docs/ci: Update http cache config to let Authorization headers pass through

When downloading traces from a restricted repository, the Authorization
header will be set. Previous to this change, the http proxy would drop
it.

Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Reviewed-by: Emma Anholt <emma@anholt.net>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/6441>

diff --git a/docs/ci/uri-caching.conf b/docs/ci/uri-caching.conf
index c360c55..249998b 100644 (file)
--- a/docs/ci/uri-caching.conf
+++ b/docs/ci/uri-caching.conf
@@ -1,4 +1,4 @@
-set $authorization '';
+set $proxy_authorization '';
 
 set_by_lua $proxyuri '
         unescaped =  ngx.unescape_uri(ngx.var.arg_uri);
@@ -13,10 +13,12 @@ set_by_lua $proxyuri '
         host = it[3];
         query = it[4];
 
-        if authstring then
+        if ngx.var.http_authorization and ngx.var.http_authorization ~= "" then
+                ngx.var.proxy_authorization = ngx.var.http_authorization;
+        elseif authstring then
                 auth = string.sub(authstring, 0, -2);
                 auth64 = ngx.encode_base64(auth);
-                ngx.var.authorization = "Basic " .. auth64;
+                ngx.var.proxy_authorization = "Basic " .. auth64;
         end
 
         -- Default to / if none is set to avoid using the request_uri query
@@ -28,7 +30,7 @@ set_by_lua $proxyuri '
 ';
 
 add_header X-GG-Cache-Status $upstream_cache_status;
-proxy_set_header Authorization $authorization;
+proxy_set_header Authorization $proxy_authorization;
 
 proxy_pass $proxyuri;
 # Redirect back to ourselves on 301 replies