Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add protocol option to port_forward to enable HTTPS services #6427

Open
cirego opened this issue Aug 14, 2024 · 2 comments
Open

Add protocol option to port_forward to enable HTTPS services #6427

cirego opened this issue Aug 14, 2024 · 2 comments
Labels
enhancement New feature or request

Comments

@cirego
Copy link

cirego commented Aug 14, 2024

Describe the Feature You Want

I would like the ability to specify the protocol handler in port forwards so that links to HTTPS services "just work".

Current Behavior

Navigating to an HTTPS service using a port_forward link results in a 400 Bad Request from nginx.

Our current Tiltfile sets up nginx with a certificate trusted by the user's browser. We have a port-forward clause in our Tiltfile that looks like this:

helm_resource(name='nginx',
              chart='ingress-charts/ingress-nginx',
              labels=['frontend'],
              flags=[...],
              resource_deps=['ingress-charts'],
              port_forwards=[port_forward(8443, 443, name='UI')]

When the user clicks this link, the browser sends an HTTP request, giving a 400 Bad Request ("The plain HTTP request was sent to HTTPS port").

Why Do You Want This?

Users can work around the bad request by manually prepending https:// to the URL in their browser navbar. Users find this tedious, as they must do this every time they click the link. It also creates a decent number of questions as new developers run into this issue.

Adding an option to set the protocol handler in the port_forward would neatly fix this issue. If I could update my port_forward to include protocol='https', then users will no longer need to edit the URL in their browser.

helm_resource(name='nginx',
              chart='ingress-charts/ingress-nginx',
              labels=['frontend'],
              flags=[...],
              resource_deps=['ingress-charts'],
              port_forwards=[port_forward(8443, 443, name='UI', protocol='https')]

Instead of constructing a localhost:8443 link, this would instead construct https://localhost:8443.
@cirego cirego added the enhancement New feature or request label Aug 14, 2024
@nicks
Copy link
Member

nicks commented Aug 14, 2024

thanks for the report!

kubectl port-forward uses TCP, it doesn't care about layer 7 (http and https). so visiting https manually will work

you can use the links argument to create an https link - https://docs.tilt.dev/accessing_resource_endpoints#arbitrary-links

i'll leave this open to add support for link_protocol like the link_path we have today
https://docs.tilt.dev/api#api.port_forward

@cirego
Copy link
Author

cirego commented Aug 14, 2024

Thanks for the response!

I can use the link workaround by creating a link -- is there a way to hide the link generated by the port_forward so that users are not confused about which to use?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nicks @cirego