backend: externalproxy: Fix glob panic and pre-compile patterns#5678
Conversation
k8s-ci-robot
added
size/M
There was a problem hiding this comment.
Pull request overview
This PR updates the backend external proxy configuration path to precompile allowed glob patterns during startup and reuse them during request handling.
Changes:
- Adds compiled proxy URL glob storage to
HeadlampConfig. - Compiles proxy URL patterns in
createHeadlampConfig. - Updates external proxy tests to provide precompiled patterns.
CI/check status and commit history were not available in this review context; please confirm both are clean.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
backend/cmd/server.go |
Builds proxy URL slices and precompiles glob patterns during config creation. |
backend/cmd/headlamp.go |
Uses precompiled glob patterns when validating external proxy requests. |
backend/cmd/headlamp_test.go |
Updates external proxy tests to populate compiled proxy URL patterns. |
illume
left a comment
illume
left a comment
There was a problem hiding this comment.
Thanks for working on this.
Would you mind addressing the open Copilot review comments? Please mark each comment as resolved after addressing it.
k8s-ci-robot
added
size/L
k8s-ci-robot
added
the
needs-rebase
illume
left a comment
illume
left a comment
There was a problem hiding this comment.
Thanks for the contribution.
This PR has git conflicts — could you resolve them?
How to resolve conflicts
Rebase or merge the latest main into your branch, resolve the conflicts, and push the updated branch.
There are some open Copilot review comments — could you take a look at them? Please mark each one as resolved once you've addressed it.
Refactor the externalproxy handler to pre-compile glob patterns at server startup instead of during each request. This change: - Prevents server panics caused by glob.MustCompile with invalid patterns. - Handles compilation errors gracefully at startup by logging and exiting. - Improves performance by eliminating redundant per-request compilation. - Updates unit tests to support pre-compiled glob patterns. Signed-off-by: ayxsh_shxrma <ayushmaan.sharma911@gmail.com>
Refactor the externalproxy handler to pre-compile glob patterns at server startup instead of during each request. This change: - Prevents server panics caused by glob.MustCompile with invalid patterns. - Handles compilation errors gracefully at startup by logging and exiting. - Improves performance by eliminating redundant per-request compilation. - Updates unit tests to support pre-compiled glob patterns. - Fixes linter errors related to formatting and whitespace. Signed-off-by: ayxsh_shxrma <ayushmaan.sharma911@gmail.com>
ayushmaan-16
force-pushed
the
fix/externalproxy-glob-panic-final
branch
from
7c84da0 to
5323d90
Compare
k8s-ci-robot
removed
the
needs-rebase
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ayushmaan-16, illume The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
Description
This change fixes a bug where an invalid
/externalproxyURL glob pattern could crash the Headlamp backend. It also improves request handling by compiling allowed proxy URL patterns once and reusing the compiled patterns during external proxy validation.Changes
/externalproxynow validates requests through a helper that can compile configuredProxyURLswhen needed, preventing configs with onlyProxyURLspopulated from silently denying all proxy requests.ProxyURLswithout manually precompiled patterns.