fix: use ReverseProxy instead of NewSingleHostReverseProxy

As `NewSingleHostReverseProxy` does not rewrite the Host header, use with service mesh like Istio is problematic and needs tricks. As <https://pkg.go.dev/net/http/httputil#NewSingleHostReverseProxy> proposes a simple workaround for it, let's use it. Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
2025-04-10 18:28:47 +02:00 · 2025-04-10 18:28:47 +02:00 · b0c3a3cba3
parent 63b61d6995
commit b0c3a3cba3
1 changed files with 11 additions and 7 deletions
--- a/src/server/registry/proxy.go
+++ b/src/server/registry/proxy.go
@ -32,21 +32,25 @@ func newProxy() http.Handler {
 	if err != nil {
 		panic(fmt.Sprintf("failed to parse the URL of registry: %v", err))
 	}
-	proxy := httputil.NewSingleHostReverseProxy(url)
+	proxy := &httputil.ReverseProxy{
+		Rewrite: func(r *httputil.ProxyRequest) {
+			r.SetURL(url)
+		},
+	}
 	if commonhttp.InternalTLSEnabled() {
 		proxy.Transport = commonhttp.GetHTTPTransport()
 	}

-	proxy.Director = basicAuthDirector(proxy.Director)
+	proxy.Rewrite = basicAuthRewrite(proxy.Rewrite)
 	return proxy
 }

-func basicAuthDirector(d func(*http.Request)) func(*http.Request) {
-	return func(r *http.Request) {
-		d(r)
-		if r != nil {
+func basicAuthRewrite(r func(*httputil.ProxyRequest)) func(*httputil.ProxyRequest) {
+	return func(req *httputil.ProxyRequest) {
+		r(req)
+		if req != nil {
 			u, p := config.RegistryCredential()
-			r.SetBasicAuth(u, p)
+			req.Out.SetBasicAuth(u, p)
 		}
 	}
 }