carvel-dev · christopherfriedrich · Mar 29, 2024 · christopherfriedrich · Mar 29, 2024 · joaopapereira
diff --git a/pkg/vendir/config/directory.go b/pkg/vendir/config/directory.go
@@ -102,6 +102,9 @@ type DirectoryContentsHTTP struct {
 	SecretRef *DirectoryContentsLocalRef `json:"secretRef,omitempty"`
 	// +optional
 	DisableUnpack bool `json:"disableUnpack,omitempty"`
+	// Secret containing HTTP Headers for the HTTP request when fetching the URL
+	// +optional
+	HTTPHeadersSecretRef *DirectoryContentsLocalRef `json:"httpHeadersSecretRef,omitempty"`
 }
 
 type DirectoryContentsImage struct {

diff --git a/pkg/vendir/fetch/http/sync.go b/pkg/vendir/fetch/http/sync.go
@@ -86,6 +86,11 @@ func (t *Sync) downloadFile(dst io.Writer) error {
 		return fmt.Errorf("Adding auth to request: %s", err)
 	}
 
+	err = t.addHTTPHeaders(req)
+	if err != nil {
+		return fmt.Errorf("Adding HTTP Headers to request: %s", err)
+	}
+
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
 		return fmt.Errorf("Initiating URL download: %s", err)
@@ -160,3 +165,17 @@ func (t *Sync) addAuth(req *http.Request) error {
 
 	return nil
 }
+
+func (t *Sync) addHTTPHeaders(req *http.Request) error {
+	if t.opts.HTTPHeadersSecretRef != nil {
+		secret, err := t.refFetcher.GetSecret(t.opts.HTTPHeadersSecretRef.Name)
+		if err != nil {
+			return err
+		}
+
+		for name, value := range secret.Data {
+			req.Header.Set(name, string(value))
+		}
+	}
+	return nil
+}