Neki
commented
8 months ago Thanks for the review, I bumped the chart version.
Closed Neki closed 7 months ago
Neki
commented
8 months ago Thanks for the review, I bumped the chart version.
About the changes
Update
test-connection.yamlin the Unleash proxy Helm chart to use an authenticated route.The currently used route
/proxy/healthdoes not require authentication. The Authentication header is ignored for this route. Even if there's an issue with the way client shared secrets are configured, thetest-connection.yamltest will succeed.Using the
/proxyroute (which does require authentication) allows testing a shared secret.This change implements the recommended method to test the proxy deployment from https://docs.getunleash.io/how-to/how-to-run-the-unleash-proxy#verify-that-the-proxy-is-working
Also update the way
wgetis called (the Authentication header was not correctly set, but as it was ignored this mistake was not visible).Note: The same Helm value is used to configure the proxy shared secrets environment variable, and the authentication header in test-connection.yaml. As such, as long as the chart is correct, the user can't actually make a mistake here.
However, this test is misleading to a user reading the chart templates and manually reproducing the test against the deployed proxy, as the current test does not actually validates shared secrets.
Important files
This change should be easy to review (it's a three line change).
I manually tested the Helm chart with this change against our environment, and checked that
helm teststill works.Discussion points
N/A