A generic websocket proxy for Web Terminal Operator and and Dev Workspace Operator.
When we want to utilize the Kubernetes exec endpoint to execute commands in the pod, we have to authorize using the Authorization: Bearer header. JavaScript WebSocket API, which is supported by modern browsers, does not allow additional headers. We have to have a proxy that will accept input from the frontend, and after adding this header, it will send it to the exec endpoint.
Openshift also does not include the Access-Control-Allow-Origin header, so we have to pass requests from the frontend through the proxy to allow frontend to parse the responses.
This repository uses pre-commit. You can install it here. To run pre-commit automatically for commits run:
pre-commit installGo >= 1.19
To run the application locally, you can run the following command:
go run .
To deploy the application as a sidecar for Backstage deployment, you must create a Route, modify the Service resource and add a sidecar to the Backstage Deployment. You also have to build the webterminal-proxy image and push it to your registry.
Route
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: backstage-webterminal
spec:
port:
targetPort: 8080
to:
kind: Service
name: backstage-instance
host: backstage-instance.example.com
path: "/webterminal"
Service
# ...Your Backstage service definition...
ports:
# ...
- port: 8080
targetPort: 8080
# ...Deployment
# ...Your Backstage deployment...
spec:
#...
containers:
# ...
- name: webterminal
image: image-registry.example.com/webterminal-proxy:latest
command: ["./webterminal-proxy"]
ports:
- containerPort: 8080
# ...