Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restrict ALLOWED_HOSTS #307

Merged
merged 1 commit into from
Mar 27, 2024
Merged

Restrict ALLOWED_HOSTS #307

merged 1 commit into from
Mar 27, 2024

Conversation

bshephar
Copy link
Collaborator

@bshephar bshephar commented Mar 25, 2024
edited
Loading

This change removes the ALLOWED_HOSTS=* and restricts it
instead to the service Endpoint of the Horizon service

@openshift-ci openshift-ci bot requested review from stuggi and viroel March 25, 2024 09:48
@bshephar bshephar force-pushed the no-allowed-hosts-all branch 2 times, most recently from e2637c2 to a30fa31 Compare March 26, 2024 06:14
@bshephar bshephar force-pushed the no-allowed-hosts-all branch from 7b1a147 to 06906f4 Compare March 26, 2024 06:17
@bshephar bshephar force-pushed the no-allowed-hosts-all branch 2 times, most recently from eac45a3 to aef172e Compare March 26, 2024 11:15
@bshephar
Restrict ALLOWED_HOSTS
37cb430 
This change removes the ALLOWED_HOSTS=* and restricts it
instead to the Route Host and also the IP address of the pod.

To determine the IP address of the pod, this PR adds a function
that will retrieve the pods primary interface IP address and insert it
into the ALLOED_HOSTS list. This will facilitate liveness checks against
each of the pods.

Signed-off-by: Brendan Shephard <[email protected]>
@bshephar bshephar force-pushed the no-allowed-hosts-all branch from aef172e to 37cb430 Compare March 26, 2024 11:19
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Mar 27, 2024

@deshipu: changing LGTM is restricted to collaborators

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

abays
abays approved these changes Mar 27, 2024
View reviewed changes
Copy link
Contributor

@abays abays left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Mar 27, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Mar 27, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abays, bshephar, deshipu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 7b8ae01 into openstack-k8s-operators:main Mar 27, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abays abays abays approved these changes

@deshipu deshipu deshipu approved these changes

@stuggi stuggi Awaiting requested review from stuggi

@viroel viroel Awaiting requested review from viroel

Assignees

@abays abays

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bshephar @deshipu @abays @openshift-merge-robot