fix: tranform func to methods, delete unused env vars, refactor code

ndakkoune · ndakkoune · commit 8568a56fc9b1 · 2026-03-20T11:43:08.000+01:00
diff --git a/aws/logs_monitoring_go/internal/config/apikey.go b/aws/logs_monitoring_go/internal/config/apikey.go
@@ -19,13 +19,12 @@ import (
 )
 
 const (
-	TIMEOUT = 5
+	awsClientTimeout = 5 * time.Second
 )
 
 type resolveOptions struct {
-	AWSCfg  aws.Config
-	Value   string
-	UseFIPS bool
+	AWSCfg aws.Config
+	Value  string
 }
 
 type apiKeyResolver func(ctx context.Context, opts resolveOptions) (string, error)
@@ -40,26 +39,30 @@ var resolvers = []struct {
 	{"DD_API_KEY", resolveFromEnv},
 }
 
-func resolveAPIKey(ctx context.Context, useFIPS bool) (string, error) {
+func (c *Config) resolveAPIKey(ctx context.Context) error {
 	awsCfg, err := awsconfig.LoadDefaultConfig(ctx,
-		awsconfig.WithHTTPClient(awshttp.NewBuildableClient().WithTimeout(time.Second*TIMEOUT)),
+		awsconfig.WithHTTPClient(awshttp.NewBuildableClient().WithTimeout(awsClientTimeout)),
 	)
 
 	if err != nil {
-		return "", fmt.Errorf("loading AWS config: %w", err)
+		return fmt.Errorf("loading AWS config: %w", err)
 	}
 
 	for _, resolver := range resolvers {
 		if v, ok := os.LookupEnv(resolver.envVar); ok {
 			slog.Debug("resolving API key", "source", resolver.envVar)
-			resolver.resolve(ctx, resolveOptions{
-				AWSCfg:  awsCfg,
-				Value:   v,
-				UseFIPS: useFIPS,
+			key, err := resolver.resolve(ctx, resolveOptions{
+				AWSCfg: awsCfg,
+				Value:  v,
 			})
+			if err != nil {
+				return fmt.Errorf("resolving API key from %s: %w", resolver.envVar, err)
+			}
+			c.APIKey = key
+			return nil
 		}
 	}
-	return "", errors.New("no API key configured: set DD_API_KEY, DD_API_KEY_SECRET_ARN, DD_API_KEY_SSM_NAME, or DD_KMS_API_KEY. See: https://docs.datadoghq.com/serverless/forwarder/")
+	return errors.New("no API key configured: set DD_API_KEY_SECRET_ARN, DD_API_KEY_SSM_NAME, DD_KMS_API_KEY, or DD_API_KEY. See: https://docs.datadoghq.com/serverless/forwarder/")
 }
 
 func resolveFromSecretsManager(ctx context.Context, opts resolveOptions) (string, error) {
@@ -96,6 +99,11 @@ func resolveFromEnv(ctx context.Context, opts resolveOptions) (string, error) {
 	return opts.Value, nil
 }
 
-func validateAPIKey(cfg Config) {
-
+// Note: the API key verification could fail (e.g. Datadog verification endpoint or network problem)
+// Instead of failing the whole lambda at startup, it should run up to the log sending part and verify the
+// key at this moment, adding the run to the future retry logic in such case.
+// The method may disappear in the future.
+func (c *Config) validateAPIKey() error {
+	// TODO: implement validation against Datadog API
+	return nil
 }
diff --git a/aws/logs_monitoring_go/internal/config/config.go b/aws/logs_monitoring_go/internal/config/config.go
@@ -33,13 +33,8 @@ type Config struct {
 	URL               string
 	Port              int
 	APIURL            string
-	ForwardLog        bool
-	UseCompression    bool
-	CompressionLevel  int
 	NoSSL             bool
 	SkipSSLValidation bool
-	Tags              string
-	Source            string
 	LogLevel          string
 	UseFIPS           bool
 }
@@ -48,46 +43,34 @@ func Load(ctx context.Context) (*Config, error) {
 	cfg := &Config{
 		Site:              envOrDefault("DD_SITE", "datadoghq.com"),
 		Port:              envOrDefaultInt("DD_PORT", 443),
-		ForwardLog:        envOrDefaultBool("DD_FORWARD_LOG", true),
-		UseCompression:    envOrDefaultBool("DD_USE_COMPRESSION", true),
-		CompressionLevel:  envOrDefaultInt("DD_COMPRESSION_LEVEL", 6),
 		NoSSL:             envOrDefaultBool("DD_NO_SSL", false),
 		SkipSSLValidation: envOrDefaultBool("DD_SKIP_SSL_VALIDATION", false),
-		Tags:              envOrDefault("DD_TAGS", ""),
-		Source:            envOrDefault("DD_SOURCE", ""),
 		LogLevel:          envOrDefault("DD_LOG_LEVEL", "INFO"),
+		UseFIPS:           envOrDefaultBool("DD_USE_FIPS", false),
 	}
 
-	scheme := "https"
-	if cfg.NoSSL {
-		scheme = "http"
-	}
-	cfg.URL = envOrDefault("DD_URL", "http-intake.logs."+cfg.Site)
-	cfg.APIURL = envOrDefault("DD_API_URL", fmt.Sprintf("%s://api.%s", scheme, cfg.Site))
+	cfg.deriveURLs()
 
 	logDroppedEnvVars()
 
-	useFIPS := envOrDefaultBool("DD_USE_FIPS", false)
-	cfg.UseFIPS = useFIPS
-	apiKey, err := resolveAPIKey(ctx, useFIPS)
-	if err != nil {
+	if err := cfg.resolveAPIKey(ctx); err != nil {
 		return nil, fmt.Errorf("resolving API key: %w", err)
 	}
-	cfg.APIKey = apiKey
 
-	if err := validateAPIKey(cfg); err != nil {
+	if err := cfg.validateAPIKey(); err != nil {
 		return nil, fmt.Errorf("validating API key: %w", err)
 	}
 
 	return cfg, nil
 }
 
-func logDroppedEnvVars() {
-	for _, name := range deprecatedEnvironmentVariables {
-		if _, ok := os.LookupEnv(name); ok {
-			slog.Warn("deprecated env var set, will be ignored", "name", name)
-		}
+func (c *Config) deriveURLs() {
+	scheme := "https"
+	if c.NoSSL {
+		scheme = "http"
 	}
+	c.URL = envOrDefault("DD_URL", "http-intake.logs."+c.Site)
+	c.APIURL = envOrDefault("DD_API_URL", fmt.Sprintf("%s://api.%s", scheme, c.Site))
 }
 
 func envOrDefault(key, fallback string) string {
@@ -117,3 +100,11 @@ func envOrDefaultInt(key string, fallback int) int {
 	}
 	return n
 }
+
+func logDroppedEnvVars() {
+	for _, name := range deprecatedEnvironmentVariables {
+		if _, ok := os.LookupEnv(name); ok {
+			slog.Warn("deprecated env var set, will be ignored", "name", name)
+		}
+	}
+}
