From: Redouane Kachach <rkachach@ibm.com>
Date: Thu, 12 Sep 2024 13:57:07 +0000 (+0200)
Subject: mgr/cephadm: renaming whitelist_domains field to allowlist_domains
X-Git-Tag: v20.0.0~1059^2
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=25e0a323ad2016e88393e38721b1e4d392bcc126;p=ceph.git

mgr/cephadm: renaming whitelist_domains field to allowlist_domains

Fixes: https://tracker.ceph.com/issues/68052

Signed-off-by: Redouane Kachach <rkachach@ibm.com>
---

diff --git a/src/pybind/mgr/cephadm/services/oauth2_proxy.py b/src/pybind/mgr/cephadm/services/oauth2_proxy.py
index c19005c95f3ca..cabb21bce139e 100644
--- a/src/pybind/mgr/cephadm/services/oauth2_proxy.py
+++ b/src/pybind/mgr/cephadm/services/oauth2_proxy.py
@@ -67,12 +67,12 @@ class OAuth2ProxyService(CephadmService):
     def generate_config(self, daemon_spec: CephadmDaemonDeploySpec) -> Tuple[Dict[str, Any], List[str]]:
         assert self.TYPE == daemon_spec.daemon_type
         svc_spec = cast(OAuth2ProxySpec, self.mgr.spec_store[daemon_spec.service_name].spec)
-        whitelist_domains = svc_spec.whitelist_domains or []
-        whitelist_domains += self.get_service_ips_and_hosts('mgmt-gateway')
+        allowlist_domains = svc_spec.allowlist_domains or []
+        allowlist_domains += self.get_service_ips_and_hosts('mgmt-gateway')
         context = {
             'spec': svc_spec,
             'cookie_secret': svc_spec.cookie_secret or self.generate_random_secret(),
-            'whitelist_domains': whitelist_domains,
+            'allowlist_domains': allowlist_domains,
             'redirect_url': svc_spec.redirect_url or self.get_redirect_url()
         }
 
diff --git a/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2 b/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2
index 20ca8cb6504c0..c8d9f920adf5a 100644
--- a/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2
+++ b/src/pybind/mgr/cephadm/templates/services/oauth2-proxy/oauth2-proxy.conf.j2
@@ -34,4 +34,4 @@ set_xauthrequest= true
 # Secret value for encrypting cookies.
 cookie_secret= "{{ cookie_secret }}"
 email_domains= "*"
-whitelist_domains= "{{ whitelist_domains | join(',') }}"
+whitelist_domains= "{{ allowlist_domains | join(',') }}"
diff --git a/src/python-common/ceph/deployment/service_spec.py b/src/python-common/ceph/deployment/service_spec.py
index 2238cd01c3753..33a6da75f0b03 100644
--- a/src/python-common/ceph/deployment/service_spec.py
+++ b/src/python-common/ceph/deployment/service_spec.py
@@ -1926,7 +1926,7 @@ class OAuth2ProxySpec(ServiceSpec):
                  cookie_secret: Optional[str] = None,
                  ssl_certificate: Optional[str] = None,
                  ssl_certificate_key: Optional[str] = None,
-                 whitelist_domains: Optional[List[str]] = None,
+                 allowlist_domains: Optional[List[str]] = None,
                  unmanaged: bool = False,
                  extra_container_args: Optional[GeneralArgList] = None,
                  extra_entrypoint_args: Optional[GeneralArgList] = None,
@@ -1964,7 +1964,7 @@ class OAuth2ProxySpec(ServiceSpec):
         self.ssl_certificate_key = ssl_certificate_key
         #: List of allowed domains for safe redirection after login or logout,
         # preventing unauthorized redirects.
-        self.whitelist_domains = whitelist_domains
+        self.allowlist_domains = allowlist_domains
         self.unmanaged = unmanaged
 
     def get_port_start(self) -> List[int]: