docs/ci: Update http cache config to let Authorization headers pass through

When downloading traces from a restricted repository, the Authorization header will be set. Previous to this change, the http proxy would drop it. Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com> Reviewed-by: Emma Anholt <emma@anholt.net> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/6441>
2021-04-14 15:16:14 +02:00 · 2021-04-14 15:16:14 +02:00 · 8d8a91617d
parent 92f9141f00
commit 8d8a91617d
1 changed files with 6 additions and 4 deletions
--- a/docs/ci/uri-caching.conf
+++ b/docs/ci/uri-caching.conf
@ -1,4 +1,4 @@
-set $authorization '';
+set $proxy_authorization '';

 set_by_lua $proxyuri '
        unescaped =  ngx.unescape_uri(ngx.var.arg_uri);
@ -13,10 +13,12 @@ set_by_lua $proxyuri '
        host = it[3];
        query = it[4];

-        if authstring then
+        if ngx.var.http_authorization and ngx.var.http_authorization ~= "" then
+                ngx.var.proxy_authorization = ngx.var.http_authorization;
+        elseif authstring then
                auth = string.sub(authstring, 0, -2);
                auth64 = ngx.encode_base64(auth);
-                ngx.var.authorization = "Basic " .. auth64;
+                ngx.var.proxy_authorization = "Basic " .. auth64;
        end

        -- Default to / if none is set to avoid using the request_uri query
@ -28,7 +30,7 @@ set_by_lua $proxyuri '
 ';

 add_header X-GG-Cache-Status $upstream_cache_status;
-proxy_set_header Authorization $authorization;
+proxy_set_header Authorization $proxy_authorization;

 proxy_pass $proxyuri;
 # Redirect back to ourselves on 301 replies