From 4dc5d8a162b21dd49f2cdac842839e4c85a7b72f Mon Sep 17 00:00:00 2001
From: Aayush Chouhan <achouhan@redhat.com>
Date: Wed, 30 Oct 2024 19:02:00 +0530
Subject: [PATCH] Validating only STS ARN and updated the format

Signed-off-by: Aayush Chouhan <achouhan@redhat.com>
---
 pkg/diagnostics/report.go | 31 +++++++++++++++++++++++--------
 1 file changed, 23 insertions(+), 8 deletions(-)

diff --git a/pkg/diagnostics/report.go b/pkg/diagnostics/report.go
index 4feb3fad0..a0fe210a2 100644
--- a/pkg/diagnostics/report.go
+++ b/pkg/diagnostics/report.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/aws/aws-sdk-go/aws/arn"
 	nbv1 "github.com/noobaa/noobaa-operator/v5/pkg/apis/noobaa/v1alpha1"
 	"github.com/noobaa/noobaa-operator/v5/pkg/bundle"
 	"github.com/noobaa/noobaa-operator/v5/pkg/options"
@@ -152,9 +153,21 @@ func printOverriddenEnvVar(appName string, envVars []corev1.EnvVar) {
 	fmt.Println("")
 }
 
-// isValidArn is a function to validate the ARN format for an s3 buckets
-func isValidArn(arn *string) bool {
-	return strings.HasPrefix(*arn, "arn:aws:s3::") && len(*arn) > len("arn:aws:s3::")
+// isValidSTSArn is a function to validate the STS ARN format
+func isValidSTSArn(arnStr *string) bool {
+	if arnStr == nil {
+		return false
+	}
+
+	parsedArn, err := arn.Parse(*arnStr)
+	if err != nil {
+		return false
+	}
+
+	if parsedArn.Service == "sts" {
+		return true
+	}
+	return false
 }
 
 // printARNStatus is a function to print ARN validation status
@@ -162,17 +175,19 @@ func printARNStatus(listType string, arnList map[string]string) {
 	foundARNString := false
 	fmt.Printf("%s ARNs:\n----------------------------------\n", listType)
 	for name, arn := range arnList {
-		if isValidArn(&arn) {
-			fmt.Printf("	✅ %s \"%s\":\n\t   ARN: %s\n\t   Status: ✅ Valid\n", listType, name, arn)
+		fmt.Printf("\t%s \"%s\":\n\t	ARN: %s\n\t", listType, name, arn)
+		// currently validating only for AWS STS ARN, can be changed accordingly for other formats and validation
+		if isValidSTSArn(&arn) {
+			fmt.Printf("	Status: ✅ Valid STS ARN\n")
 		} else {
-			fmt.Printf("	⚠️  %s \"%s\":\n\t   ARN: %s\n\t   Status: ⚠️ Invalid (Not an S3 bucket ARN)\n", listType, name, arn)
+			fmt.Printf("	Status: ⚠️ Invalid (Not an STS ARN)\n")
 		}
-		fmt.Println("")
 		foundARNString = true
+		fmt.Println("")
 	}
 
 	if !foundARNString {
-		fmt.Print("	❌ No AWS STS ARN string found.\n")
+		fmt.Print("	❌ No AWS ARN string found.\n")
 	}
 	fmt.Println("")
 }