Add ams instance id header when uploading and downloading bundle (#57)

* Add ams instance id header when uploading and downloading bundle * Fix formatting * Fix nolint * Fix nolint * Fix nolint
SAP · Aug 26, 2022 · 32285e3 · 32285e3
1 parent a28a2cd
commit 32285e3
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 9 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -112,6 +112,9 @@ issues:
     - linters:
       - revive
       text: "^exported: "
+    - linters:
+        - staticcheck
+      text: "SA1019:"
   # List of regexps of issue texts to exclude, empty list by default.
   # But independently from this option we use default exclude patterns,
   # it can be disabled by `exclude-use-default: false`. To list all

diff --git a/pkg/supply/env/config.go b/pkg/supply/env/config.go
@@ -8,6 +8,7 @@ import (
 )
 
 const ServiceName = "authorization"
+const HeaderInstanceID = "X-Ams-Instance-Id"
 
 type Config struct {
 	Root         string

diff --git a/pkg/supply/supply.go b/pkg/supply/supply.go
@@ -10,12 +10,12 @@ import (
 	"path"
 	"path/filepath"
 
-	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/env"
-	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/services"
 	"github.com/cloudfoundry/libbuildpack"
 	"github.com/open-policy-agent/opa/download"
 	"github.com/open-policy-agent/opa/plugins/bundle"
 
+	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/env"
+	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/services"
 	"github.com/SAP/cloud-authorization-buildpack/pkg/uploader"
 )
 
@@ -161,7 +161,8 @@ type Credentials struct {
 }
 
 type RestConfig struct {
-	URL         string      `json:"url"`
+	URL         string `json:"url"`
+	Headers     map[string]string
 	Credentials Credentials `json:"credentials"`
 }
 
@@ -193,7 +194,7 @@ func (s *Supplier) writeProfileDFile(cfg env.Config, amsCreds services.AMSCreden
 	if err := os.MkdirAll(s.Stager.ProfileDir(), 0755); err != nil {
 		return fmt.Errorf("couldn't create profile dir: %w", err)
 	}
-	return os.WriteFile(path.Join(s.Stager.ProfileDir(), "0000_opa_env.sh"), b.Bytes(), 0755) // nolint
+	return os.WriteFile(path.Join(s.Stager.ProfileDir(), "0000_opa_env.sh"), b.Bytes(), 0755) //nolint
 }
 
 func (s *Supplier) writeOpaConfig(cred services.AMSCredentials, tlsCfg tlsConfig) error {
@@ -252,7 +253,8 @@ func (s *Supplier) createStorageGatewayConfig(cred services.AMSCredentials, cfg
 	}
 	svcs := make(map[string]RestConfig)
 	svcs[serviceKey] = RestConfig{
-		URL: cred.BundleURL,
+		URL:     cred.BundleURL,
+		Headers: map[string]string{env.HeaderInstanceID: cred.InstanceID},
 		Credentials: Credentials{ClientTLS: &ClientTLS{
 			Cert: cfg.CertPath,
 			Key:  cfg.KeyPath,

diff --git a/pkg/supply/supply_test.go b/pkg/supply/supply_test.go
@@ -16,7 +16,6 @@ import (
 	"time"
 
 	"code.cloudfoundry.org/buildpackapplifecycle/buildpackrunner/resources"
-	"github.com/SAP/cloud-authorization-buildpack/pkg/uploader"
 	"github.com/cloudfoundry/libbuildpack"
 	"github.com/golang/mock/gomock"
 	. "github.com/onsi/ginkgo"
@@ -26,6 +25,9 @@ import (
 	"github.com/open-policy-agent/opa/plugins/rest"
 	"gopkg.in/yaml.v2"
 
+	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/env"
+	"github.com/SAP/cloud-authorization-buildpack/pkg/uploader"
+
 	"github.com/SAP/cloud-authorization-buildpack/pkg/supply"
 	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/testdata"
 )
@@ -340,6 +342,11 @@ var _ = Describe("Supply", func() {
 				Expect(string(keySpy)).To(Equal("identity-key-payload"))
 				Expect(string(certSpy)).To(Equal("identity-cert-payload"))
 			})
+			It("sets the ams instance id http header when uploading the bundle", func() {
+				Expect(supplier.Run()).To(Succeed())
+				expectedValue := []string{"00000000-3b4d-4c41-9e5b-9aee7bfa6348"}
+				Expect(uploadReqSpy.Header).Should(HaveKeyWithValue(env.HeaderInstanceID, expectedValue))
+			})
 			It("should configure access to the gateway", func() {
 				Expect(supplier.Run()).To(Succeed())
 				rawConfig, err := os.ReadFile(filepath.Join(depDir, "opa_config.yml"))

diff --git a/pkg/uploader/archiver.go b/pkg/uploader/archiver.go
@@ -7,11 +7,10 @@ import (
 	"encoding/base64"
 	"io"
 	"io/ioutil"
-	"strings"
-
 	"os"
 	"path"
 	"path/filepath"
+	"strings"
 
 	"github.com/cloudfoundry/libbuildpack"
 )
@@ -64,7 +63,7 @@ func CreateArchive(log *libbuildpack.Logger, root string) (*bytes.Buffer, error)
 func crawlDCLs(fi os.FileInfo, file, root string) (*[]archiveContent, error) {
 	var archive []archiveContent
 	if fi.IsDir() {
-		content, err := ioutil.ReadDir(file) // nolint
+		content, err := ioutil.ReadDir(file) //nolint
 		if err != nil {
 			return nil, err
 		}

diff --git a/pkg/uploader/uploader.go b/pkg/uploader/uploader.go
@@ -12,6 +12,8 @@ import (
 	"time"
 
 	"github.com/cloudfoundry/libbuildpack"
+
+	"github.com/SAP/cloud-authorization-buildpack/pkg/supply/env"
 )
 
 type Uploader struct {
@@ -90,6 +92,7 @@ func (up *Uploader) do(ctx context.Context, dstURL string, body []byte) (*http.R
 	if err != nil {
 		return nil, fmt.Errorf("could not create DCL upload request %w", err)
 	}
+	r.Header.Set(env.HeaderInstanceID, up.AMSInstanceID)
 	r.Header.Set("Content-Type", "application/gzip")
 	return up.Client.Do(r)
 }