attest-provider/pkg/utils/utils.go

package utils

import (
	"encoding/json"
	"net/http"

	"github.com/open-policy-agent/frameworks/constraint/pkg/externaldata"
	"k8s.io/klog/v2"
)

const (
	apiVersion = "externaldata.gatekeeper.sh/v1beta1"
	kind       = "ProviderResponse"
)

func GatekeeperResponse(results *[]externaldata.Item, systemErr string) []byte {
	response := externaldata.ProviderResponse{
		APIVersion: apiVersion,
		Kind:       kind,
		Response: externaldata.Response{
			Idempotent: true, // mutation requires idempotent results
		},
	}

	if results != nil {
		response.Response.Items = *results
	} else {
		response.Response.SystemError = systemErr
	}

	body, err := json.Marshal(response)
	if err != nil {
		klog.ErrorS(err, "unable to marshal response")
		panic(err)
	}
	return body
}

func GatekeeperError(systemErr string) []byte {
	return GatekeeperResponse(nil, systemErr)
}

// sendResponse sends back the response to Gatekeeper.
func SendResponse(results *[]externaldata.Item, systemErr string, w http.ResponseWriter) {
	body := GatekeeperResponse(results, systemErr)
	klog.InfoS("sending response", "response", string(body))

	w.Header().Set("Content-Type", "application/json")
	_, err := w.Write(body)
	if err != nil {
		klog.ErrorS(err, "unable to write response")
		return
	}
}
Initial commit 2024-05-23 10:19:55 -05:00			`package utils`

			`import (`
			`"encoding/json"`
			`"net/http"`

			`"github.com/open-policy-agent/frameworks/constraint/pkg/externaldata"`
			`"k8s.io/klog/v2"`
			`)`

			`const (`
			`apiVersion = "externaldata.gatekeeper.sh/v1beta1"`
			`kind = "ProviderResponse"`
			`)`

Swap buggy timeout code for http.TimeoutHandler 2024-06-11 11:19:52 +01:00			`func GatekeeperResponse(results *[]externaldata.Item, systemErr string) []byte {`
Initial commit 2024-05-23 10:19:55 -05:00			`response := externaldata.ProviderResponse{`
			`APIVersion: apiVersion,`
			`Kind: kind,`
			`Response: externaldata.Response{`
			`Idempotent: true, // mutation requires idempotent results`
			`},`
			`}`

			`if results != nil {`
			`response.Response.Items = *results`
			`} else {`
			`response.Response.SystemError = systemErr`
			`}`

merge poc 2024-05-23 10:52:35 -05:00			`body, err := json.Marshal(response)`
			`if err != nil {`
			`klog.ErrorS(err, "unable to marshal response")`
Don't exit on failure to write OK to panic on marshal error as this would be a developer error 2024-06-11 11:29:09 +01:00			`panic(err)`
merge poc 2024-05-23 10:52:35 -05:00			`}`
Swap buggy timeout code for http.TimeoutHandler 2024-06-11 11:19:52 +01:00			`return body`
			`}`

			`func GatekeeperError(systemErr string) []byte {`
			`return GatekeeperResponse(nil, systemErr)`
			`}`

			`// sendResponse sends back the response to Gatekeeper.`
			`func SendResponse(results *[]externaldata.Item, systemErr string, w http.ResponseWriter) {`
			`body := GatekeeperResponse(results, systemErr)`
			`klog.InfoS("sending response", "response", string(body))`
merge poc 2024-05-23 10:52:35 -05:00
			`w.Header().Set("Content-Type", "application/json")`
Swap buggy timeout code for http.TimeoutHandler 2024-06-11 11:19:52 +01:00			`_, err := w.Write(body)`
merge poc 2024-05-23 10:52:35 -05:00			`if err != nil {`
			`klog.ErrorS(err, "unable to write response")`
Don't exit on failure to write OK to panic on marshal error as this would be a developer error 2024-06-11 11:29:09 +01:00			`return`
Initial commit 2024-05-23 10:19:55 -05:00			`}`
			`}`