Fix trusted host

2024-07-31 13:39:37 +02:00 · 2024-07-31 13:39:37 +02:00 · b72dc122a0
commit b72dc122a0
parent 52d122ad22
3 changed files with 12 additions and 4 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@ -44,6 +44,7 @@ jobs:
      project: ${{ steps.meta.outputs.project }}
      namespace: ${{ steps.meta.outputs.namespace }}
      storage_name: ${{ steps.meta.outputs.storage_name }}
+      trusted_host: ${{ steps.meta.outputs.trusted_host }}
    steps:
      - name: Generate metadata
        id: meta
@ -55,6 +56,9 @@ jobs:
          ENVIRONMENT=prod
          IMAGE_TAG=sha-${GITHUB_SHA::7}
          RELEASE_NAME=prod
+          TRUSTED_HOST=$(echo ${{ vars.DOMAIN }} | sed 's/\./\\\\\\\\./g')
+
+          echo "trusted_host=${TRUSTED_HOST}" >> $GITHUB_OUTPUT
          echo "context=${CONTEXT}" >> $GITHUB_OUTPUT
          echo "environment=${ENVIRONMENT}" >> $GITHUB_OUTPUT
          echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT
@ -129,6 +133,7 @@ jobs:
            --set=php.storage.usePathStyleEndpoint=true \
            --set=php.storage.key="${{ secrets.storage-key }}" \
            --set=php.storage.secret="${{ secrets.storage-secret-key }}" \
+            --set=php.trustedHosts[2]=${{ needs.meta.outputs.trusted_host }} \
            --values ./helm/chart/values-${{ needs.meta.outputs.context }}.yml \
            | sed --unbuffered '/USER-SUPPLIED VALUES/,$d' ; then
                echo "Deployment has failed!"
--- a/helm/chart/templates/configmap.yaml
+++ b/helm/chart/templates/configmap.yaml
@ -10,7 +10,7 @@ data:
  php-app-env: {{ .Values.php.appEnv | quote }}
  php-app-debug: {{ .Values.php.appDebug | quote }}
  php-cors-allow-origin: {{ .Values.php.corsAllowOrigin | quote }}
-  php-trusted-hosts: {{ .Values.php.trustedHosts | quote }}
+  php-trusted-hosts: {{ join "|" .Values.php.trustedHosts | quote }}  
  php-trusted-proxies: "{{ join "," .Values.php.trustedProxies }}"
  mercure-url: "http://{{ include "plateforme-ebs" . }}/.well-known/mercure"
  mercure-public-url: {{ .Values.mercure.publicUrl | default "http://127.0.0.1/.well-known/mercure" | quote }}
--- a/helm/chart/values.yaml
+++ b/helm/chart/values.yaml
@ -4,7 +4,7 @@

 php:
  image:
-    repository: "ghcr.io/apes-hdf/plateforme-ebs-php" # CHANGE ME
+    repository: "ghcr.io/tipimi-fr/plateforme-ebs-php" # CHANGE ME
    pullPolicy: IfNotPresent
    # Overrides the image tag whose default is the chart appVersion.
    tag: ""
@ -12,7 +12,10 @@ php:
  appDebug: "0"
  appSecret: ""
  corsAllowOrigin: "^https?://.*?\\.chart-example\\.local$"
-  trustedHosts: "^127\\.0\\.0\\.1|localhost|.*\\.chart-example\\.local$"
+  trustedHosts: 
+    - "^127\\.0\\.0\\.1"
+    - "localhost"
+    - ".*\\.chart-example\\.local$"
  trustedProxies:
    - "127.0.0.1"
    - "10.0.0.0/8"
@ -54,7 +57,7 @@ consumer:

 caddy:
  image:
-    repository: "ghcr.io/apes-hdf/plateforme-ebs-caddy" # CHANGE ME
+    repository: "ghcr.io/tipimi-fr/plateforme-ebs-caddy" # CHANGE ME
    pullPolicy: IfNotPresent
    # Overrides the image tag whose default is the chart appVersion.
    tag: ""