Skip to content

[Feat][apiserver] Support CORS config #3711

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 30, 2025
Merged

[Feat][apiserver] Support CORS config #3711

merged 4 commits into from
May 30, 2025

Conversation

MortalHappiness
Copy link
Member

@MortalHappiness MortalHappiness commented May 29, 2025
edited
Loading

Why are these changes needed?

Add CORS config to apiserver v1, so that KubeRay dashboard can be easily run.

Manual testing:

cd apiserver
helm install kuberay-apiserver --set image.repository=kuberay/apiserver --set image.tag=nightly --set security= --set cors.allowOrigin='*' ../helm-chart/kuberay-apiserver

image

Related issue number

N/A

Checks

  • I've made sure the tests are passing.
  • Testing Strategy
    • Unit tests
    • Manual tests
    • This PR is not tested :(

@MortalHappiness MortalHappiness force-pushed the feature/apiserver-cors-config branch from 6c97057 to fe6d95d Compare May 29, 2025 11:13
kevin85421
kevin85421 reviewed May 29, 2025
View reviewed changes
apiserver/cmd/main.go Outdated
@@ -165,8 +165,27 @@ func startHttpProxy() {
topMux = http.NewServeMux()
}

// Seems /apis (matches /apis/v1alpha1/clusters) works fine
topMux.Handle("/", runtimeMux)
if allowedOrigin := os.Getenv("CORS_ALLOW_ORIGIN"); allowedOrigin != "" {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Print a log so that users can know whether CORS is enabled or not?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

helm-chart/kuberay-apiserver/values.yaml
@@ -11,6 +11,9 @@ image:
tag: nightly
pullPolicy: IfNotPresent

cors:
# allowOrigin: "*"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does "*" mean? Can you add some comments to explain what are valid values and the expected behavior?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

helm-chart/kuberay-apiserver/templates/deployment.yaml Outdated
@@ -52,6 +52,13 @@ spec:
httpGet:
path: /healthz
port: http
env:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe pass to args instead so that we don't need to handle the complex merge logic of env in the future.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

apiserver/cmd/main.go Outdated
@@ -165,8 +165,27 @@ func startHttpProxy() {
topMux = http.NewServeMux()
}

// Seems /apis (matches /apis/v1alpha1/clusters) works fine
topMux.Handle("/", runtimeMux)
if allowedOrigin := os.Getenv("CORS_ALLOW_ORIGIN"); allowedOrigin != "" {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be a breaking change for users when users use their old Values.yaml with the new api server image.

The same YAML with old image will enable CORS, but CORS will be disabled with the new image.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean? If users use old values.yaml, then CORS_ALLOW_ORIGIN won't be set, and the else block will be executed. So topMux.Handle("/", runtimeMux) will still be run. There is no behavior change.

rueian
rueian reviewed May 29, 2025
View reviewed changes
apiserver/cmd/main.go Outdated
})
}

topMux.Handle("/", corsHandler(runtimeMux))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we just use https://github.com/rs/cors?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@MortalHappiness
Use args instead of env
5a36e80 
Signed-off-by: Chi-Sheng Liu <[email protected]>
@MortalHappiness
Address comments
4367084 
Signed-off-by: Chi-Sheng Liu <[email protected]>
@MortalHappiness
Add comment for allowOrigin
1f41eeb 
Signed-off-by: Chi-Sheng Liu <[email protected]>
@kevin85421 kevin85421 merged commit bc61ad9 into ray-project:master May 30, 2025
24 checks passed
pawelpaszki pushed a commit to opendatahub-io/kuberay that referenced this pull request Jun 10, 2025
@MortalHappiness @pawelpaszki
[Feat][apiserver] Support CORS config (ray-project#3711)
7ee57d1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rueian rueian rueian approved these changes

@kevin85421 kevin85421 kevin85421 approved these changes

Assignees

@rueian rueian

@kevin85421 kevin85421

Labels
1.4.0 release-blocker
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MortalHappiness @rueian @kevin85421