(incubator-devlake-helm-chart) branch main updated: feat: add authorization to health probes (#249)

Sun, 18 Feb 2024 08:27:05 -0800 

This is an automated email from the ASF dual-hosted git repository.

zhangning pushed a commit to branch main
in repository 
https://gitbox.apache.org/repos/asf/incubator-devlake-helm-chart.git


The following commit(s) were added to refs/heads/main by this push:
     new 37aa131  feat: add authorization to health probes (#249)
37aa131 is described below

commit 37aa131b840cb4465ed74623b53f20441e9dd7c1
Author: David GirĂ³n <[email protected]>
AuthorDate: Sun Feb 18 17:26:07 2024 +0100

    feat: add authorization to health probes (#249)
    
    * feat: add authorization to health probes
    
    * disable httpHeaders if basicAuth not enabled
---
 charts/devlake/templates/_helpers.tpl     | 11 +++++++++++
 charts/devlake/templates/deployments.yaml | 10 +++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/charts/devlake/templates/_helpers.tpl 
b/charts/devlake/templates/_helpers.tpl
index 3f5911e..8481574 100644
--- a/charts/devlake/templates/_helpers.tpl
+++ b/charts/devlake/templates/_helpers.tpl
@@ -112,6 +112,17 @@ The ui endpoint
 {{- end -}}
 {{- end -}}
 
+{{- define "devlake.ui.auth.probe" -}}
+{{- with .Values.ui.basicAuth }}
+  {{- if .enabled -}}
+name: Authorization
+value: {{ printf "Basic %s" (printf "%s:%s" .user .password | b64enc) | quote 
}}
+  {{- else -}}
+[]
+  {{- end }}
+{{- end }}
+{{- end }}
+
 {{- define "devlake.lake.encryption.secret" -}}
 {{- if .Values.lake.encryptionSecret.secretName -}}
 {{- .Values.lake.encryptionSecret.secretName -}}
diff --git a/charts/devlake/templates/deployments.yaml 
b/charts/devlake/templates/deployments.yaml
index 197476c..cfffed1 100644
--- a/charts/devlake/templates/deployments.yaml
+++ b/charts/devlake/templates/deployments.yaml
@@ -64,15 +64,23 @@ spec:
           imagePullPolicy: {{ .Values.ui.image.pullPolicy }}
           ports:
             - containerPort: 4000
+          {{- $httpAuthProbe := (include "devlake.ui.auth.probe" $ | fromYaml 
| list) }}
+          {{- $basicAuth := .Values.ui.basicAuth.enabled }}
           {{- with .Values.ui.livenessProbe }}
           livenessProbe:
+            {{- if and ($basicAuth) (not (hasKey .httpGet "httpHeaders")) }}
+              {{- $_ := set .httpGet "httpHeaders" ($httpAuthProbe) }}
+            {{- end }}
             {{- toYaml . | nindent 12 }}
           {{- end }}
           {{- with .Values.ui.readinessProbe }}
           readinessProbe:
+            {{- if and ($basicAuth) (not (hasKey .httpGet "httpHeaders")) }}
+              {{- $_ := set .httpGet "httpHeaders" ($httpAuthProbe) }}
+            {{- end }}
             {{- toYaml . | nindent 12 }}
           {{- end }}
-          {{- if .Values.ui.basicAuth.enabled }}
+          {{- if $basicAuth }}
           envFrom:
             - secretRef:
                 name: {{ include "devlake.ui.auth.secret" . }}

Reply via email to