Enable mod_ssl and enable proxying to ssl-terminated endpoints.
In the case where the artifact is not found, return NULL instead
of the bogus "Artifact_not_found" url, otherwise we can end up in
a loop where we continuously append that to the url.
Strip trailing slashes from the returned proxy target. We can't
guarantee that folks won't have a '/' at the end of the artifact
url they return to Zuul (and in fact, it's probably more correct
that they do). But our regex in mod_rewrite guarantees that we
will add a slash to it. One sure way to handle this is just to
strip it from the data returned from Zuul if present.
Add a .dockerignore file with both itself and the Dockerfile
added, so that docker won't rebuild extra layers (like the C++
compile layer) if we just change the Dockerfile.
Change-Id: I00dfd0b6842abedf938702a816698d1c6526974d
If a rewritemap fails to find a URL, mod_rewrite will nonetheless
continue to attempt to proxy the request; if the request has a
hostname in the URI (as it would if it were being used as a forward
proxy), then it will proxy to that URI. The upshot is that this
was behaving as an open proxy for any URL that it didn't know about.
Correct this by "proxying" to http://localhost/notfound in all cases
where the map program fails, and then cause that URL to always fail
with a 403.
This seems a little Rube Goldberg, but I don't see another way to
deal with map failures in a rewriterule proxy.
Change-Id: I1fdace79b6059c0297dd27b6bc9ce0afa9fe1396
Add an apache vhost config file which uses zuul-preview as a
rewritemap.
Remove extraneous output from zuul-preview.
Add an exception handler around the http code.
Remove the mutex (as we are single threaded).
Run apache as the docker CMD.