger`, `/_app`)", 1, "http://"+deploy.CheServiceName+":8080", []string{}) diff --git a/pkg/deploy/gateway/gateway_test.go b/pkg/deploy/gateway/gateway_test.go index 1eca95d48..1c35def59 100644 --- a/pkg/deploy/gateway/gateway_test.go +++ b/pkg/deploy/gateway/gateway_test.go @@ -153,7 +153,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"/healthz$\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/$|/healthz$|^/dashboard/static/preload\"") { t.Errorf("oauth config shold not contain any skip auth when both registries are external") } }) @@ -170,7 +170,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/devfile-registry|/healthz$\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload\"") { t.Error("oauth config should skip auth for devfile registry", config) } }) @@ -187,7 +187,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|/healthz$\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/$|/healthz$|^/dashboard/static/preload\"") { t.Error("oauth config should skip auth for plugin registry", config) } }) @@ -204,7 +204,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/devfile-registry|/healthz$\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload\"") { t.Error("oauth config should skip auth for plugin and devfile registry.", config) } }) diff --git a/pkg/deploy/gateway/oauth_proxy.go b/pkg/deploy/gateway/oauth_proxy.go index dd2be8d3c..18ed31ead 100644 --- a/pkg/deploy/gateway/oauth_proxy.go +++ b/pkg/deploy/gateway/oauth_proxy.go @@ -118,7 +118,9 @@ func skipAuthConfig(instance *orgv1.CheCluster) string { if !instance.Spec.Server.ExternalDevfileRegistry { skipAuthPaths = append(skipAuthPaths, "^/"+deploy.DevfileRegistryName) } + skipAuthPaths = append(skipAuthPaths, "^/$") skipAuthPaths = append(skipAuthPaths, "/healthz$") + skipAuthPaths = append(skipAuthPaths, "^/dashboard/static/preload") if len(skipAuthPaths) > 0 { propName := "skip_auth_routes" if util.IsOpenShift {