Skip to content

Add Request Headers to bypass security gates #1057

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 10 commits into from
May 3, 2025
Merged

Add Request Headers to bypass security gates #1057

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
5c90518
chore: add headers to the requests
Dakumo Mar 12, 2025
3c5d857
Merge branch 'main' into main
Dakumo Mar 13, 2025
d365c57
chore: add headers to the legacy provider part
Dakumo Mar 14, 2025
5b060d3
Make headers a map
tobio Mar 19, 2025
e2c4f91
make docs-generate
tobio Mar 19, 2025
edac76c
Merge pull request #1 from elastic/headers-map
Dakumo Apr 16, 2025
5c70ec5
Merge branch 'main' into main
Dakumo Apr 16, 2025
3f199fa
Merge branch 'main' into main
Dakumo Apr 22, 2025
21caaaa
Merge pull request #2 from elastic/main
Dakumo Apr 28, 2025
1e1d851
chore: add PR information
Dakumo Apr 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions internal/clients/config/elasticsearch.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,24 @@ func newElasticsearchConfigFromFramework(ctx context.Context, cfg ProviderConfig
config.config.Addresses = endpoints
}

var headers []string
headerDiags := esConfig.Headers.ElementsAs(ctx, &headers, true)
if headerDiags.HasError() {
return nil, diags
}

if len(headers) > 0 {
for _, header := range headers {
headerParts := strings.Split(header, ":")
if len(headerParts) != 2 {
diags.Append(fwdiags.NewErrorDiagnostic("Invalid header format", "Headers must be in the format 'key:value'"))
return nil, diags
}
// trim the strings to remove any leading/trailing whitespace
config.config.Header.Add(strings.TrimSpace(headerParts[0]), strings.TrimSpace(headerParts[1]))
}
}

if esConfig.BearerToken.ValueString() != "" {
config.bearerToken = esConfig.BearerToken.ValueString()
if esConfig.ESClientAuthentication.ValueString() != "" {
Expand Down
1 change: 1 addition & 0 deletions internal/clients/config/provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ type ElasticsearchConnection struct {
BearerToken types.String `tfsdk:"bearer_token"`
ESClientAuthentication types.String `tfsdk:"es_client_authentication"`
Endpoints types.List `tfsdk:"endpoints"`
Headers types.List `tfsdk:"headers"`
Insecure types.Bool `tfsdk:"insecure"`
CAFile types.String `tfsdk:"ca_file"`
CAData types.String `tfsdk:"ca_data"`
Expand Down
15 changes: 15 additions & 0 deletions internal/schema/connection.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,12 @@ func GetEsFWConnectionBlock(keyName string, isProviderConfiguration bool) fwsche
Sensitive: true,
ElementType: types.StringType,
},
"headers": fwschema.ListAttribute{
MarkdownDescription: "A list of headers to be sent with each request to Elasticsearch.",
Optional: true,
Sensitive: true,
ElementType: types.StringType,
},
"insecure": fwschema.BoolAttribute{
MarkdownDescription: "Disable TLS certificate validation",
Optional: true,
Expand Down Expand Up @@ -311,6 +317,15 @@ func GetEsConnectionSchema(keyName string, isProviderConfiguration bool) *schema
Type: schema.TypeString,
},
},
"headers": {
Description: "A list of headers to be sent with each request to Elasticsearch.",
Type: schema.TypeList,
Optional: true,
Sensitive: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"insecure": {
Description: "Disable TLS certificate validation",
Type: schema.TypeBool,
Expand Down
Loading