Skip to content

workloadmanager chart does not enable auth #432

Description

@avinxshKD

WorkloadManager has auth middleware, but the Helm chart never passes --enable-auth, so the deployed service runs with auth skipped.
That means any in-cluster client that can reach workloadmanager can hit create/delete session APIs directly. Router auth/RLAC does not help if the backend API is reachable.

Steps:

  1. Render/install the base chart.
  2. Check the workloadmanager deployment args.
  3. --enable-auth is missing.
  4. Request handling goes through authMiddleware, sees EnableAuth == false, and continues

Expected:
The chart should enable WorkloadManager auth, or expose an explicit value that defaults to the secure path.

Actual:
Auth is disabled by default in the rendered deployment.

Environment:
Current main, base Helm chart.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions