I'm trying to set Lighthouse CI Authentication using Terraform K8s Deployment(https://github.com/GoogleChrome/lighthouse-ci/blob/main/docs/server.md#basic-authentication) but I keep getting a 403 Error. I have tried below steps but I get the same message.
FYI, the password is set from kubectl_manifest resourece
ENV from kubernetes_deployment resourceenv {
name = "LHCI_BASIC_AUTH__USERNAME"
value = "username"
}
env {
name = "LHCI_BASIC_AUTH__PASSWORD"
value_from {
secret_key_ref {
name = "password"
key = "password"
}
}
}
ENV from kubernetes_deployment resource(https://www.runatlantis.io/docs/security.html#enable-authentication-on-atlantis-web-server)env {
name = "ATLANTIS_WEB_BASIC_AUTH"
value = "true"
}
env {
name = "ATLANTIS_WEB_USERNAME"
value = "user"
}
env {
name = "LHCI_BASIC_AUTH__PASSWORD"
value_from {
secret_key_ref {
name = "password"
key = "password"
}
}
}
Using Helm Chart with Terraform helm_release resource - https://artifacthub.io/packages/helm/cowboysysop/lighthouse-ci
After looking at the source code - https://github.com/cowboysysop/charts/blob/a12e738a57977c7c6e84cb219ae6967fddae266e/charts/lighthouse-ci/values.yaml#L201 - env var names used in this example 3.1 look incorrect.
resource "helm_release" "lhci" {
name = "lhci"
chart = "lighthouse-ci"
repository = "https://cowboysysop.github.io/charts/"
namespace = "lhci"
set {
name = "basicAuth.username"
value = "user"
}
set {
name = "basicAuth.password"
value = "password"
}
}
resource "helm_release" "lhci" {
name = "lhci"
chart = "lighthouse-ci"
repository = "https://cowboysysop.github.io/charts/"
namespace = "lhci"
set {
name = "basicAuthUsername"
value = "user"
}
set {
name = "basicAuthPassword"
value = "password"
}
}
The above steps have been resulting in the same error. What is the proper way to enable authentication?
Thanks!
This may be specific to my case but I went with the first approach and changed the http_get path for readiness_probe from / to /healthz. The issue got fixed.
e.g.
readiness_probe {
http_get {
path = "/healthz"
port = "9001"
}
}