SONAR-15654 added liveness endpoint to allowlist with passcode

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java

@@ -60,8 +60,11 @@ public class UserSessionInitializer {
     "/api/authentication/login", "/api/authentication/logout", "/api/authentication/validate",
     "/api/project_badges/measure", "/api/project_badges/quality_gate");
 
-  private static final Set<String> URL_USING_PASSCODE = ImmutableSet.of(
-    "/api/ce/info", "/api/ce/pause", "/api/ce/resume", "/api/system/health", "/api/system/analytics", "/api/system/migrate_es");
+  private static final Set<String> URL_USING_PASSCODE = Set.of(
+    "/api/ce/info", "/api/ce/pause",
+    "/api/ce/resume", "/api/system/health",
+    "/api/system/analytics", "/api/system/migrate_es",
+    "/api/system/liveness");
 
   private static final UrlPattern URL_PATTERN = UrlPattern.builder()
     .includes("/*")

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java

@@ -103,6 +103,7 @@ public class UserSessionInitializerTest {
     assertPathIsIgnoredWithAnonymousAccess("/api/ce/pause");
     assertPathIsIgnoredWithAnonymousAccess("/api/ce/resume");
     assertPathIsIgnoredWithAnonymousAccess("/api/system/health");
+    assertPathIsIgnoredWithAnonymousAccess("/api/system/liveness");
 
     // exclude static resources
     assertPathIsIgnored("/css/style.css");