Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to request plugins/devfiles without authentication #20449

Closed
Tracked by #20444
sleshchenko opened this issue Sep 9, 2021 · 1 comment
Closed
Tracked by #20444

Unable to request plugins/devfiles without authentication #20449

sleshchenko opened this issue Sep 9, 2021 · 1 comment
Assignees
@sparkoo
Labels
area/che-server kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.

Comments

@sleshchenko
Copy link
Member

sleshchenko commented Sep 9, 2021
edited
Loading

Describe the bug

Devfile and Plugin Registries used to be publicly available, but with Native authentication, it's not the case anymore, which lead to complexity for some components, but it's not really clear if it's requirement or not.

And there are corner cases which may be fully broken by that change, like when in-cluster communication is not allowed.

Che version

next (development version)

Steps to reproduce

  1. Deploy Che with DevWorkspaces enabled on OpenShift.
  2. Try to curl devfile or plugin registry

Expected behavior

Content is received

Runtime

OpenShift

Screenshots

No response

Installation method

chectl/next

Environment

Linux

Eclipse Che Logs

No response

Additional context

No response
@sleshchenko sleshchenko added kind/bug Outline of a bug - must adhere to the bug report template. area/che-server labels Sep 9, 2021
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Sep 9, 2021
@dmytro-ndp dmytro-ndp added severity/P1 Has a major impact to usage or development of the system. team/platform and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Sep 9, 2021
@sparkoo
Copy link
Member

sparkoo commented Sep 13, 2021

we've agreed that registries should be accessible without authentication. It should be doable with -bypass-auth-for or -skip-auth-regex on openshift/oauth-proxy https://github.com/openshift/oauth-proxy/blob/master/README.md#command-line-options.

On upstream oauth2-proxy, it's --skip-auth-route https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/overview/#command-line-options

@sparkoo sparkoo mentioned this issue Sep 17, 2021
Merged
11 tasks
@sparkoo sparkoo self-assigned this Sep 17, 2021
@sparkoo sparkoo closed this as completed Sep 17, 2021
@skabashnyuk skabashnyuk mentioned this issue Sep 20, 2021
Closed
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sparkoo sparkoo

Labels
area/che-server kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sparkoo @dmytro-ndp @sleshchenko @che-bot