fix(server): exempt /global/health from auth middleware #12867
+1
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When OPENCODE_SERVER_PASSWORD is set, the auth middleware was applied to all routes including /global/health. Health check endpoints should be accessible without authentication so that monitoring tools and load balancers can verify the server is running. Skip the basicAuth check when the request path is /global/health. Fixes anomalyco#12805
Contributor
|
Hey! Your PR title Please update it to start with one of:
Where See CONTRIBUTING.md for details. |
Contributor
|
The following comment was made by an LLM, it may be inaccurate: No duplicate PRs found |
|
Free the world cup final
في الاثنين، ٩ فبراير ٢٠٢٦، ٢٢:٥٠ github-actions[bot] <
***@***.***> كتب:
… *github-actions[bot]* left a comment (anomalyco/opencode#12867)
<#12867 (comment)>
Hey! Your PR title Exempt /global/health from auth middleware doesn't
follow conventional commit format.
Please update it to start with one of:
- feat: or feat(scope): new feature
- fix: or fix(scope): bug fix
- docs: or docs(scope): documentation changes
- chore: or chore(scope): maintenance tasks
- refactor: or refactor(scope): code refactoring
- test: or test(scope): adding or updating tests
Where scope is the package name (e.g., app, desktop, opencode).
See CONTRIBUTING.md <http://../blob/dev/CONTRIBUTING.md#pr-titles> for
details.
—
Reply to this email directly, view it on GitHub
<#12867 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/B2DFN3VNAFI2VQNJYSMT44L4LD6L3AVCNFSM6AAAAACURAX74CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTQNZUGA2TCMRTGA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
mohamedbouddi7777-dev
left a comment
mohamedbouddi7777-dev
left a comment
There was a problem hiding this comment.
free **@mohamedbouddi7777-dev @ **
|
**and@mohamedbouddi7777-dev ** |
Mr-Neutr0n
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
OPENCODE_SERVER_PASSWORDis set, the Basic Auth middleware was applied to all routes, including/global/health. Health check endpoints should be publicly accessible so monitoring tools and load balancers can verify the server is running without needing credentials./global/health.Fixes #12805
Test plan
OPENCODE_SERVER_PASSWORDsetGET /global/healthreturns 200 without credentialsOPENCODE_SERVER_PASSWORDis setOPENCODE_SERVER_PASSWORDis not set