Question: Does Clowarden Server support HTTPS? #341
-
|
Hi~ I'm from Karmada, and we're interested in adopting CLOWarden to manage repos and teams. When deploying a Clowarden instance according to the tutorial, it was found that when the GitHub App uses the URL We couldn't deliver this payload: http: server gave HTTP response to HTTPS clientWhen changed to In addition, what is the role of the |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @zhzhuang-zju 👋 The CLOWarden server itself does not support HTTPS directly, but you can handle TLS termination at the ingress level. Example using some custom ingress annotations for the AWS LB: ingress:
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{ "HTTP": 80 }, { "HTTPS": 443 }]'
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": {"Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301" }}'
alb.ingress.kubernetes.io/certificate-arn: "arn:..."
alb.ingress.kubernetes.io/healthcheck-path: "/health-check"Regarding your other question about basic auth: it's used to add some protection to the CLOWarden audit UI, just in case you don't want it publicly accessible. Hope this helps 🙂 |
Beta Was this translation helpful? Give feedback.
-
|
Thank you! It helps a lot. |
Beta Was this translation helpful? Give feedback.
Hi @zhzhuang-zju 👋
The CLOWarden server itself does not support HTTPS directly, but you can handle TLS termination at the ingress level.
Example using some custom ingress annotations for the AWS LB: