YDB-1453 added CORS headers to healthcheck handler (#2174)

Author: StekPerepolnen

ydb/core/viewer/counters_hosts.h

@@ -16,6 +16,7 @@ using namespace NActors;
 using namespace NNodeWhiteboard;
 
 class TCountersHostsList : public TActorBootstrapped<TCountersHostsList> {
+    IViewer* Viewer;
     NMon::TEvHttpInfo::TPtr Event;
     THolder<TEvInterconnect::TEvNodesInfo> NodesInfo;
     TMap<TNodeId, THolder<TEvWhiteboard::TEvSystemStateResponse>> NodesResponses;
@@ -29,8 +30,9 @@ class TCountersHostsList : public TActorBootstrapped<TCountersHostsList> {
         return NKikimrServices::TActivity::VIEWER_HANDLER;
     }
 
-    TCountersHostsList(IViewer*, NMon::TEvHttpInfo::TPtr& ev)
-        : Event(ev)
+    TCountersHostsList(IViewer* viewer, NMon::TEvHttpInfo::TPtr& ev)
+        : Viewer(viewer)
+        , Event(ev)
     {}
 
     void Bootstrap(const TActorContext& ctx) {
@@ -145,7 +147,7 @@ class TCountersHostsList : public TActorBootstrapped<TCountersHostsList> {
                 }
             }
         }
-        ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(HTTPOKTEXT + text.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+        ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKTEXT(Event->Get()) + text.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
         Die(ctx);
     }
 

ydb/core/viewer/json_acl.h

@@ -155,7 +155,7 @@ class TJsonACL : public TViewerPipeClient<TJsonACL> {
 
             switch (DescribeResult->GetRecord().GetStatus()) {
             case NKikimrScheme::StatusAccessDenied:
-                headers = HTTPFORBIDDENJSON;
+                headers = Viewer->GetHTTPFORBIDDEN(Event->Get());
                 break;
             default:
                 break;

ydb/core/viewer/json_describe.h

@@ -265,7 +265,7 @@ class TJsonDescribe : public TViewerPipeClient<TJsonDescribe> {
             const auto *descriptor = NKikimrScheme::EStatus_descriptor();
             auto accessDeniedStatus = descriptor->FindValueByNumber(NKikimrScheme::StatusAccessDenied)->name();
             if (DescribeResult->GetStatus() == accessDeniedStatus) {
-                headers = HTTPFORBIDDENJSON;
+                headers = Viewer->GetHTTPFORBIDDEN(Event->Get());
             }
             TProtoToJson::ProtoToJson(json, *DescribeResult, JsonSettings);
         } else {

ydb/core/viewer/json_healthcheck.h

@@ -24,6 +24,7 @@ enum HealthCheckResponseFormat {
 };
 
 class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
+    IViewer* Viewer;
     static const bool WithRetry = false;
     NMon::TEvHttpInfo::TPtr Event;
     TJsonSettings JsonSettings;
@@ -36,8 +37,9 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
         return NKikimrServices::TActivity::VIEWER_HANDLER;
     }
 
-    TJsonHealthCheck(IViewer*, NMon::TEvHttpInfo::TPtr& ev)
-        : Event(ev)
+    TJsonHealthCheck(IViewer* viewer, NMon::TEvHttpInfo::TPtr& ev)
+        : Viewer(viewer)
+        , Event(ev)
     {}
 
     void Bootstrap(const TActorContext& ctx) {
@@ -78,7 +80,7 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
             if (Ydb::Monitoring::StatusFlag_Status_Parse(params.Get("min_status"), &minStatus)) {
                 request->Request.set_minimum_status(minStatus);
             } else {
-                Send(Event->Sender, new NMon::TEvHttpInfoRes(HTTPBADREQUEST, 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+                Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPBADREQUEST(Event->Get()), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
                 return PassAway();
             }
         }
@@ -104,7 +106,7 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
         THashMap<TMetricRecord, ui32> recordCounters;
         for (auto& log : ev->Get()->Result.issue_log()) {
             TMetricRecord record {
-                .Database = log.location().database().name(), 
+                .Database = log.location().database().name(),
                 .Message = log.message(),
                 .Status = descriptor->FindValueByNumber(log.status())->name(),
                 .Type = log.type()
@@ -124,7 +126,7 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
     void HandleJSON(NHealthCheck::TEvSelfCheckResult::TPtr& ev, const TActorContext &ctx) {
         TStringStream json;
         TProtoToJson::ProtoToJson(json, ev->Get()->Result, JsonSettings);
-        ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(HTTPOKJSON + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+        ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKJSON(Event->Get()) + json.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
         Die(ctx);
     }
 
@@ -134,7 +136,7 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
         TStringStream ss;
         IMetricEncoderPtr encoder = EncoderPrometheus(&ss);
         IMetricEncoder* e = encoder.Get();
-        
+
         TIntrusivePtr<TDomainsInfo> domains = AppData()->DomainsInfo;
         TIntrusivePtr<TDomainsInfo::TDomain> domain = domains->Domains.begin()->second;
         auto filterDatabase = Database ? Database : "/" + domain->Name;
@@ -173,7 +175,7 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
         e->OnMetricEnd();
         e->OnStreamEnd();
 
-        ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(HTTPOKTEXT + ss.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+        ctx.Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPOKTEXT(Event->Get()) + ss.Str(), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
         Die(ctx);
     }
 
@@ -186,7 +188,7 @@ class TJsonHealthCheck : public TActorBootstrapped<TJsonHealthCheck> {
     }
 
     void HandleTimeout(const TActorContext &ctx) {
-        Send(Event->Sender, new NMon::TEvHttpInfoRes(HTTPGATEWAYTIMEOUT, 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+        Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPGATEWAYTIMEOUT(Event->Get()), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
         Die(ctx);
     }
 };

ydb/core/viewer/json_hotkeys.h

@@ -143,7 +143,7 @@ class TJsonHotkeys : public TViewerPipeClient<TJsonHotkeys> {
         if (DescribeResult != nullptr) {
             switch (DescribeResult->GetRecord().GetStatus()) {
             case NKikimrScheme::StatusAccessDenied:
-                headers = HTTPFORBIDDENJSON;
+                headers = Viewer->GetHTTPFORBIDDEN(Event->Get());
                 break;
             default:
                 break;

ydb/core/viewer/json_local_rpc.h

@@ -131,7 +131,7 @@ class TJsonLocalRpc : public TActorBootstrapped<TJsonLocalRpc<TProtoRequest, TPr
                 NProtobufJson::Json2Proto(postData, request, json2ProtoConfig);
             }
             catch (const yexception& e) {
-                Send(Event->Sender, new NMon::TEvHttpInfoRes(HTTPBADREQUEST, 0, NMon::IEvHttpInfoRes::EContentType::Custom));
+                Send(Event->Sender, new NMon::TEvHttpInfoRes(Viewer->GetHTTPBADREQUEST(Event->Get(), {}, "Bad Request"), 0, NMon::IEvHttpInfoRes::EContentType::Custom));
                 PassAway();
             }
         } else {
@@ -195,9 +195,9 @@ class TJsonLocalRpc : public TActorBootstrapped<TJsonLocalRpc<TProtoRequest, TPr
         TString headers = Viewer->GetHTTPOKJSON(Event->Get());
         if (DescribeResult) {
             if (!DescribeResult->Status->IsSuccess()) {
-                headers = HTTPBADREQUEST;
+                headers = Viewer->GetHTTPBADREQUEST(Event->Get(), {}, "Bad Request");
                 if (DescribeResult->Status->GetStatus() == NYdb::EStatus::UNAUTHORIZED) {
-                    headers = HTTPFORBIDDENJSON;
+                    headers = Viewer->GetHTTPFORBIDDEN(Event->Get());
                 }
             } else {
                 TProtoToJson::ProtoToJson(json, *(DescribeResult->Message), JsonSettings);

ydb/core/viewer/viewer.cpp

@@ -152,9 +152,11 @@ class TViewer : public TActorBootstrapped<TViewer>, public IViewer {
 
     TString GetCORS(const NMon::TEvHttpInfo* request) override;
     TString GetHTTPOKJSON(const NMon::TEvHttpInfo* request, TString response) override;
+    TString GetHTTPOKTEXT(const NMon::TEvHttpInfo* request, TString response) override;
     TString GetHTTPOK(const NMon::TEvHttpInfo* request, TString type, TString response) override;
     TString GetHTTPGATEWAYTIMEOUT(const NMon::TEvHttpInfo* request) override;
     TString GetHTTPBADREQUEST(const NMon::TEvHttpInfo* request, TString type, TString response) override;
+    TString GetHTTPFORBIDDEN(const NMon::TEvHttpInfo* request) override;
 
     void RegisterVirtualHandler(
             NKikimrViewer::EObjectType parentObjectType,
@@ -467,6 +469,22 @@ TString TViewer::GetHTTPOKJSON(const NMon::TEvHttpInfo* request, TString respons
     return res;
 }
 
+TString TViewer::GetHTTPOKTEXT(const NMon::TEvHttpInfo* request, TString response) {
+    TStringBuilder res;
+    res << "HTTP/1.1 200 Ok\r\n"
+        << "Content-Type: text/plain; charset=utf-8\r\n"
+        << "X-Worker-Name: " << CurrentWorkerName << "\r\n";
+    res << GetCORS(request);
+    if (response) {
+        res << "Content-Length: " << response.size() << "\r\n";
+    }
+    res << "\r\n";
+    if (response) {
+        res << response;
+    }
+    return res;
+}
+
 TString TViewer::GetHTTPGATEWAYTIMEOUT(const NMon::TEvHttpInfo* request) {
     TStringBuilder res;
     res << "HTTP/1.1 504 Gateway Time-out\r\n"
@@ -492,6 +510,16 @@ TString TViewer::GetHTTPBADREQUEST(const NMon::TEvHttpInfo* request, TString con
     return res;
 }
 
+TString TViewer::GetHTTPFORBIDDEN(const NMon::TEvHttpInfo* request) {
+    TStringBuilder res;
+    res << "HTTP/1.1 403 Forbidden\r\n"
+        << "Content-Type: application/json; charset=utf-8\r\n"
+        << "Connection: Close\r\n";
+    res << GetCORS(request);
+    res << "\r\n";
+    return res;
+}
+
 TString TViewer::GetHTTPOK(const NMon::TEvHttpInfo* request, TString contentType = {}, TString response = {}) {
     TStringBuilder res;
     res << "HTTP/1.1 200 Ok\r\n"

ydb/core/viewer/viewer.h

@@ -156,8 +156,10 @@ class IViewer {
     virtual TString GetCORS(const NMon::TEvHttpInfo* request) = 0;
     virtual TString GetHTTPOK(const NMon::TEvHttpInfo* request, TString contentType = {}, TString response = {}) = 0;
     virtual TString GetHTTPOKJSON(const NMon::TEvHttpInfo* request, TString response = {}) = 0;
+    virtual TString GetHTTPOKTEXT(const NMon::TEvHttpInfo* request, TString response = {}) = 0;
     virtual TString GetHTTPGATEWAYTIMEOUT(const NMon::TEvHttpInfo* request) = 0;
     virtual TString GetHTTPBADREQUEST(const NMon::TEvHttpInfo* request, TString contentType = {}, TString response = {}) = 0;
+    virtual TString GetHTTPFORBIDDEN(const NMon::TEvHttpInfo* request) = 0;
 };
 
 void SetupPQVirtualHandlers(IViewer* viewer);
@@ -184,12 +186,6 @@ struct TJsonRequestParameters {
     static TString GetParameters() { return TString(); }
 };
 
-static const char HTTPOKJSON[] = "HTTP/1.1 200 Ok\r\nAccess-Control-Allow-Origin: *\r\nContent-Type: application/json; charset=utf-8\r\nConnection: Close\r\n\r\n";
-static const char HTTPOKTEXT[] = "HTTP/1.1 200 Ok\r\nAccess-Control-Allow-Origin: *\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: Close\r\n\r\n";
-static const char HTTPFORBIDDENJSON[] = "HTTP/1.1 403 Forbidden\r\nAccess-Control-Allow-Origin: *\r\nContent-Type: application/json; charset=utf-8\r\nConnection: Close\r\n\r\n";
-static const char HTTPGATEWAYTIMEOUT[] = "HTTP/1.1 504 Gateway Time-out\r\nConnection: Close\r\n\r\nGateway Time-out\r\n";
-static const char HTTPBADREQUEST[] = "HTTP/1.1 400 Bad Request\r\nConnection: Close\r\n\r\nBad Request\r\n";
-
 template <typename ValueType, typename OutputIteratorType>
 void GenericSplitIds(TStringBuf source, char delim, OutputIteratorType it) {
     for (TStringBuf value = source.NextTok(delim); !value.empty(); value = source.NextTok(delim)) {