By default, users can't create private routes (where route hosts end in .cluster.local which creates a route .svc.cluster.local). As is, it is necessary to go into keycloak authz and add .svc.cluster.local to perm-domains.
Resolution could include adding .svc.cluster.local to the default list of allowed_domains or otherwise modifying the function logic.
I have a note from a conversation with Aidan that the issue may be a misplaced if statement (should be else) following the if statement checking if it’s a valid local route, but I'm not soo sure about this.
By default, users can't create private routes (where route hosts end in
.cluster.localwhich creates a route.svc.cluster.local). As is, it is necessary to go into keycloak authz and add.svc.cluster.localtoperm-domains.The issue likely lies in
validate_hosts()here - https://github.com/bcgov/gwa-api/blob/0e2ff4dbf89b644950caf0744d301a448c964912/microservices/gatewayApi/v1/routes/gateway.py#L538Resolution could include adding
.svc.cluster.localto the default list ofallowed_domainsor otherwise modifying the function logic.I have a note from a conversation with Aidan that the issue may be a misplaced if statement (should be else) following the if statement checking if it’s a valid local route, but I'm not soo sure about this.