Metadata server: Use 301 rather than 308 redirects (#173)

In 20b1c39, requests for the
security-credentials URL were changed to redirect to
security-credentials/ with a trailing slash. However, this uses
http.StatusPermanentRedirect, which corresponds to a 308, whereas
the real metadata API issues a 301 redirect
(http.StatusMovedPermanently).

Some clients do not handle the 308 correctly and fail to retrieve
credentials. We've noticed broken behaviour in the Go sdk version
1.4.10, which is used by docker-machine.

Author: stevenjm

pkg/aws/metadata/handler_role_name.go

@@ -41,7 +41,7 @@ func trailingSlashSuffixRedirectHandler(rw http.ResponseWriter, req *http.Reques
 	}
 
 	u.Path = fmt.Sprintf("%s/", u.Path)
-	http.Redirect(rw, req, u.String(), http.StatusPermanentRedirect)
+	http.Redirect(rw, req, u.String(), http.StatusMovedPermanently)
 }
 
 func (h *roleHandler) Install(router *mux.Router) {

pkg/aws/metadata/handler_role_name_test.go

@@ -23,7 +23,7 @@ func TestRedirectsToCanonicalPath(t *testing.T) {
 
 	router.ServeHTTP(rr, r)
 
-	if rr.Code != http.StatusPermanentRedirect {
+	if rr.Code != http.StatusMovedPermanently {
 		t.Error("expected redirect, was", rr.Code)
 	}
 }