From b15de1b41c3a5098ab671198483b3ef332ca3267 Mon Sep 17 00:00:00 2001
From: Jeff Lu <chunglu@amazon.com>
Date: Fri, 22 Mar 2024 15:11:44 -0700
Subject: [PATCH] adding header on port 80 and test case

Signed-off-by: Jeff Lu <chunglu@amazon.com>
---
 lib/compute/jenkins-main-node.ts |  4 +++-
 test/ci-stack.test.ts            | 34 ++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/lib/compute/jenkins-main-node.ts b/lib/compute/jenkins-main-node.ts
index c1e360e..dc039b5 100644
--- a/lib/compute/jenkins-main-node.ts
+++ b/lib/compute/jenkins-main-node.ts
@@ -301,7 +301,9 @@ export class JenkinsMainNode {
             <IfModule mod_headers.c>
               Header unset Server
             </IfModule>`
-          : `<VirtualHost *:80>
+          // eslint-disable-next-line no-useless-escape,max-len
+          : `LogFormat "%{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+            <VirtualHost *:80>
             ServerAdmin  webmaster@127.0.0.1
             ProxyRequests     Off
             ProxyPreserveHost On
diff --git a/test/ci-stack.test.ts b/test/ci-stack.test.ts
index 7d42c8a..7ae6f7b 100644
--- a/test/ci-stack.test.ts
+++ b/test/ci-stack.test.ts
@@ -481,3 +481,37 @@ test('Test WAF association with ALB', () => {
     },
   });
 });
+
+test('Test configElement docker and jenkins content', () => {
+  const app = new App({
+    context: {
+      useSsl: 'true', runWithOidc: 'false', serverAccessType: 'ipv4', restrictServerAccessTo: '0.0.0.0/0',
+    },
+  });
+
+  // WHEN
+  const stack = new CIStack(app, 'MyTestStack', {
+    env: { account: 'test-account', region: 'us-east-1' },
+  });
+
+  // THEN
+  Template.fromStack(stack).hasResource('AWS::AutoScaling::AutoScalingGroup', {
+    /* eslint-disable max-len */
+    Metadata: {
+      'AWS::CloudFormation::Init': {
+        config: {
+          files: {
+            '/etc/httpd/conf.d/jenkins.conf': {
+              // eslint-disable-next-line no-useless-escape,max-len
+              content: 'LogFormat "%{X-Forwarded-For}i %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined\n            <VirtualHost *:80>\n                ServerAdmin  webmaster@localhost\n                Redirect permanent / https://replace_url.com/\n            </VirtualHost>\n            <VirtualHost *:443>\n                SSLEngine on\n                SSLCertificateFile /etc/ssl/certs/test-jenkins.opensearch.org.crt\n                SSLCertificateKeyFile /etc/ssl/private/test-jenkins.opensearch.org.key\n                SSLCertificateChainFile /etc/ssl/certs/test-jenkins.opensearch.org.pem\n                ServerAdmin  webmaster@localhost\n                ProxyRequests     Off\n                ProxyPreserveHost On\n                AllowEncodedSlashes NoDecode\n                <Proxy *>\n                    Order deny,allow\n                    Allow from all\n                </Proxy>\n                ProxyPass         /  http://localhost:8080/ nocanon\n                ProxyPassReverse  /  http://localhost:8080/\n                ProxyPassReverse  /  http://replace_url.com/\n                RequestHeader set X-Forwarded-Proto \"https\"\n                RequestHeader set X-Forwarded-Port \"443\"\n            </VirtualHost>\n            <IfModule mod_headers.c>\n              Header unset Server\n            </IfModule>',
+              encoding: 'plain',
+              mode: '000644',
+              owner: 'root',
+              group: 'root',
+            },
+          },
+        },
+      },
+    },
+  });
+});