diff --git a/Dockerfile b/Dockerfile index 8857a8fe..46626d53 100644 --- a/Dockerfile +++ b/Dockerfile @@ -50,5 +50,10 @@ COPY --from=cfg /etc/passwd /etc/passwd COPY --from=cfg /etc/group /etc/group COPY ./Cargo.lock /Cargo.lock USER 65533:65533 +# Default port, should be used when tls is not enabled EXPOSE 3000 +# Readiness probe port, always http +EXPOSE 8081 +# To be used when tls is enabled +EXPOSE 8443 ENTRYPOINT ["/policy-server"] diff --git a/cli-docs.md b/cli-docs.md index fe44c467..341f8c64 100644 --- a/cli-docs.md +++ b/cli-docs.md @@ -64,7 +64,7 @@ This document contains the help content for the `policy-server` command-line pro Default value: `3000` * `--readiness-probe-port ` — Expose readiness endpoint on READINESS_PROBE_PORT - Default value: `3000` + Default value: `8081` * `--sigstore-cache-dir ` — Directory used to cache sigstore data Default value: `sigstore-data` diff --git a/src/cli.rs b/src/cli.rs index 10af68ab..8df6cb52 100644 --- a/src/cli.rs +++ b/src/cli.rs @@ -71,7 +71,7 @@ pub(crate) fn build_cli() -> Command { Arg::new("readiness-probe-port") .long("readiness-probe-port") .value_name("READINESS_PROBE_PORT") - .default_value("3000") + .default_value("8081") .env("KUBEWARDEN_READINESS_PROBE_PORT") .help("Expose readiness endpoint on READINESS_PROBE_PORT"),