From 34dbab5c00ee32a3867f44ae6be7ad1f813a04f4 Mon Sep 17 00:00:00 2001
From: osh <osh.slomczynski@iongroup.com>
Date: Mon, 10 Jan 2022 12:51:35 +0000
Subject: [PATCH 1/2] feat: add optional http headers to ALB conditions config

Co-authored-by: Adam <adam.blevins@iongroup.com>
Co-authored-by: Bela <bela.sal@iongroup.com>
---
 main.tf      | 11 ++++++++++-
 variables.tf |  9 +++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 8649b6a..22a2ba8 100644
--- a/main.tf
+++ b/main.tf
@@ -26,10 +26,19 @@ resource "aws_alb_listener_rule" "rule" {
     }
   }
 
+  dynamic "condition" {
+    for_each = var.extra_listener_http_header_pairs
+    content {
+      http_header {
+        http_header_name = condition.value.http_header_name
+        values           = condition.value.values
+      }
+    }
+  }
 }
 
 locals {
-  old_target_group_name     = "${replace(replace("${var.env}-${var.component_name}", "/(.{0,32}).*/", "$1"), "/^-+|-+$/", "")}"
+  old_target_group_name = "${replace(replace("${var.env}-${var.component_name}", "/(.{0,32}).*/", "$1"), "/^-+|-+$/", "")}"
 
   target_group_name_hash    = "${base64encode(base64sha256("${var.env}-${var.component_name}"))}"
   target_group_name_postfix = "${replace(replace("${local.target_group_name_hash}", "/(.{0,12}).*/", "$1"), "/^-+|-+$/", "")}"
diff --git a/variables.tf b/variables.tf
index 37fb9b3..02e4861 100644
--- a/variables.tf
+++ b/variables.tf
@@ -119,3 +119,12 @@ variable "extra_listener_host_names" {
   type        = list(string)
   default     = []
 }
+
+variable "extra_listener_http_header_pairs" {
+  description = "A list of HTTP headers to be included in the http header condition for the ALB listener rule"
+  type        = list(object({
+    http_header_name = string,
+    values           = set(string)
+  }))
+  default     = []
+}

From 728447eabeadd140f3dc81877510794ca67f78b5 Mon Sep 17 00:00:00 2001
From: osh <osh.slomczynski@iongroup.com>
Date: Mon, 10 Jan 2022 16:57:14 +0000
Subject: [PATCH 2/2] test: add new one and amend GH Actions config

Co-authored-by: Adam <adam.blevins@iongroup.com>
Co-authored-by: Bela <bela.sal@iongroup.com>
---
 .github/workflows/test.yml              |  7 ++-
 test/infra/main.tf                      | 14 +++++-
 test/test_tf_backend_service_routing.py | 57 +++++++++++++++++++++++++
 3 files changed, 72 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 9f8d04e..23efcd1 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -3,14 +3,13 @@ name: Test
 on:
   workflow_dispatch:
   push:
-    branches-ignore:
-      - 'dependabot/**'
+    branches:
+      - master
 
 jobs:
-  publish:
+  test:
     name: Test
     runs-on: ubuntu-latest
-    if: ${{ github.ref == 'refs/heads/master' }}
     steps:
       - uses: actions/checkout@v2
       - run: ./test/run.sh
diff --git a/test/infra/main.tf b/test/infra/main.tf
index 8d422a4..cd37580 100644
--- a/test/infra/main.tf
+++ b/test/infra/main.tf
@@ -12,7 +12,8 @@ module "backend_service_routing" {
   aws_account_alias = var.aws_account_alias
   backend_dns       = var.backend_dns
 
-  extra_listener_host_names = var.extra_listener_host_names
+  extra_listener_host_names        = var.extra_listener_host_names
+  extra_listener_http_header_pairs = var.extra_listener_http_header_pairs
 }
 
 # configure provider to not try too hard talking to AWS API
@@ -40,6 +41,15 @@ variable "aws_account_alias" {}
 variable "backend_dns" {}
 
 variable "extra_listener_host_names" {
-  type = list(string)
+  type    = list(string)
+  default = []
+}
+
+variable "extra_listener_http_header_pairs" {
+  description = "A list of HTTP headers to be included in the http header condition for the ALB listener rule"
+  type        = list(object({
+    http_header_name = string,
+    values           = set(string)
+  }))
   default = []
 }
diff --git a/test/test_tf_backend_service_routing.py b/test/test_tf_backend_service_routing.py
index 301e5be..0466884 100644
--- a/test/test_tf_backend_service_routing.py
+++ b/test/test_tf_backend_service_routing.py
@@ -170,6 +170,63 @@ def test_create_alb_listener_rule_extrahosts(self):
         }
     }    """.strip() in output
 
+    def test_create_alb_listener_rule_extra_headers(self):
+        # When
+        output = check_output([
+            'terraform',
+            'plan',
+            '-var', 'env=live',
+            '-var', 'aws_account_alias=awsaccount',
+            '-var', 'backend_dns=testbackend.com',
+            '-var', 'extra_listener_http_header_pairs=[{"http_header_name":"osh_was","values":["here"]}]',
+            '-var-file=test/platform-config/eu-west-1.json',
+            '-target=module.backend_service_routing.aws_alb_listener_rule.rule',
+            '-no-color',
+            'test/infra'
+        ]).decode('utf-8')
+
+        # Then
+        assert """
+  # module.backend_service_routing.aws_alb_listener_rule.rule will be created
+  + resource "aws_alb_listener_rule" "rule" {
+      + arn          = (known after apply)
+      + id           = (known after apply)
+      + listener_arn = "arn:aws:alb:eu-west-1:123456789123:alb:listener"
+      + priority     = 10
+      + tags_all     = (known after apply)
+
+      + action {
+          + order            = (known after apply)
+          + target_group_arn = (known after apply)
+          + type             = "forward"
+        }
+
+      + condition {
+          + host_header {
+              + values = [
+                  + "cognito.domain.com",
+                ]
+            }
+        }
+      + condition {
+
+          + http_header {
+              + http_header_name = "osh_was"
+              + values           = [
+                  + "here",
+                ]
+            }
+        }
+      + condition {
+
+          + path_pattern {
+              + values = [
+                  + "*",
+                ]
+            }
+        }
+    }    """.strip() in output
+
     def test_create_aws_alb_target_group(self):
         # When
         output = check_output([