chore: Configure maxResponseBodySize for traefik (#2123)

tolusha · web-flow · commit cb1565d44a60 · 2026-05-15T09:50:48.000+02:00
* chore: Configure maxResponseBodySize for traefik

Signed-off-by: Anatolii Bazko &lt;abazko@redhat.com&gt;
diff --git a/pkg/deploy/gateway/traefik_config.go b/pkg/deploy/gateway/traefik_config.go
@@ -62,9 +62,10 @@ type TraefikConfigStripPrefix struct {
 }
 
 type TraefikConfigForwardAuth struct {
-	Address            string            `json:"address"`
-	TrustForwardHeader bool              `json:"trustForwardHeader"`
-	TLS                *TraefikConfigTLS `json:"tls,omitempty"`
+	Address             string            `json:"address"`
+	TrustForwardHeader  bool              `json:"trustForwardHeader"`
+	TLS                 *TraefikConfigTLS `json:"tls,omitempty"`
+	MaxResponseBodySize *int              `json:"maxResponseBodySize,omitempty"`
 }
 
 type TraefikConfigErrors struct {
diff --git a/pkg/deploy/gateway/traefik_config_util.go b/pkg/deploy/gateway/traefik_config_util.go
@@ -12,6 +12,8 @@
 
 package gateway
 
+import "k8s.io/utils/pointer"
+
 const (
 	StripPrefixMiddlewareSuffix   = "-strip-prefix"
 	HeaderRewriteMiddlewareSuffix = "-header-rewrite"
@@ -88,8 +90,9 @@ func (cfg *TraefikConfig) AddOpenShiftTokenCheck(componentName string) {
 	cfg.HTTP.Routers[componentName].Middlewares = append(cfg.HTTP.Routers[componentName].Middlewares, middlewareName)
 	cfg.HTTP.Middlewares[middlewareName] = &TraefikConfigMiddleware{
 		ForwardAuth: &TraefikConfigForwardAuth{
-			Address:            "https://kubernetes.default.svc/apis/user.openshift.io/v1/users/~",
-			TrustForwardHeader: true,
+			Address:             "https://kubernetes.default.svc/apis/user.openshift.io/v1/users/~",
+			TrustForwardHeader:  true,
+			MaxResponseBodySize: pointer.Int(16384), // 16KB
 			TLS: &TraefikConfigTLS{
 				InsecureSkipVerify: true,
 			},
@@ -102,7 +105,8 @@ func (cfg *TraefikConfig) AddAuth(componentName string, authAddress string) {
 	cfg.HTTP.Routers[componentName].Middlewares = append(cfg.HTTP.Routers[componentName].Middlewares, middlewareName)
 	cfg.HTTP.Middlewares[middlewareName] = &TraefikConfigMiddleware{
 		ForwardAuth: &TraefikConfigForwardAuth{
-			Address: authAddress,
+			Address:             authAddress,
+			MaxResponseBodySize: pointer.Int(16384), // 16KB
 		},
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -62,9 +62,10 @@ type TraefikConfigStripPrefix struct {`
`62`	`62`	`}`
`63`	`63`
`64`	`64`	`type TraefikConfigForwardAuth struct {`
`65`		- Address string `json:"address"`
`66`		- TrustForwardHeader bool `json:"trustForwardHeader"`
`67`		- TLS *TraefikConfigTLS `json:"tls,omitempty"`
	`65`	+ Address string `json:"address"`
	`66`	+ TrustForwardHeader bool `json:"trustForwardHeader"`
	`67`	+ TLS *TraefikConfigTLS `json:"tls,omitempty"`
	`68`	+ MaxResponseBodySize *int `json:"maxResponseBodySize,omitempty"`
`68`	`69`	`}`
`69`	`70`
`70`	`71`	`type TraefikConfigErrors struct {`