fix: set content-disposition on S3

shanduur · shanduur · commit 7c6d26184cd3 · 2025-08-12T08:55:45.000+02:00
S3 does not set proper Content-Disposition, and this header might be
ignored by e.g. browsers if set before redirect. We need to include it
when adding new object to the cache.

Additionally, if the object was previously cached, we need to ensure
that Content-Disposition header will be properly updated.

Signed-off-by: Mateusz Urbanek &lt;mateusz.urbanek@siderolabs.com&gt;
diff --git a/internal/asset/asset.go b/internal/asset/asset.go
@@ -118,7 +118,7 @@ func (b *Builder) getBuildAsset(ctx context.Context, versionString, arch string,
 //
 // First, check if the asset has already been built and cached then use the cached version.
 // If the asset hasn't been built yet, build it and cache it honoring the concurrency limit, and push it to the cache.
-func (b *Builder) Build(ctx context.Context, prof profile.Profile, versionString string) (BootAsset, error) {
+func (b *Builder) Build(ctx context.Context, prof profile.Profile, versionString, filename string) (BootAsset, error) {
 	profileHash, err := factoryprofile.Hash(prof)
 	if err != nil {
 		return nil, err
@@ -138,7 +138,7 @@ func (b *Builder) Build(ctx context.Context, prof profile.Profile, versionString
 
 	// nothing in cache, so build the asset, but make sure we do it only once
 	ch := b.sf.DoChan(profileHash, func() (any, error) { //nolint:contextcheck
-		return b.buildAndCache(profileHash, prof, versionString)
+		return b.buildAndCache(profileHash, prof, versionString, filename)
 	})
 
 	select {
@@ -162,7 +162,7 @@ func (b *Builder) Build(ctx context.Context, prof profile.Profile, versionString
 }
 
 // buildAndCache builds the asset and pushes it to the cache.
-func (b *Builder) buildAndCache(profileHash string, prof profile.Profile, versionString string) (BootAsset, error) {
+func (b *Builder) buildAndCache(profileHash string, prof profile.Profile, versionString, filename string) (BootAsset, error) {
 	// detach the context to make sure the asset is built no matter if the request is canceled
 	ctx, cancel := context.WithTimeout(context.Background(), 20*time.Minute)
 	defer cancel()
@@ -175,7 +175,7 @@ func (b *Builder) buildAndCache(profileHash string, prof profile.Profile, versio
 	b.metricAssetsBuilt.WithLabelValues(versionString, prof.Output.Kind.String(), prof.Arch).Inc()
 	b.metricAssetBytesBuilt.WithLabelValues(versionString, prof.Output.Kind.String(), prof.Arch).Add(float64(asset.Size()))
 
-	if err = b.cache.Put(ctx, profileHash, asset); err != nil {
+	if err = b.cache.Put(ctx, profileHash, asset, filename); err != nil {
 		b.logger.Error("error putting asset to cache", zap.Error(err), zap.String("profile_hash", profileHash))
 	}
 
diff --git a/internal/asset/cache/cache.go b/internal/asset/cache/cache.go
@@ -40,5 +40,5 @@ type RedirectableAsset interface {
 // Cache is an interface for a cache that stores boot assets.
 type Cache interface {
 	Get(ctx context.Context, profileID string) (BootAsset, error)
-	Put(ctx context.Context, profileID string, asset BootAsset) error
+	Put(ctx context.Context, profileID string, asset BootAsset, filename string) error
 }
diff --git a/internal/asset/cache/cdn/cdn.go b/internal/asset/cache/cdn/cdn.go
@@ -68,6 +68,6 @@ func (c *Cache) Get(ctx context.Context, profileID string) (cache.BootAsset, err
 }
 
 // Put uploads the boot asset to the registry.
-func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset) error {
-	return c.underlying.Put(ctx, profileID, asset)
+func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset, filename string) error {
+	return c.underlying.Put(ctx, profileID, asset, filename)
 }
diff --git a/internal/asset/cache/registry/registry.go b/internal/asset/cache/registry/registry.go
@@ -139,7 +139,7 @@ func (c *Cache) Get(ctx context.Context, profileID string) (cache.BootAsset, err
 }
 
 // Put uploads the boot asset to the registry.
-func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset) error {
+func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset, _ string) error {
 	taggedRef := c.cacheRepository.Tag(profileID)
 
 	c.logger.Info("pushing cached image", zap.Stringer("ref", taggedRef))
diff --git a/internal/asset/cache/s3/s3.go b/internal/asset/cache/s3/s3.go
@@ -9,6 +9,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"net/http"
 	"path"
 	"time"
 
@@ -115,6 +116,11 @@ func (c *Cache) Get(ctx context.Context, profileID string) (cache.BootAsset, err
 		return nil, fmt.Errorf("error getting object stat for object %q: %w", key, err)
 	}
 
+	// we need to fix metadata if it's not present
+	if !hasRequiredMetadata(stat.Metadata) {
+		return nil, cache.ErrCacheNotFound
+	}
+
 	redirect, err := c.s3cli.PresignedGetObject(ctx, c.bucketName, key, expires, nil)
 	if err != nil {
 		var minioErr minio.ErrorResponse
@@ -148,15 +154,17 @@ func (c *Cache) Get(ctx context.Context, profileID string) (cache.BootAsset, err
 }
 
 // Put uploads the boot asset to the registry.
-func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset) error {
+func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset, filename string) error {
 	key := path.Join(prefix, profileID)
 
 	data, err := asset.Reader()
 	if err != nil {
 		return fmt.Errorf("error getting reader for asset from profile %q: %w", profileID, err)
 	}
 
-	stat, err := c.s3cli.PutObject(ctx, c.bucketName, key, data, asset.Size(), minio.PutObjectOptions{})
+	stat, err := c.s3cli.PutObject(ctx, c.bucketName, key, data, asset.Size(), minio.PutObjectOptions{
+		ContentDisposition: fmt.Sprintf(`attachment; filename="%s"`, filename),
+	})
 	if err != nil {
 		var minioErr minio.ErrorResponse
 		if errors.As(err, &minioErr) {
@@ -184,9 +192,21 @@ func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset
 		return fmt.Errorf("error creating reference asset for profile %q: %w", profileID, err)
 	}
 
-	if err := c.signingCache.Put(ctx, profileID, ref); err != nil {
+	if err := c.signingCache.Put(ctx, profileID, ref, filename); err != nil {
 		return fmt.Errorf("error putting asset reference for profile %q to registry: %w", profileID, err)
 	}
 
 	return nil
 }
+
+func hasRequiredMetadata(metadata http.Header) bool {
+	for _, key := range []string{
+		"Content-Disposition",
+	} {
+		if metadata.Get(key) == "" {
+			return false
+		}
+	}
+
+	return true
+}
diff --git a/internal/frontend/http/image.go b/internal/frontend/http/image.go
@@ -57,7 +57,7 @@ func (f *Frontend) handleImage(ctx context.Context, w http.ResponseWriter, r *ht
 		return fmt.Errorf("error validating profile: %w", err)
 	}
 
-	asset, err := f.assetBuilder.Build(ctx, prof, version.String())
+	asset, err := f.assetBuilder.Build(ctx, prof, version.String(), path)
 	if err != nil {
 		return err
 	}
diff --git a/internal/frontend/http/pxe.go b/internal/frontend/http/pxe.go
@@ -63,7 +63,7 @@ func (f *Frontend) handlePXE(ctx context.Context, w http.ResponseWriter, _ *http
 	}
 
 	// build the cmdline
-	asset, err := f.assetBuilder.Build(ctx, prof, version.String())
+	asset, err := f.assetBuilder.Build(ctx, prof, version.String(), path)
 	if err != nil {
 		return err
 	}
diff --git a/internal/frontend/http/registry.go b/internal/frontend/http/registry.go
@@ -254,7 +254,7 @@ func (f *Frontend) buildInstallImage(ctx context.Context, img requestedImage, sc
 
 		var asset asset.BootAsset
 
-		asset, err = f.assetBuilder.Build(ctx, prof, version.String())
+		asset, err = f.assetBuilder.Build(ctx, prof, version.String(), img.Name())
 		if err != nil {
 			return v1.Hash{}, err
 		}
diff --git a/internal/integration/download_test.go b/internal/integration/download_test.go
@@ -104,6 +104,7 @@ func downloadAssetAndMatchSize(ctx context.Context, t *testing.T, baseURL string
 	body := resp.Body
 
 	require.Equal(t, http.StatusOK, resp.StatusCode)
+	require.Contains(t, resp.Header, "Content-Disposition")
 
 	size := matchSizeAndType(t, body, fileType, expectedSize)
 
@@ -128,6 +129,7 @@ func downloadDiskImageMatchSizeAndPartitions(ctx context.Context, t *testing.T,
 	body := io.TeeReader(resp.Body, out)
 
 	require.Equal(t, http.StatusOK, resp.StatusCode)
+	require.Contains(t, resp.Header, "Content-Disposition")
 
 	size := matchSizeAndType(t, body, fileType, expectedSize)
 
@@ -188,6 +190,7 @@ func downloadAssetAndValidateInitramfs(ctx context.Context, t *testing.T, baseUR
 	body := resp.Body
 
 	require.Equal(t, http.StatusOK, resp.StatusCode)
+	require.Contains(t, resp.Header, "Content-Disposition")
 
 	d := t.TempDir()
 	initramfsPath := filepath.Join(d, "initramfs.xz")
@@ -212,6 +215,7 @@ func downloadAssetAndValidateUKI(ctx context.Context, t *testing.T, baseURL stri
 	body := resp.Body
 
 	require.Equal(t, http.StatusOK, resp.StatusCode)
+	require.Contains(t, resp.Header, "Content-Disposition")
 
 	d := t.TempDir()
 	ukiPath := filepath.Join(d, "uki.efi")
@@ -236,6 +240,7 @@ func downloadInstallerAndValidateUKI(ctx context.Context, t *testing.T, baseURL
 	body := resp.Body
 
 	require.Equal(t, http.StatusOK, resp.StatusCode)
+	require.Contains(t, resp.Header, "Content-Disposition")
 
 	d := t.TempDir()
 	installerPath := filepath.Join(d, "installer.tar")
@@ -260,6 +265,7 @@ func downloadCmdlineAndMatch(ctx context.Context, t *testing.T, baseURL string,
 	body := resp.Body
 
 	require.Equal(t, http.StatusOK, resp.StatusCode)
+	require.Contains(t, resp.Header, "Content-Disposition")
 
 	cmdlineBytes, err := io.ReadAll(body)
 	require.NoError(t, err)

Original file line number	Diff line number	Diff line change
`@@ -40,5 +40,5 @@ type RedirectableAsset interface {`
`40`	`40`	`// Cache is an interface for a cache that stores boot assets.`
`41`	`41`	`type Cache interface {`
`42`	`42`	`Get(ctx context.Context, profileID string) (BootAsset, error)`
`43`		`- Put(ctx context.Context, profileID string, asset BootAsset) error`
	`43`	`+ Put(ctx context.Context, profileID string, asset BootAsset, filename string) error`
`44`	`44`	`}`
Original file line number	Diff line number	Diff line change
`@@ -68,6 +68,6 @@ func (c *Cache) Get(ctx context.Context, profileID string) (cache.BootAsset, err`
`68`	`68`	`}`
`69`	`69`
`70`	`70`	`// Put uploads the boot asset to the registry.`
`71`		`-func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset) error {`
`72`		`- return c.underlying.Put(ctx, profileID, asset)`
	`71`	`+func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset, filename string) error {`
	`72`	`+ return c.underlying.Put(ctx, profileID, asset, filename)`
`73`	`73`	`}`
Original file line number	Diff line number	Diff line change
`@@ -139,7 +139,7 @@ func (c *Cache) Get(ctx context.Context, profileID string) (cache.BootAsset, err`
`139`	`139`	`}`
`140`	`140`
`141`	`141`	`// Put uploads the boot asset to the registry.`
`142`		`-func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset) error {`
	`142`	`+func (c *Cache) Put(ctx context.Context, profileID string, asset cache.BootAsset, _ string) error {`
`143`	`143`	`taggedRef := c.cacheRepository.Tag(profileID)`
`144`	`144`
`145`	`145`	`c.logger.Info("pushing cached image", zap.Stringer("ref", taggedRef))`
Original file line number	Diff line number	Diff line change
`@@ -57,7 +57,7 @@ func (f Frontend) handleImage(ctx context.Context, w http.ResponseWriter, r ht`
`57`	`57`	`return fmt.Errorf("error validating profile: %w", err)`
`58`	`58`	`}`
`59`	`59`
`60`		`- asset, err := f.assetBuilder.Build(ctx, prof, version.String())`
	`60`	`+ asset, err := f.assetBuilder.Build(ctx, prof, version.String(), path)`
`61`	`61`	`if err != nil {`
`62`	`62`	`return err`
`63`	`63`	`}`
Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ func (f Frontend) handlePXE(ctx context.Context, w http.ResponseWriter, _ http`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`// build the cmdline`
`66`		`- asset, err := f.assetBuilder.Build(ctx, prof, version.String())`
	`66`	`+ asset, err := f.assetBuilder.Build(ctx, prof, version.String(), path)`
`67`	`67`	`if err != nil {`
`68`	`68`	`return err`
`69`	`69`	`}`
Original file line number	Diff line number	Diff line change
`@@ -254,7 +254,7 @@ func (f *Frontend) buildInstallImage(ctx context.Context, img requestedImage, sc`
`254`	`254`
`255`	`255`	`var asset asset.BootAsset`
`256`	`256`
`257`		`- asset, err = f.assetBuilder.Build(ctx, prof, version.String())`
	`257`	`+ asset, err = f.assetBuilder.Build(ctx, prof, version.String(), img.Name())`
`258`	`258`	`if err != nil {`
`259`	`259`	`return v1.Hash{}, err`
`260`	`260`	`}`