diff --git a/sources/src/develocity/build-scan.ts b/sources/src/develocity/build-scan.ts index cf9230b..9af174a 100644 --- a/sources/src/develocity/build-scan.ts +++ b/sources/src/develocity/build-scan.ts @@ -28,7 +28,11 @@ export async function setup(config: BuildScanConfig): Promise { maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree()) } - return setupToken(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry()) + return setupToken( + config.getDevelocityAccessKey(), + config.getDevelocityAllowUntrustedServer(), + config.getDevelocityTokenExpiry() + ) } function maybeExportVariable(variableName: string, value: unknown): void { diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts index c059f96..37362ba 100644 --- a/sources/src/develocity/short-lived-token.ts +++ b/sources/src/develocity/short-lived-token.ts @@ -3,11 +3,15 @@ import * as core from '@actions/core' import {BuildScanConfig} from '../configuration' import {recordDeprecation} from '../deprecation-collector' -export async function setupToken(develocityAccessKey: string, develocityTokenExpiry: string): Promise { +export async function setupToken( + develocityAccessKey: string, + develocityAllowUntrustedServer: boolean | undefined, + develocityTokenExpiry: string +): Promise { if (develocityAccessKey) { try { core.debug('Fetching short-lived token...') - const tokens = await getToken(develocityAccessKey, develocityTokenExpiry) + const tokens = await getToken(develocityAccessKey, develocityAllowUntrustedServer, develocityTokenExpiry) if (tokens != null && !tokens.isEmpty()) { core.debug(`Got token(s), setting the access key env vars`) const token = tokens.raw() @@ -41,10 +45,14 @@ function handleMissingAccessToken(): void { } } -export async function getToken(accessKey: string, expiry: string): Promise { +export async function getToken( + accessKey: string, + allowUntrustedServer: undefined | boolean, + expiry: string +): Promise { const empty: Promise = new Promise(r => r(null)) const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey) - const shortLivedTokenClient = new ShortLivedTokenClient() + const shortLivedTokenClient = new ShortLivedTokenClient(allowUntrustedServer) if (develocityAccessKey == null) { return empty @@ -67,10 +75,16 @@ export async function getToken(accessKey: string, expiry: string): Promise { const queryParams = expiry ? `?expiresInHours=${expiry}` : '' const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl diff --git a/sources/test/jest/short-lived-token.test.ts b/sources/test/jest/short-lived-token.test.ts index a0f8d9d..0bc83c8 100644 --- a/sources/test/jest/short-lived-token.test.ts +++ b/sources/test/jest/short-lived-token.test.ts @@ -39,7 +39,7 @@ describe('short lived tokens', () => { message: 'connect ECONNREFUSED 127.0.0.1:3333', code: 'ECONNREFUSED' }) - await expect(getToken('localhost=key0', '')) + await expect(getToken('localhost=key0', false, '')) .resolves .toBeNull() }) @@ -50,14 +50,14 @@ describe('short lived tokens', () => { .times(3) .reply(500, 'Internal error') expect.assertions(1) - await expect(getToken('dev=xyz', '')) + await expect(getToken('dev=xyz', false, '')) .resolves .toBeNull() }) it('get short lived token returns null when access key is empty', async () => { expect.assertions(1) - await expect(getToken('', '')) + await expect(getToken('', false, '')) .resolves .toBeNull() }) @@ -67,7 +67,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token') expect.assertions(1) - await expect(getToken('dev=key1', '')) + await expect(getToken('dev=key1', false, '')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token"}]}) }) @@ -80,7 +80,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token2') expect.assertions(1) - await expect(getToken('dev=key1;prod=key2', '')) + await expect(getToken('dev=key1;prod=key2', false, '')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]}) }) @@ -97,7 +97,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token2') expect.assertions(1) - await expect(getToken('dev=key1;bogus=key0;prod=key2', '')) + await expect(getToken('dev=key1;bogus=key0;prod=key2', false, '')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]}) }) @@ -112,7 +112,7 @@ describe('short lived tokens', () => { .times(3) .reply(500, 'Internal Error') expect.assertions(1) - await expect(getToken('dev=key1;bogus=key0', '')) + await expect(getToken('dev=key1;bogus=key0', false, '')) .resolves .toBeNull() }) @@ -122,7 +122,7 @@ describe('short lived tokens', () => { .post('/api/auth/token?expiresInHours=4') .reply(200, 'token') expect.assertions(1) - await expect(getToken('dev=key1', '4')) + await expect(getToken('dev=key1', false, '4')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token"}]}) })