search

supabase-community / supabase-kubernetes

Helm 3 charts to deploy a Supabase on Kubernetes
Apache License 2.0
456 stars 119 forks source link

No dashboard gateway authentication #70

Closed Velka-DEV closed 5 months ago

Velka-DEV commented 5 months ago

Bug report

Describe the bug

When browsing to my studio url, there is no "auth" page that protect the studio like it should be (i guess ?).

I foud this issue about the same problem (#33) but it ended with nothing while the self-hosting docker doc clearly make mention off that mechanism

And the values are declared so should be used:

  dashboard:
    username: ****
    password: *****

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

Clean fresh deploy using values for dashboard auth.

Expected behavior

The dashboard should be protected with credentials.

System information

studio:
  image:
    tag: 20240326-5e5586d

kong:
  image:
    repository: kong
    tag: 2.8.1
Velka-DEV commented 5 months ago

This morning when i tried to go to my supabase studio, i finally get a basic authentication request from my browser. So assume that there is a period after deployment where the auth is not yet active. I still think this is a problem specially for security.

arpagon commented 5 months ago

Thank you for raising this issue. This Helm Chart is based on how Supabase recommends deployment, specifically following the implementation in the docker-compose developed and maintained by Supabase. While it’s possible to reimplement authentication using an SSO solution, this approach would fall outside the scope of this project. We appreciate your understanding and are open to contributions that align with our project's goals.