-
Notifications
You must be signed in to change notification settings - Fork 104
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to run policy-bot behind a reverse-prxoy #724
Comments
Our expectation is that reverse proxies set an appropriate It might be possible to update this to use the |
I'm building the reverse proxy in JS (to run in Lambda). We are using the node.js fetch function. That is not allowed to override/set the host header. But I can set any other header. Is a PR welcome? |
Yes, I'm happy to review a PR if you'd like to try fixing this. I think the easiest option is probably to use the existing If you'd like to support other headers instead, I think we first need to update https://github.com/palantir/go-githubapp to enable that in the |
This change does use the public_url config value to create the oauth2 callback url. This logic is only setup if the config value has been set. Closes palantir#724
Even if configuration states differently (here), it's not possible to operate the policy-bot behind a reverse proxy.
This is caused by the wrong setup of the github authorization flow in this case.
The github default setup does create the redirect url (callback) at the end of the auth flow with the requests host header. This header is in case of a reverse-proxy set to the ip/host of that proxy.
Instead it should be the configured proxy host.
Can anyone confirm this behavior?
The text was updated successfully, but these errors were encountered: