Add X-Org-Id header for IoP requests

Author: ShimShtein

app/services/foreman_rh_cloud/cert_auth.rb

@@ -15,7 +15,10 @@ def execute_cloud_request(params)
       final_params = {
         ssl_client_cert: OpenSSL::X509::Certificate.new(certs[:cert]),
         ssl_client_key: OpenSSL::PKey.read(certs[:key]),
-      }.deep_merge(params)
+        headers: {
+          'X-Org-Id' => ForemanRhCloud.with_iop_smart_proxy? ? organization&.label : nil,
+        },
+      }.compact.deep_merge(params)
 
       super(final_params)
     end

app/services/foreman_rh_cloud/gateway_request.rb

@@ -2,7 +2,7 @@
 
 module ForemanRhCloud
   class InsightsApiForwarder
-    include ForemanRhCloud::GatewayRequest
+    include ForemanRhCloud::CertAuth
 
     SCOPED_REQUESTS = [
       { test: %r{api/vulnerability/v1/vulnerabilities/cves}, tag_name: :tags },
@@ -26,6 +26,8 @@ def forward_request(original_request, path, controller_name, user, organization,
 
       request_opts = prepare_request_opts(original_request, path, forward_payload, forward_params)
 
+      request_opts[:organization] = organization
+
       logger.debug("Sending request to: #{request_opts[:url]}")
 
       execute_cloud_request(request_opts)

app/services/foreman_rh_cloud/insights_api_forwarder.rb

@@ -1,6 +1,6 @@
 module ForemanRhCloud
   class TagsAuth
-    include GatewayRequest
+    include CertAuth
 
     TAG_NAMESPACE = 'sat_iam'.freeze
     TAG_SHORT_NAME = 'scope'.freeze
@@ -24,6 +24,7 @@ def update_tag
 
       payload = tags_query_payload
       params = {
+        organization: @org,
         method: :post,
         url: "#{InsightsCloud.gateway_url}/tags",
         headers: {

app/services/foreman_rh_cloud/tags_auth.rb

@@ -27,6 +27,11 @@ else
         AUTH_VAL="\"$RH_USERNAME\":\"$RH_PASSWORD\""
 fi
 
+if [ -n "$ORG_ID" ]
+then
+        ORG_HEADER="-H \"X-Org-Id: $ORG_ID\""
+fi
+
 # /tmp/a b/x.pem
 # curl --cert /tmp/a\ b/x.pem
 
@@ -36,7 +41,7 @@ mkdir -p $DONE_DIR
 
 for f in $FILES
 do
-  curl -k -vvv -# --fail -F "file=@$f;type=application/vnd.redhat.qpc.tar+tgz" $DEST "$AUTH_KEY" "$AUTH_VAL"
+  curl -k -vvv -# --fail -F "file=@$f;type=application/vnd.redhat.qpc.tar+tgz" $DEST "$AUTH_KEY" "$AUTH_VAL" "$ORG_HEADER"
   status=$?
   if [ $status -eq 0 ]; then
     mv $f $DONE_DIR

lib/foreman_inventory_upload/scripts/uploader.sh.erb

@@ -23,13 +23,16 @@ def plan(repo, *_args)
           return
         end
 
-        plan_self
+        organization_id = Katello::Repository.find(repo_id).environment.organization_id
+
+        plan_self(organization_id: organization_id)
       end
 
       def run
         url = ::InsightsCloud.vmaas_reposcan_sync_url
 
         response = execute_cloud_request(
+          organization: organization,
           method: :put,
           url: url,
           headers: { 'Content-Type' => 'application/json' }
@@ -61,6 +64,10 @@ def rescue_strategy_for_self
         Dynflow::Action::Rescue::Skip
       end
 
+      def organization
+        @organization ||= Organization.find(input[:organization_id])
+      end
+
       private
 
       def logger