NLB-7285: Add dataplane_api_key as an optional

build/config.yaml.example

@@ -3,6 +3,8 @@
 # cloud_provider: AWS
 # region: us-west-2
 # api_endpoint: http://127.0.0.1:8080/api
+# optional dataplane_api_key
+# dataplane_api_key: your-api-key
 # sync_interval: 5s
 # upstreams:
 #   - name: backend-one
@@ -24,6 +26,8 @@
 # subscription_id: my_subscription_id
 # resource_group_name: my_resource_group
 # api_endpoint: http://127.0.0.1:8080/api
+# optional dataplane_api_key
+# dataplane_api_key: your-api-key
 # sync_interval: 5s
 # upstreams:
 #   - name: backend-one

cmd/sync/config.go

@@ -10,9 +10,10 @@ import (
 
 // commonConfig stores the configuration parameters common to all providers.
 type commonConfig struct {
-	APIEndpoint   string        `yaml:"api_endpoint"`
-	CloudProvider string        `yaml:"cloud_provider"`
-	SyncInterval  time.Duration `yaml:"sync_interval"`
+	APIEndpoint     string        `yaml:"api_endpoint"`
+	CloudProvider   string        `yaml:"cloud_provider"`
+	DataplaneAPIKey string        `yaml:"dataplane_api_key,omitempty"`
+	SyncInterval    time.Duration `yaml:"sync_interval"`
 }
 
 func parseCommonConfig(data []byte) (*commonConfig, error) {

cmd/sync/main.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"context"
+	"encoding/base64"
 	"flag"
 	"fmt"
 	"io"
@@ -21,7 +22,10 @@ var (
 	version    string
 )
 
-const connTimeoutInSecs = 10
+const (
+	connTimeoutInSecs = 10
+	maxHeaders        = 100
+)
 
 func main() {
 	flag.Parse()
@@ -63,7 +67,7 @@ func main() {
 		os.Exit(10)
 	}
 
-	httpClient := &http.Client{Timeout: connTimeoutInSecs * time.Second}
+	httpClient := NewHTTPClient(commonConfig)
 	nginxClient, err := nginx.NewNginxClient(commonConfig.APIEndpoint, nginx.WithHTTPClient(httpClient))
 	if err != nil {
 		log.Printf("Couldn't create NGINX client: %v", err)
@@ -189,3 +193,57 @@ func getStreamUpstreamServerAddresses(server []nginx.StreamUpstreamServer) []str
 	}
 	return streamUpstreamServerAddr
 }
+
+// headerTransport wraps an http.RoundTripper and adds custom headers to all requests.
+type headerTransport struct {
+	headers   http.Header
+	transport http.RoundTripper
+}
+
+func (t *headerTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	clonedReq := req.Clone(req.Context())
+
+	for key, values := range t.headers {
+		for _, value := range values {
+			clonedReq.Header.Add(key, value)
+		}
+	}
+
+	if len(clonedReq.Header) > maxHeaders {
+		return nil, fmt.Errorf("number of headers in request exceeds the maximum allowed (%d)", maxHeaders)
+	}
+
+	resp, err := t.transport.RoundTrip(clonedReq)
+	if err != nil {
+		return nil, fmt.Errorf("headerTransport RoundTrip failed: %w", err)
+	}
+
+	return resp, nil
+}
+
+func NewHTTPClient(cfg *commonConfig) *http.Client {
+	headers := NewHeaders(cfg)
+	baseTransport := &http.Transport{}
+
+	return &http.Client{
+		Transport: &headerTransport{
+			headers:   headers,
+			transport: baseTransport,
+		},
+		Timeout: connTimeoutInSecs * time.Second,
+	}
+}
+
+func NewHeaders(cfg *commonConfig) http.Header {
+	headers := http.Header{}
+	headers.Set("Content-Type", "application/json")
+
+	if cfg.DataplaneAPIKey != "" {
+		authValue := "ApiKey " + base64.StdEncoding.EncodeToString([]byte(cfg.DataplaneAPIKey))
+		headers.Set("Authorization", authValue)
+	} else {
+		log.Printf("[optional] DataplaneAPIKey not configured")
+	}
+
+	return headers
+}