fix(network): new API logic supports custom certificates

58c26f20 · Tomas Vik · 34e37cf1 · 34e37cf1 · 58c26f20 · 58c26f20
5 changed file
--- a/src/check_deprecated_certificate_settings.js
+++ b/src/check_deprecated_certificate_settings.js
-const vscode = require('vscode');
-const { openUrl } = require('./openers');
-
-const WARNED_FLAG_NAME = 'warnedAboutCertDeprecation';
-
-const checkDeprecatedCertificateSettings = async context => {
-  const { ignoreCertificateErrors, ca, cert, certKey } = vscode.workspace.getConfiguration(
-    'gitlab',
-  );
-  if (
-    (ignoreCertificateErrors || ca || cert || certKey) &&
-    !context.globalState.get(WARNED_FLAG_NAME)
-  ) {
-    const response = await vscode.window.showWarningMessage(
-      `
-You are using settings to set custom certificate for connecting to your GitLab instance.
-This configuration is going to get removed in the next major version of GitLab Workflow extension.`,
-      'See more details',
-      "Don't show again",
-    );
-    if (response === "Don't show again") {
-      context.globalState.update(WARNED_FLAG_NAME, true);
-    } else if (response === 'See more details') {
-      openUrl('https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/issues/247');
-    }
-  }
-};
-
-module.exports = checkDeprecatedCertificateSettings;
--- a/src/extension.js
+++ b/src/extension.js
@@ -13,7 +13,6 @@ const webviewController = require('./webview_controller');
 const IssuableDataProvider = require('./data_providers/issuable').DataProvider;
 const CurrentBranchDataProvider = require('./data_providers/current_branch').DataProvider;
 const { initializeLogging, handleError } = require('./log');
-const checkDeprecatedCertificateSettings = require('./check_deprecated_certificate_settings');
 const { ApiContentProvider } = require('./review/api_content_provider');
 const { REVIEW_URI_SCHEME } = require('./constants');
 const { USER_COMMANDS, PROGRAMMATIC_COMMANDS } = require('./command_names');
@@ -98,7 +97,6 @@ const activate = context => {
  webviewController.addDeps(context);
  tokenService.init(context);
  tokenServiceWrapper.init(context);
-  checkDeprecatedCertificateSettings(context);
  registerCiCompletion(context);
 };


--- a/src/gitlab/gitlab_new_service.ts
+++ b/src/gitlab/gitlab_new_service.ts
 import * as vscode from 'vscode';
+import * as https from 'https';
 import { GraphQLClient, gql } from 'graphql-request';
 import crossFetch from 'cross-fetch';
 import { URL } from 'url';
@@ -8,6 +9,7 @@ import { tokenService } from '../services/token_service';
 import { FetchError } from '../errors/fetch_error';
 import { getUserAgentHeader } from '../utils/get_user_agent_header';
 import { getAvatarUrl } from '../utils/get_avatar_url';
+import { getHttpAgentOptions } from '../utils/get_http_agent_options';

 interface Node<T> {
  pageInfo?: {
@@ -214,16 +216,25 @@ export class GitLabNewService {
    this.client = new GraphQLClient(endpoint, this.fetchOptions);
  }

+  private get httpAgent() {
+    const agentOptions = getHttpAgentOptions();
+    if (agentOptions.proxy) {
+      return createHttpProxyAgent(agentOptions.proxy);
+    }
+    if (this.instanceUrl.startsWith('https://')) {
+      return new https.Agent(agentOptions);
+    }
+    return undefined;
+  }
+
  private get fetchOptions() {
    const token = tokenService.getToken(this.instanceUrl);
-    const { proxy } = vscode.workspace.getConfiguration('http');
-    const agent = proxy ? createHttpProxyAgent(proxy) : undefined;
    return {
      headers: {
        Authorization: `Bearer ${token}`,
        ...getUserAgentHeader(),
      },
-      agent,
+      agent: this.httpAgent,
    };
  }


--- a/src/gitlab_service.ts
+++ b/src/gitlab_service.ts
@@ -12,6 +12,7 @@ import { getUserAgentHeader } from './utils/get_user_agent_header';
 import { CustomQueryType } from './gitlab/custom_query_type';
 import { CustomQuery } from './gitlab/custom_query';
 import { getAvatarUrl } from './utils/get_avatar_url';
+import { getHttpAgentOptions } from './utils/get_http_agent_options';

 interface GitLabProject {
  id: number;
@@ -53,11 +54,7 @@ const getInstanceUrl = async () =>
  ).fetchCurrentInstanceUrl();

 async function fetch(path: string, method = 'GET', data?: Record<string, unknown>) {
-  const { ignoreCertificateErrors, ca, cert, certKey } = vscode.workspace.getConfiguration(
-    'gitlab',
-  );
  const instanceUrl = await getInstanceUrl();
-  const { proxy } = vscode.workspace.getConfiguration('http');
  const apiRoot = `${instanceUrl}/api/v4`;
  const glToken = tokenService.getToken(instanceUrl);
  const tokens = tokenService.getInstanceUrls().join(', ');
@@ -83,37 +80,9 @@ async function fetch(path: string, method = 'GET', data?: Record<string, unknown
      'PRIVATE-TOKEN': glToken,
      ...getUserAgentHeader(),
    },
-    rejectUnauthorized: !ignoreCertificateErrors,
+    ...getHttpAgentOptions(),
  };

-  if (proxy) {
-    config.proxy = proxy;
-  }
-
-  if (ca) {
-    try {
-      config.ca = fs.readFileSync(ca);
-    } catch (e) {
-      handleError(new UserFriendlyError(`Cannot read CA '${ca}'`, e));
-    }
-  }
-
-  if (cert) {
-    try {
-      config.cert = fs.readFileSync(cert);
-    } catch (e) {
-      handleError(new UserFriendlyError(`Cannot read CA '${cert}'`, e));
-    }
-  }
-
-  if (certKey) {
-    try {
-      config.key = fs.readFileSync(certKey);
-    } catch (e) {
-      handleError(new UserFriendlyError(`Cannot read CA '${certKey}'`, e));
-    }
-  }
-
  if (data) {
    config.formData = data;
  }

--- a/src/utils/get_http_agent_options.ts
+++ b/src/utils/get_http_agent_options.ts
+import * as vscode from 'vscode';
+import * as fs from 'fs';
+import { UserFriendlyError } from '../errors/user_friendly_error';
+import { handleError } from '../log';
+
+interface GitLabHttpAgentOptions {
+  ca?: Buffer;
+  cert?: Buffer;
+  key?: Buffer;
+  proxy?: string;
+  rejectUnauthorized?: boolean;
+}
+
+export const getHttpAgentOptions = (): GitLabHttpAgentOptions => {
+  const result: GitLabHttpAgentOptions = {};
+  const { ignoreCertificateErrors, ca, cert, certKey } = vscode.workspace.getConfiguration(
+    'gitlab',
+  );
+
+  result.rejectUnauthorized = !ignoreCertificateErrors;
+  if (ca) {
+    try {
+      result.ca = fs.readFileSync(ca);
+    } catch (e) {
+      handleError(new UserFriendlyError(`Cannot read CA '${ca}'`, e));
+    }
+  }
+  if (cert) {
+    try {
+      result.cert = fs.readFileSync(cert);
+    } catch (e) {
+      handleError(new UserFriendlyError(`Cannot read Certificate '${cert}'`, e));
+    }
+  }
+  if (certKey) {
+    try {
+      result.key = fs.readFileSync(certKey);
+    } catch (e) {
+      handleError(new UserFriendlyError(`Cannot read Certificate Key '${certKey}'`, e));
+    }
+  }
+
+  const { proxy } = vscode.workspace.getConfiguration('http');
+  result.proxy = proxy || undefined;
+  return result;
+};