From 94934bfe17fa0a1e1b08dc35a8a5b0acbb993c8e Mon Sep 17 00:00:00 2001 From: Anatolii Bazko Date: Thu, 15 Jun 2023 13:58:24 +0200 Subject: [PATCH] fix: Getting branding assets from Eclipse Che Dashboard should not require authentiction (#1708) Signed-off-by: Anatolii Bazko --- pkg/deploy/gateway/gateway_test.go | 8 ++++---- pkg/deploy/gateway/oauth_proxy.go | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/pkg/deploy/gateway/gateway_test.go b/pkg/deploy/gateway/gateway_test.go index 45866a2692..7ee143a763 100644 --- a/pkg/deploy/gateway/gateway_test.go +++ b/pkg/deploy/gateway/gateway_test.go @@ -162,7 +162,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/$|/healthz$|^/dashboard/static/preload\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/$|/healthz$|^/dashboard/static/preload|^/dashboard/assets/branding/loader.svg$\"") { t.Errorf("oauth config shold not contain any skip auth when both registries are external") } }) @@ -183,7 +183,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload|^/dashboard/assets/branding/loader.svg$\"") { t.Error("oauth config should skip auth for devfile registry", config) } }) @@ -204,7 +204,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/$|/healthz$|^/dashboard/static/preload\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/$|/healthz$|^/dashboard/static/preload|^/dashboard/assets/branding/loader.svg$\"") { t.Error("oauth config should skip auth for plugin registry", config) } }) @@ -225,7 +225,7 @@ func TestOauthProxyConfigUnauthorizedPaths(t *testing.T) { configmap := getGatewayOauthProxyConfigSpec(ctx, "blabol") config := configmap.Data["oauth-proxy.cfg"] - if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload\"") { + if !strings.Contains(config, "skip_auth_regex = \"^/plugin-registry|^/devfile-registry|^/$|/healthz$|^/dashboard/static/preload|^/dashboard/assets/branding/loader.svg$\"") { t.Error("oauth config should skip auth for plugin and devfile registry.", config) } }) diff --git a/pkg/deploy/gateway/oauth_proxy.go b/pkg/deploy/gateway/oauth_proxy.go index ad6e20a577..3b480fa7cc 100644 --- a/pkg/deploy/gateway/oauth_proxy.go +++ b/pkg/deploy/gateway/oauth_proxy.go @@ -146,6 +146,7 @@ func skipAuthConfig(instance *chev2.CheCluster) string { skipAuthPaths = append(skipAuthPaths, "^/$") skipAuthPaths = append(skipAuthPaths, "/healthz$") skipAuthPaths = append(skipAuthPaths, "^/dashboard/static/preload") + skipAuthPaths = append(skipAuthPaths, fmt.Sprintf("^%s$", defaults.GetConsoleLinkImage())) if len(skipAuthPaths) > 0 { propName := "skip_auth_routes" if infrastructure.IsOpenShift() {