Handle empty secrets and OPTIONS (#91)

massdriver-cloud · Oct 24, 2023 · 7456083 · 7456083
1 parent 205426f
commit 7456083
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 6 deletions.
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -35,7 +35,7 @@ linters-settings:
     # Checks the number of statements in a function.
     # If lower than 0, disable the check.
     # Default: 40
-    statements: 50
+    statements: 51
 
   gocognit:
     # Minimal code complexity to report

diff --git a/pkg/bundle/bundle.go b/pkg/bundle/bundle.go
@@ -179,10 +179,16 @@ func NewHandler(dir string) (*Handler, error) {
 //	@Success		200	{object}	bundle.AppSpec.Secrets
 //	@Router			/bundle/secrets [get]
 func (b *Handler) GetSecrets(w http.ResponseWriter, _ *http.Request) {
-	out, err := json.Marshal(b.Bundle.AppSpec.Secrets)
-	if err != nil {
-		w.WriteHeader(http.StatusInternalServerError)
-		return
+	var out []byte
+	var err error
+	if b.Bundle.AppSpec == nil || len(b.Bundle.AppSpec.Secrets) == 0 {
+		out = []byte("{}")
+	} else {
+		out, err = json.Marshal(b.Bundle.AppSpec.Secrets)
+		if err != nil {
+			w.WriteHeader(http.StatusInternalServerError)
+			return
+		}
 	}
 	w.Header().Set("Content-Type", "application/json")
 	_, err = w.Write(out)

diff --git a/pkg/container/container.go b/pkg/container/container.go
@@ -30,6 +30,8 @@ import (
 	"nhooyr.io/websocket"
 )
 
+const allowedMethods = "OPTIONS, GET, POST"
+
 type Handler struct {
 	baseDir   string
 	dockerCLI *client.Client
@@ -209,11 +211,16 @@ const (
 //	@Param			deployPayload	body		container.DeployPayload	true	"DeployPayload"
 //	@Router			/bundle/deploy [post]
 func (h *Handler) Deploy(w http.ResponseWriter, r *http.Request) {
-	if r.Method != http.MethodPost {
+	if r.Method != http.MethodPost && r.Method != http.MethodOptions {
 		w.WriteHeader(http.StatusMethodNotAllowed)
 		return
 	}
 
+	if r.Method == http.MethodOptions {
+		h.options(w, r)
+		return
+	}
+
 	conns, err := io.ReadAll(r.Body)
 	if err != nil {
 		slog.Debug("Error reading payload", "error", err)
@@ -376,3 +383,11 @@ func (h *Handler) getAWSCreds(ctx context.Context) ([]string, error) {
 	}
 	return envVar, nil
 }
+
+func (h *Handler) options(w http.ResponseWriter, r *http.Request) {
+	headers := w.Header()
+
+	headers["Access-Control-Allow-Headers"] = r.Header["Access-Control-Request-Headers"]
+	headers["Access-Control-Allow-Methods"] = []string{allowedMethods}
+	w.WriteHeader(http.StatusOK)
+}