From 0ea5f21160790cb69285fb3a1c2baf9a52eb105e Mon Sep 17 00:00:00 2001 From: Dmitrii Andreev Date: Thu, 25 Jun 2026 15:04:46 -0500 Subject: [PATCH] HYPERFLEET-1147 - feat: enable caller identity header in API helm values Configure identity_header in base API values so the API resolves caller identity from the X-HyperFleet-Identity HTTP header for audit attribution. Overridable via API_IDENTITY_HEADER env var. --- .../configs/base/adapters/adapter1/adapter-task-config.yaml | 2 ++ .../configs/base/adapters/adapter2/adapter-task-config.yaml | 2 ++ .../configs/base/adapters/adapter3/adapter-task-config.yaml | 2 ++ .../configs/e2e/adapters/cl-deployment/adapter-task-config.yaml | 2 ++ helmfile/configs/e2e/adapters/cl-job/adapter-task-config.yaml | 2 ++ .../configs/e2e/adapters/cl-maestro/adapter-task-config.yaml | 2 ++ .../configs/e2e/adapters/cl-namespace/adapter-task-config.yaml | 2 ++ .../configs/e2e/adapters/np-configmap/adapter-task-config.yaml | 2 ++ helmfile/values/base-api.yaml.gotmpl | 2 ++ 9 files changed, 18 insertions(+) diff --git a/helmfile/configs/base/adapters/adapter1/adapter-task-config.yaml b/helmfile/configs/base/adapters/adapter1/adapter-task-config.yaml index 38d1621..8929cb2 100644 --- a/helmfile/configs/base/adapters/adapter1/adapter-task-config.yaml +++ b/helmfile/configs/base/adapters/adapter1/adapter-task-config.yaml @@ -181,6 +181,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .statusPayload }}" diff --git a/helmfile/configs/base/adapters/adapter2/adapter-task-config.yaml b/helmfile/configs/base/adapters/adapter2/adapter-task-config.yaml index 53cc29c..e0591ba 100644 --- a/helmfile/configs/base/adapters/adapter2/adapter-task-config.yaml +++ b/helmfile/configs/base/adapters/adapter2/adapter-task-config.yaml @@ -381,6 +381,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .statusPayload }}" diff --git a/helmfile/configs/base/adapters/adapter3/adapter-task-config.yaml b/helmfile/configs/base/adapters/adapter3/adapter-task-config.yaml index af05327..8e64271 100644 --- a/helmfile/configs/base/adapters/adapter3/adapter-task-config.yaml +++ b/helmfile/configs/base/adapters/adapter3/adapter-task-config.yaml @@ -189,6 +189,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/nodepools/{{ .nodepoolId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .statusPayload }}" diff --git a/helmfile/configs/e2e/adapters/cl-deployment/adapter-task-config.yaml b/helmfile/configs/e2e/adapters/cl-deployment/adapter-task-config.yaml index 406ae4e..867e307 100644 --- a/helmfile/configs/e2e/adapters/cl-deployment/adapter-task-config.yaml +++ b/helmfile/configs/e2e/adapters/cl-deployment/adapter-task-config.yaml @@ -172,6 +172,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .clusterStatusPayload }}" diff --git a/helmfile/configs/e2e/adapters/cl-job/adapter-task-config.yaml b/helmfile/configs/e2e/adapters/cl-job/adapter-task-config.yaml index a59aac1..e24f1a2 100644 --- a/helmfile/configs/e2e/adapters/cl-job/adapter-task-config.yaml +++ b/helmfile/configs/e2e/adapters/cl-job/adapter-task-config.yaml @@ -181,6 +181,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .clusterStatusPayload }}" diff --git a/helmfile/configs/e2e/adapters/cl-maestro/adapter-task-config.yaml b/helmfile/configs/e2e/adapters/cl-maestro/adapter-task-config.yaml index 8978adf..652df65 100644 --- a/helmfile/configs/e2e/adapters/cl-maestro/adapter-task-config.yaml +++ b/helmfile/configs/e2e/adapters/cl-maestro/adapter-task-config.yaml @@ -242,6 +242,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .statusPayload }}" diff --git a/helmfile/configs/e2e/adapters/cl-namespace/adapter-task-config.yaml b/helmfile/configs/e2e/adapters/cl-namespace/adapter-task-config.yaml index fc519bd..edb8434 100644 --- a/helmfile/configs/e2e/adapters/cl-namespace/adapter-task-config.yaml +++ b/helmfile/configs/e2e/adapters/cl-namespace/adapter-task-config.yaml @@ -184,6 +184,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .clusterStatusPayload }}" diff --git a/helmfile/configs/e2e/adapters/np-configmap/adapter-task-config.yaml b/helmfile/configs/e2e/adapters/np-configmap/adapter-task-config.yaml index 0e56379..23b6ed1 100644 --- a/helmfile/configs/e2e/adapters/np-configmap/adapter-task-config.yaml +++ b/helmfile/configs/e2e/adapters/np-configmap/adapter-task-config.yaml @@ -173,6 +173,8 @@ post: method: "PUT" url: "/clusters/{{ .clusterId }}/nodepools/{{ .nodepoolId }}/statuses" headers: + - name: "X-HyperFleet-Identity" + value: "adapter@adapter.local" - name: "Content-Type" value: "application/json" body: "{{ .nodepoolStatusPayload }}" diff --git a/helmfile/values/base-api.yaml.gotmpl b/helmfile/values/base-api.yaml.gotmpl index efe8f09..89682a4 100644 --- a/helmfile/values/base-api.yaml.gotmpl +++ b/helmfile/values/base-api.yaml.gotmpl @@ -10,6 +10,8 @@ service: type: {{ .Values.serviceType }} config: + server: + identity_header: {{ env "API_IDENTITY_HEADER" | default "X-HyperFleet-Identity" }} adapters: required: cluster: