Integrate simple auth basic to Openshift Routes.

[jkroepke]

Hi,

HAProxy supports auth basic. Sometimes its required to simply protect debug/dev or web server stats urls.

It would be nicely if routes can be project via annotations. Is might looks insecure, but since certificates are included as plaintext so it should be okay.

Version

oc version
oc v3.9.0+191fece
kubernetes v1.9.1+a0ce1bc657
features: Basic-Auth

Server 
openshift v3.9.0+71543b2-33
kubernetes v1.9.1+a0ce1bc657

Additional Information

HAProxy documentations: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#3.4

With the new ingress handler upcoming in 3.10, auth basic credentials can be provided as secret like: https://github.com/kubernetes/ingress-nginx/tree/c9fcefe8401cb9e61d5989d836aa7e9dbda71ca1/docs/examples/auth/basic

[hufon]

+1

[jwforres]

@openshift/sig-network-edge

[openshift-merge-robot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[jkroepke]

/lifecycle frozen

[jkroepke]

/remove-lifecycle stale

[ibotty]

That would be really great. It is possible with custom templating and mounting a secret. Would you accept a PR implementing it?

[jkroepke]

mounting a secret

RedHat decide to avoid a dependency against user provided secrets.

Thats one reason why certificate and private keys are part of the Route object.

It looks like the content of a htaccss needs to be passed inside a value of a annotation.