From 96c308efe6c64bce994325b5a1c77bdf4903adaa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=98=BF=E7=94=B7?= <l.weinan@gmail.com>
Date: Fri, 1 May 2026 08:09:06 +0800
Subject: [PATCH] =?UTF-8?q?disable=20prow=20hook/deck=20=E2=80=94=20return?=
 =?UTF-8?q?=20200=20without=20proxying?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Prow hook/deck services are not running, causing connection refused
errors in OpenResty logs from GitHub webhook retries. Replace
proxy_pass with direct return 200 to stop the noise.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 conf/moicen/prow.conf | 33 ++++++---------------------------
 1 file changed, 6 insertions(+), 27 deletions(-)

diff --git a/conf/moicen/prow.conf b/conf/moicen/prow.conf
index f795c57..d8a49bd 100644
--- a/conf/moicen/prow.conf
+++ b/conf/moicen/prow.conf
@@ -2,23 +2,12 @@ server {
     server_name "hook.prow.moicen.com";
     listen 443 ssl;
     listen 80;
-    client_max_body_size 10M;
-    access_by_lua_file /usr/local/openresty/nginx/scripts/log_to_webhook.lua;
 
-    # disable in local test env
-     ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot
-     ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot
 
     location / {
-        add_header Access-Control-Allow-Origin $http_origin always;
-        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always;
-        add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
-        add_header Access-Control-Allow-Credentials true always;
-        add_header Access-Control-Max-Age 86400 always;
-        if ($request_method = 'OPTIONS') {
-            return 200;
-        }
-        proxy_pass http://127.0.0.1:30001/;
+        return 200 "disabled";
     }
 }
 
@@ -26,21 +15,11 @@ server {
     server_name "deck.prow.moicen.com";
     listen 443 ssl;
     listen 80;
-    client_max_body_size 10M;
 
-    # disable in local test env
-     ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot
-     ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot
 
     location / {
-        add_header Access-Control-Allow-Origin $http_origin always;
-        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always;
-        add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
-        add_header Access-Control-Allow-Credentials true always;
-        add_header Access-Control-Max-Age 86400 always;
-        if ($request_method = 'OPTIONS') {
-            return 200;
-        }
-        proxy_pass http://127.0.0.1:30002/;
+        return 200 "disabled";
     }
 }