HTTP datasource: allow GET/HEAD request for checking if the datasource is working (#3710)

blotus · web-flow · commit 822d1895bbad · 2025-06-30T19:02:09.000+02:00
diff --git a/pkg/acquisition/modules/http/http.go b/pkg/acquisition/modules/http/http.go
@@ -11,6 +11,7 @@ import (
 	"io"
 	"net"
 	"net/http"
+	"net/http/httputil"
 	"os"
 	"time"
 
@@ -280,6 +281,16 @@ func (h *HTTPSource) processRequest(w http.ResponseWriter, r *http.Request, hc *
 
 	defer r.Body.Close()
 
+	if h.logger.Logger.IsLevelEnabled(log.TraceLevel) {
+		h.logger.Tracef("processing request from '%s' with method '%s' and path '%s'", r.RemoteAddr, r.Method, r.URL.Path)
+		bodyContent, err := httputil.DumpRequest(r, true)
+		if err != nil {
+			h.logger.Errorf("failed to dump request: %s", err)
+		} else {
+			h.logger.Tracef("request body: %s", bodyContent)
+		}
+	}
+
 	reader := r.Body
 
 	if r.Header.Get("Content-Encoding") == "gzip" {
@@ -338,20 +349,26 @@ func (h *HTTPSource) processRequest(w http.ResponseWriter, r *http.Request, hc *
 func (h *HTTPSource) RunServer(out chan types.Event, t *tomb.Tomb) error {
 	mux := http.NewServeMux()
 	mux.HandleFunc(h.Config.Path, func(w http.ResponseWriter, r *http.Request) {
-		if r.Method != http.MethodPost {
-			h.logger.Errorf("method not allowed: %s", r.Method)
-			http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
-
-			return
-		}
-
 		if err := authorizeRequest(r, &h.Config); err != nil {
 			h.logger.Errorf("failed to authorize request from '%s': %s", r.RemoteAddr, err)
 			http.Error(w, "Unauthorized", http.StatusUnauthorized)
 
 			return
 		}
 
+		switch r.Method {
+		case http.MethodGet, http.MethodHead: // Return a 200 if the auth was successful
+			h.logger.Infof("successful %s request from '%s'", r.Method, r.RemoteAddr)
+			w.WriteHeader(http.StatusOK)
+			w.Write([]byte("OK"))
+			return
+		case http.MethodPost: // POST is handled below
+		default:
+			h.logger.Errorf("method not allowed: %s", r.Method)
+			http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
+			return
+		}
+
 		if r.RemoteAddr == "@" {
 			//We check if request came from unix socket and if so we set to loopback
 			r.RemoteAddr = "127.0.0.1:65535"
diff --git a/pkg/acquisition/modules/http/http_test.go b/pkg/acquisition/modules/http/http_test.go
@@ -244,7 +244,7 @@ func SetupAndRunHTTPSource(t *testing.T, h *HTTPSource, config []byte, metricLev
 	return out, testRegistry, &tomb
 }
 
-func TestStreamingAcquisitionWrongHTTPMethod(t *testing.T) {
+func TestStreamingAcquisitionHTTPMethod(t *testing.T) {
 	h := &HTTPSource{}
 	_, _, tomb := SetupAndRunHTTPSource(t, h, []byte(`
 source: http
@@ -259,13 +259,32 @@ basic_auth:
 
 	ctx := t.Context()
 
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, testHTTPServerAddr+"/test", http.NoBody)
+	req, err := http.NewRequestWithContext(ctx, http.MethodPut, testHTTPServerAddr+"/test", http.NoBody)
 	require.NoError(t, err)
 
+	// Method validity is checked after auth
+	req.SetBasicAuth("test", "test")
+
 	res, err := http.DefaultClient.Do(req)
 	require.NoError(t, err)
 	assert.Equal(t, http.StatusMethodNotAllowed, res.StatusCode)
 
+	// Check that GET/HEAD requests return a 200
+
+	req, err = http.NewRequestWithContext(ctx, http.MethodGet, testHTTPServerAddr+"/test", http.NoBody)
+	require.NoError(t, err)
+	req.SetBasicAuth("test", "test")
+	res, err = http.DefaultClient.Do(req)
+	require.NoError(t, err)
+	assert.Equal(t, http.StatusOK, res.StatusCode)
+
+	req, err = http.NewRequestWithContext(ctx, http.MethodHead, testHTTPServerAddr+"/test", http.NoBody)
+	require.NoError(t, err)
+	req.SetBasicAuth("test", "test")
+	res, err = http.DefaultClient.Do(req)
+	require.NoError(t, err)
+	assert.Equal(t, http.StatusOK, res.StatusCode)
+
 	h.Server.Close()
 	tomb.Kill(nil)
 	err = tomb.Wait()
