fix nginx.conf

Signed-off-by: Francesco Ilario <filario@redhat.com>
redhat-appstudio · Jan 20, 2025 · 2d29e53 · 2d29e53
1 parent c56966a
commit 2d29e53
Showing 1 changed file with 23 additions and 30 deletions.
diff --git a/components/konflux-ui/staging/base/proxy/nginx.conf b/components/konflux-ui/staging/base/proxy/nginx.conf
@@ -35,9 +35,9 @@ http {
         '' close;
     }
 
-    map $request_method $is_get_request {
-      default 0;
-      GET     1;
+    map $request_method $ns_target {
+      GET     namespacelister;
+      default kubeapi;
     }
 
     server {
@@ -167,45 +167,38 @@ http {
         }
 
         # GET requests to the following endpoints are handled from the namespace-lister.
-        # * /api/k8s/api/v1/namespace
-        # * /api/k8s/api/v1/namespace/
+        # * /api/k8s/api/v1/namespaces
+        # * /api/k8s/api/v1/namespaces/
         #
         # Requests with other methods are handled by the Kube-API
-        location ~* /api/k8s/api/v1/namespaces(/?)$ {
-            # authenticate request
+        location ~* ^/api/k8s/api/v1/namespaces(/?)$ {
+            try_files $uri @$ns_target;
+        }
+
+        location @namespacelister {
             auth_request_set $email  $upstream_http_x_auth_request_email;
             auth_request /oauth2/auth;
-
-            # common
-            rewrite ^/api/k8s/(.*)/$ /$1 break;
             proxy_read_timeout 30m;
             proxy_set_header X-Email $email;
 
-            # namespace-lister
-            if ($is_get_request) {
-              proxy_pass http://namespace-lister.namespace-lister.svc.cluster.local:8080;
-              break;
-            }
-
-            # Kube-API
+            rewrite ^.*$ /api/v1/namespaces break;
+
+            proxy_pass http://namespace-lister.namespace-lister.svc.cluster.local:8080;
+        }
+
+        location @kubeapi {
+            auth_request_set $email  $upstream_http_x_auth_request_email;
+            auth_request /oauth2/auth;
+            proxy_read_timeout 30m;
+            proxy_set_header X-Email $email;
+
+            rewrite ^/api/k8s/(.*)/$ /$1 break;
+
             proxy_pass https://kubernetes.default.svc;
             proxy_set_header Impersonate-User $email;
             include /mnt/nginx-generated-config/bearer.conf;
         }
 
-        # All namespaced requests are forwarded to Kube-API
-        location /api/k8s/api/v1/namespaces/ {
-          # Kube-API
-          auth_request_set $email  $upstream_http_x_auth_request_email;
-          auth_request /oauth2/auth;
-
-          rewrite /api/k8s/(.+) /$1 break;
-          proxy_pass https://kubernetes.default.svc;
-          proxy_read_timeout 30m;
-          proxy_set_header Impersonate-User $email;
-          include /mnt/nginx-generated-config/bearer.conf;
-        }
-
         location /health {
             # Used for liveness probes
             return 200;