From 2b4b7e10ccba02df0a99e8a924e5002f611462b7 Mon Sep 17 00:00:00 2001 From: Tim Cosgrove Date: Wed, 10 Jul 2024 13:48:36 -0700 Subject: [PATCH] Rework of how the CMS responds to public file base header. (#18424) * Rework of how the CMS responds to public file base header. * Ensure header check is case insensitive. * Variable consistency. --- docroot/sites/default/settings.php | 31 +++++++++++++++++ .../sites/default/settings/settings.dev.php | 3 ++ .../sites/default/settings/settings.local.php | 33 ++----------------- .../sites/default/settings/settings.prod.php | 33 ++----------------- .../default/settings/settings.staging.php | 33 ++----------------- .../default/settings/settings.tugboat.php | 33 ++----------------- 6 files changed, 42 insertions(+), 124 deletions(-) diff --git a/docroot/sites/default/settings.php b/docroot/sites/default/settings.php index 0b0b257088..3d6b461e09 100755 --- a/docroot/sites/default/settings.php +++ b/docroot/sites/default/settings.php @@ -243,6 +243,37 @@ $deploy_service->run($GLOBALS['request'], $app_root, $site_path); } +// Because Jenkins can't resolve e.g. prod.cms.va.gov DNS, and only the +// internal*elb addresses. And sometimes the host would return data with +// "http://default/..." hostnames for files so we set the host here and pass it +// to the `file_public_base_url` setting to fix that. +if (!empty($webhost_on_cli)) { + if (PHP_SAPI === 'cli') { + // This is running from drush so set the webhost. + // Var $webhost_on_cli is set in .php. + $webhost = $webhost_on_cli; + } + else { + // This is running from an HTTP request. + $webhost = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}"; + } + + $settings['file_public_base_url'] = "{$webhost}/sites/default/files"; +} + +// Look for an incoming request header to indicate we should use the public +// asset S3 location for file rather than the Drupal-internal location. +if (!empty($public_asset_s3_base_url)) { + $headerArray = function_exists('apache_request_headers') ? apache_request_headers() : []; + $targetHeader = 'File-Public-Base-Url-Check'; + foreach ($headerArray as $header => $value) { + if (strtolower($header) == strtolower($targetHeader) && $value === 'true') { + // Point the file base url to the public asset S3 bucket. + $settings['file_public_base_url'] = $public_asset_s3_base_url; + } + } + } + // Monolog $settings['container_yamls'][] = __DIR__ . '/services/services.monolog.yml'; diff --git a/docroot/sites/default/settings/settings.dev.php b/docroot/sites/default/settings/settings.dev.php index b2f2fbf79a..2bb3b51bb7 100644 --- a/docroot/sites/default/settings/settings.dev.php +++ b/docroot/sites/default/settings/settings.dev.php @@ -46,3 +46,6 @@ $settings['va_gov_frontend_url'] = 'https://dev.va.gov'; $settings['va_gov_frontend_build_type'] = 'brd'; $settings['github_actions_deploy_env'] = 'dev'; + +// Public asset S3 location +$public_asset_s3_base_url = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com"; diff --git a/docroot/sites/default/settings/settings.local.php b/docroot/sites/default/settings/settings.local.php index c33fad4f68..dd715b5550 100644 --- a/docroot/sites/default/settings/settings.local.php +++ b/docroot/sites/default/settings/settings.local.php @@ -56,34 +56,5 @@ $settings['va_cms_bot_github_auth_token'] = getenv('GITHUB_TOKEN') ?: 'fake-token'; -// Because Jenkins can't resolve e.g. prod.cms.va.gov DNS, and only the -// internal*elb addresses. And sometimes the host would return data with -// "http://default/..." hostnames for files so we set the host here and pass it -// to the `file_public_base_url` setting to fix that. -if (!empty($webhost_on_cli)) { - if (PHP_SAPI === 'cli') { - // This is running from drush so set the webhost. - // Var $webhost_on_cli is set in .php. - $webhost = $webhost_on_cli; - } - else { - // This is running from an HTTP request. - $webhost = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}"; - } - - // Setting the custom header to switch the file base URL in next-build - // Uncomment this next line to test that the header is being set - // header('File-Public-Base-Url-Check: true'); - - // Get all headers - $headersArray = headers_list(); - - // If the header is set in the response headers - if (in_array('File-Public-Base-Url-Check: true', $headersArray, true)) { - // Make the file base url point to staging - $settings['file_public_base_url'] = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com"; - } else { - // Otherwise use the default webhost - $settings['file_public_base_url'] = "{$webhost}/sites/default/files"; - } -} +// Public asset S3 location +$public_asset_s3_base_url = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com"; diff --git a/docroot/sites/default/settings/settings.prod.php b/docroot/sites/default/settings/settings.prod.php index 9cf7dd9019..63ff29d87e 100644 --- a/docroot/sites/default/settings/settings.prod.php +++ b/docroot/sites/default/settings/settings.prod.php @@ -51,34 +51,5 @@ // Settings supporting broken link report import. $settings['broken_link_report_import_enabled'] = TRUE; -// Because Jenkins can't resolve e.g. prod.cms.va.gov DNS, and only the -// internal*elb addresses. And sometimes the host would return data with -// "http://default/..." hostnames for files so we set the host here and pass it -// to the `file_public_base_url` setting to fix that. -if (!empty($webhost_on_cli)) { - if (PHP_SAPI === 'cli') { - // This is running from drush so set the webhost. - // Var $webhost_on_cli is set in .php. - $webhost = $webhost_on_cli; - } - else { - // This is running from an HTTP request. - $webhost = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}"; - } - - // Setting the custom header to switch the file base URL in next-build - // Uncomment this next line to test that the header is being set - // header('File-Public-Base-Url-Check: true'); - - // Get all headers - $headersArray = headers_list(); - - // If the header is set in the response headers - if (in_array('File-Public-Base-Url-Check: true', $headersArray, true)) { - // Make the file base url point to prod - $settings['file_public_base_url'] = "https://dsva-vagov-prod-cms-files.s3.us-gov-west-1.amazonaws.com"; - } else { - // Otherwise use the default webhost - $settings['file_public_base_url'] = "{$webhost}/sites/default/files"; - } - } +// Public asset S3 location +$public_asset_s3_base_url = "https://dsva-vagov-prod-cms-files.s3.us-gov-west-1.amazonaws.com"; diff --git a/docroot/sites/default/settings/settings.staging.php b/docroot/sites/default/settings/settings.staging.php index 95b316b249..5460d3ea4a 100644 --- a/docroot/sites/default/settings/settings.staging.php +++ b/docroot/sites/default/settings/settings.staging.php @@ -48,34 +48,5 @@ $settings['va_gov_frontend_build_type'] = 'brd'; $settings['github_actions_deploy_env'] = 'staging'; -// Because Jenkins can't resolve e.g. prod.cms.va.gov DNS, and only the -// internal*elb addresses. And sometimes the host would return data with -// "http://default/..." hostnames for files so we set the host here and pass it -// to the `file_public_base_url` setting to fix that. -if (!empty($webhost_on_cli)) { - if (PHP_SAPI === 'cli') { - // This is running from drush so set the webhost. - // Var $webhost_on_cli is set in .php. - $webhost = $webhost_on_cli; - } - else { - // This is running from an HTTP request. - $webhost = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}"; - } - - // Setting the custom header to switch the file base URL in next-build - // Uncomment this next line to test that the header is being set - // header('File-Public-Base-Url-Check: true'); - - // Get all headers - $headersArray = headers_list(); - - // If the header is set in the response headers - if (in_array('File-Public-Base-Url-Check: true', $headersArray, true)) { - // Make the file base url point to staging - $settings['file_public_base_url'] = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com"; - } else { - // Otherwise use the default webhost - $settings['file_public_base_url'] = "{$webhost}/sites/default/files"; - } - } +// Public asset S3 location +$public_asset_s3_base_url = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com"; diff --git a/docroot/sites/default/settings/settings.tugboat.php b/docroot/sites/default/settings/settings.tugboat.php index cd2a8648b5..1f246cc72e 100644 --- a/docroot/sites/default/settings/settings.tugboat.php +++ b/docroot/sites/default/settings/settings.tugboat.php @@ -93,34 +93,5 @@ $settings['broken_link_report_import_enabled'] = TRUE; $settings['broken_link_report_location'] = '/var/lib/tugboat/docroot/vendor/va-gov/content-build/logs/vagovdev-broken-links.json'; -// Because Jenkins can't resolve e.g. prod.cms.va.gov DNS, and only the -// internal*elb addresses. And sometimes the host would return data with -// "http://default/..." hostnames for files so we set the host here and pass it -// to the `file_public_base_url` setting to fix that. -if (!empty($webhost_on_cli)) { - if (PHP_SAPI === 'cli') { - // This is running from drush so set the webhost. - // Var $webhost_on_cli is set in .php. - $webhost = $webhost_on_cli; - } - else { - // This is running from an HTTP request. - $webhost = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}"; - } - - // Setting the custom header to switch the file base URL in next-build - // Uncomment this next line to test that the header is being set - // header('File-Public-Base-Url-Check: true'); - - // Get all headers - $headersArray = headers_list(); - - // If the header is set in the response headers - if (in_array('File-Public-Base-Url-Check: true', $headersArray, true)) { - // Make the file base url point to staging - $settings['file_public_base_url'] = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com"; - } else { - // Otherwise use the default webhost - $settings['file_public_base_url'] = "{$webhost}/sites/default/files"; - } -} +// Public asset S3 location +$public_asset_s3_base_url = "https://dsva-vagov-staging-cms-files.s3.us-gov-west-1.amazonaws.com";