🎨 docker-api-proxy always requires authentication (⚠️devops)

[GitHK]

What do these changes do?

Related issue/s

• fixes docker-api-proxy shall require basic auth #7223
• Make director-v2 scalable/restartable #4524
• dynamic scheduler: extract scheduling logic and move it away from director-v2 #5632

How to test

⚠️ Dev-ops checklist

• No ENV changes or I properly updated ENV (read the instruction)
• merge this MR before merging to MASTER
• merge this MR during the release to STAGING
• merge this MR during the release to PROD

[codecov]

Codecov Report

Attention: Patch coverage is 50.00000% with 2 lines in your changes missing coverage. Please review.

Project coverage is 87.73%. Comparing base (1c003f5) to head (cb7b3a1).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #7586      +/-   ##
==========================================
+ Coverage   87.06%   87.73%   +0.66%     
==========================================
  Files        1726     1767      +41     
  Lines       66633    68233    +1600     
  Branches     1125     1123       -2     
==========================================
+ Hits        58017    59864    +1847     
+ Misses       8324     8062     -262     
- Partials      292      307      +15     

Flag	Coverage Δ
integrationtests	65.19% <ø> (+0.74%)	⬆️
unittests	86.92% <50.00%> (+0.19%)	⬆️

Components	Coverage Δ
api	∅ <ø> (∅)
pkg_aws_library	93.92% <ø> (ø)
pkg_dask_task_models_library	97.10% <ø> (ø)
pkg_models_library	92.72% <ø> (ø)
pkg_notifications_library	85.26% <ø> (ø)
pkg_postgres_database	88.18% <ø> (ø)
pkg_service_integration	69.92% <ø> (ø)
pkg_service_library	73.01% <0.00%> (+0.06%)	⬆️
pkg_settings_library	90.90% <100.00%> (ø)
pkg_simcore_sdk	85.66% <ø> (+19.95%)	⬆️
agent	96.46% <ø> (ø)
api_server	91.27% <ø> (ø)
autoscaling	96.08% <ø> (ø)
catalog	92.64% <ø> (∅)
clusters_keeper	99.25% <ø> (ø)
dask_sidecar	91.30% <ø> (ø)
datcore_adapter	98.12% <ø> (ø)
director	76.80% <ø> (-0.10%)	⬇️
director_v2	91.38% <ø> (ø)
dynamic_scheduler	97.40% <ø> (ø)
dynamic_sidecar	90.15% <ø> (ø)
efs_guardian	89.79% <ø> (ø)
invitations	93.28% <ø> (ø)
payments	92.66% <ø> (ø)
resource_usage_tracker	89.23% <ø> (ø)
storage	87.49% <ø> (ø)
webclient	∅ <ø> (∅)
webserver	86.09% <ø> (-0.02%)	⬇️

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1c003f5...cb7b3a1. Read the comment docs.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mrnicegyu11]

thx!

[pcrespov]

Thx. Left some comments.

[sanderegg]

thanks!

[GitHK]

@Mergifyio queue

[mergify]

queue

🟠 Waiting for conditions to match

• any of: [🔀 queue conditions]
  • all of: [📌 queue conditions of queue default]
    • #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
    • #changes-requested-reviews-by=0
    • #review-threads-unresolved = 0 [🛡 GitHub branch protection]
    • #review-threads-unresolved=0
    • branch-protection-review-decision = APPROVED [🛡 GitHub branch protection]
    • any of: [🛡 GitHub branch protection]
      • check-neutral = system-tests
      • check-skipped = system-tests
      • check-success = system-tests
    • #approved-reviews-by >= 2 [🛡 GitHub branch protection]
    • #approved-reviews-by>=2
    • -conflict
    • -draft
    • base=master
    • label!=🤖-do-not-merge
    • label=🤖-automerge
    • any of: [🛡 GitHub branch protection]
      • check-skipped = deploy to dockerhub
      • check-neutral = deploy to dockerhub
      • check-success = deploy to dockerhub
    • any of: [🛡 GitHub branch protection]
      • check-success = unit-tests
      • check-neutral = unit-tests
      • check-skipped = unit-tests
    • any of: [🛡 GitHub branch protection]
      • check-success = check OAS' are up to date
      • check-neutral = check OAS' are up to date
      • check-skipped = check OAS' are up to date
    • any of: [🛡 GitHub branch protection]
      • check-success = integration-tests
      • check-neutral = integration-tests
      • check-skipped = integration-tests
    • any of: [🛡 GitHub branch protection]
      • check-success = [build] docker images (excluding frontend) (3.11, ubuntu-24.04)
      • check-neutral = [build] docker images (excluding frontend) (3.11, ubuntu-24.04)
      • check-skipped = [build] docker images (excluding frontend) (3.11, ubuntu-24.04)
• -closed [📌 queue requirement]
• -conflict [📌 queue requirement]
• -draft [📌 queue requirement]
• any of: [📌 queue -> configuration change requirements]
  • -mergify-configuration-changed
  • check-success = Configuration changed

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[YuryHrytsuk]

What is it for? Why do we need it?

[YuryHrytsuk]

Suggested change

	{$DOCKER_API_PROXY_USER} {$DOCKER_API_PROXY_ECRYPTED_PASSWORD}
	{$DOCKER_API_PROXY_USER} {$DOCKER_API_PROXY_ENCRYPTED_PASSWORD}

[YuryHrytsuk]

Thanks.

I will look for IP Whitelisting options in Caddy before going ahead

[YuryHrytsuk]

Let me see how we can configre IP Whitelisting in Caddy before we go ahead

https://caddyserver.com/docs/caddyfile/matchers#client-ip