From cfdc6db0ae6b550179db16fa3e0b01a42d5bad63 Mon Sep 17 00:00:00 2001 From: Remco Mokveld Date: Wed, 12 Mar 2025 13:57:54 +0100 Subject: [PATCH 1/5] Ignore SSL when environment is specified --- sources/src/develocity/short-lived-token.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts index c059f96..aa4a3bb 100644 --- a/sources/src/develocity/short-lived-token.ts +++ b/sources/src/develocity/short-lived-token.ts @@ -67,7 +67,11 @@ export async function getToken(accessKey: string, expiry: string): Promise Date: Wed, 12 Mar 2025 14:13:39 +0100 Subject: [PATCH 2/5] Fix formatting and syntax --- sources/src/develocity/short-lived-token.ts | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts index aa4a3bb..8c27616 100644 --- a/sources/src/develocity/short-lived-token.ts +++ b/sources/src/develocity/short-lived-token.ts @@ -67,11 +67,9 @@ export async function getToken(accessKey: string, expiry: string): Promise Date: Wed, 12 Mar 2025 14:12:04 -0500 Subject: [PATCH 3/5] Add develocityAllowUntrustedServer as ShortLivedTokenClient constructor argument --- sources/src/develocity/build-scan.ts | 6 ++++- sources/src/develocity/short-lived-token.ts | 29 ++++++++++++++++----- sources/test/jest/short-lived-token.test.ts | 16 ++++++------ 3 files changed, 35 insertions(+), 16 deletions(-) diff --git a/sources/src/develocity/build-scan.ts b/sources/src/develocity/build-scan.ts index cf9230b..2fded06 100644 --- a/sources/src/develocity/build-scan.ts +++ b/sources/src/develocity/build-scan.ts @@ -28,7 +28,11 @@ export async function setup(config: BuildScanConfig): Promise { maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree()) } - return setupToken(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry()) + return setupToken( + config.getDevelocityAccessKey(), + config.getDevelocityTokenExpiry(), + config.getDevelocityAllowUntrustedServer() + ) } function maybeExportVariable(variableName: string, value: unknown): void { diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts index 8c27616..4f34878 100644 --- a/sources/src/develocity/short-lived-token.ts +++ b/sources/src/develocity/short-lived-token.ts @@ -3,11 +3,15 @@ import * as core from '@actions/core' import {BuildScanConfig} from '../configuration' import {recordDeprecation} from '../deprecation-collector' -export async function setupToken(develocityAccessKey: string, develocityTokenExpiry: string): Promise { +export async function setupToken( + develocityAccessKey: string, + develocityTokenExpiry: string, + develocityAllowUntrustedServer: boolean | undefined +): Promise { if (develocityAccessKey) { try { core.debug('Fetching short-lived token...') - const tokens = await getToken(develocityAccessKey, develocityTokenExpiry) + const tokens = await getToken(develocityAccessKey, develocityTokenExpiry, develocityAllowUntrustedServer) if (tokens != null && !tokens.isEmpty()) { core.debug(`Got token(s), setting the access key env vars`) const token = tokens.raw() @@ -41,10 +45,14 @@ function handleMissingAccessToken(): void { } } -export async function getToken(accessKey: string, expiry: string): Promise { +export async function getToken( + accessKey: string, + expiry: string, + develocityAllowUntrustedServer: undefined | boolean +): Promise { const empty: Promise = new Promise(r => r(null)) const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey) - const shortLivedTokenClient = new ShortLivedTokenClient() + const shortLivedTokenClient = new ShortLivedTokenClient(develocityAllowUntrustedServer) if (develocityAccessKey == null) { return empty @@ -67,12 +75,19 @@ export async function getToken(accessKey: string, expiry: string): Promise { const queryParams = expiry ? `?expiresInHours=${expiry}` : '' const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl diff --git a/sources/test/jest/short-lived-token.test.ts b/sources/test/jest/short-lived-token.test.ts index a0f8d9d..994f3eb 100644 --- a/sources/test/jest/short-lived-token.test.ts +++ b/sources/test/jest/short-lived-token.test.ts @@ -39,7 +39,7 @@ describe('short lived tokens', () => { message: 'connect ECONNREFUSED 127.0.0.1:3333', code: 'ECONNREFUSED' }) - await expect(getToken('localhost=key0', '')) + await expect(getToken('localhost=key0', '', false)) .resolves .toBeNull() }) @@ -50,14 +50,14 @@ describe('short lived tokens', () => { .times(3) .reply(500, 'Internal error') expect.assertions(1) - await expect(getToken('dev=xyz', '')) + await expect(getToken('dev=xyz', '', false)) .resolves .toBeNull() }) it('get short lived token returns null when access key is empty', async () => { expect.assertions(1) - await expect(getToken('', '')) + await expect(getToken('', '', false)) .resolves .toBeNull() }) @@ -67,7 +67,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token') expect.assertions(1) - await expect(getToken('dev=key1', '')) + await expect(getToken('dev=key1', '', false)) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token"}]}) }) @@ -80,7 +80,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token2') expect.assertions(1) - await expect(getToken('dev=key1;prod=key2', '')) + await expect(getToken('dev=key1;prod=key2', '', false)) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]}) }) @@ -97,7 +97,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token2') expect.assertions(1) - await expect(getToken('dev=key1;bogus=key0;prod=key2', '')) + await expect(getToken('dev=key1;bogus=key0;prod=key2', '', false)) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]}) }) @@ -112,7 +112,7 @@ describe('short lived tokens', () => { .times(3) .reply(500, 'Internal Error') expect.assertions(1) - await expect(getToken('dev=key1;bogus=key0', '')) + await expect(getToken('dev=key1;bogus=key0', '', false)) .resolves .toBeNull() }) @@ -122,7 +122,7 @@ describe('short lived tokens', () => { .post('/api/auth/token?expiresInHours=4') .reply(200, 'token') expect.assertions(1) - await expect(getToken('dev=key1', '4')) + await expect(getToken('dev=key1', '4', false)) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token"}]}) }) From 9f1c708302c8b7ecf229c775387731b8bbfa3bd8 Mon Sep 17 00:00:00 2001 From: Remco Mokveld Date: Thu, 13 Mar 2025 10:46:35 +0100 Subject: [PATCH 4/5] Specify requestOptions in constructor of HttpClient --- sources/src/develocity/short-lived-token.ts | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts index 4f34878..14a05f3 100644 --- a/sources/src/develocity/short-lived-token.ts +++ b/sources/src/develocity/short-lived-token.ts @@ -80,12 +80,9 @@ class ShortLivedTokenClient { retryInterval = 1000 constructor(develocityAllowUntrustedServer: boolean | undefined) { - this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle') - if (develocityAllowUntrustedServer !== undefined) { - this.httpc.requestOptions = { - ignoreSslError: develocityAllowUntrustedServer - } - } + this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle', undefined, { + ignoreSslError: develocityAllowUntrustedServer + }) } async fetchToken(serverUrl: string, accessKey: HostnameAccessKey, expiry: string): Promise { From ceec906aa960245dc3400949ecf34f790d014d40 Mon Sep 17 00:00:00 2001 From: Eric Haag Date: Thu, 13 Mar 2025 08:44:52 -0500 Subject: [PATCH 5/5] Reorder function arguments alphabetically --- sources/src/develocity/build-scan.ts | 4 ++-- sources/src/develocity/short-lived-token.ts | 12 ++++++------ sources/test/jest/short-lived-token.test.ts | 16 ++++++++-------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/sources/src/develocity/build-scan.ts b/sources/src/develocity/build-scan.ts index 2fded06..9af174a 100644 --- a/sources/src/develocity/build-scan.ts +++ b/sources/src/develocity/build-scan.ts @@ -30,8 +30,8 @@ export async function setup(config: BuildScanConfig): Promise { return setupToken( config.getDevelocityAccessKey(), - config.getDevelocityTokenExpiry(), - config.getDevelocityAllowUntrustedServer() + config.getDevelocityAllowUntrustedServer(), + config.getDevelocityTokenExpiry() ) } diff --git a/sources/src/develocity/short-lived-token.ts b/sources/src/develocity/short-lived-token.ts index 14a05f3..37362ba 100644 --- a/sources/src/develocity/short-lived-token.ts +++ b/sources/src/develocity/short-lived-token.ts @@ -5,13 +5,13 @@ import {recordDeprecation} from '../deprecation-collector' export async function setupToken( develocityAccessKey: string, - develocityTokenExpiry: string, - develocityAllowUntrustedServer: boolean | undefined + develocityAllowUntrustedServer: boolean | undefined, + develocityTokenExpiry: string ): Promise { if (develocityAccessKey) { try { core.debug('Fetching short-lived token...') - const tokens = await getToken(develocityAccessKey, develocityTokenExpiry, develocityAllowUntrustedServer) + const tokens = await getToken(develocityAccessKey, develocityAllowUntrustedServer, develocityTokenExpiry) if (tokens != null && !tokens.isEmpty()) { core.debug(`Got token(s), setting the access key env vars`) const token = tokens.raw() @@ -47,12 +47,12 @@ function handleMissingAccessToken(): void { export async function getToken( accessKey: string, - expiry: string, - develocityAllowUntrustedServer: undefined | boolean + allowUntrustedServer: undefined | boolean, + expiry: string ): Promise { const empty: Promise = new Promise(r => r(null)) const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey) - const shortLivedTokenClient = new ShortLivedTokenClient(develocityAllowUntrustedServer) + const shortLivedTokenClient = new ShortLivedTokenClient(allowUntrustedServer) if (develocityAccessKey == null) { return empty diff --git a/sources/test/jest/short-lived-token.test.ts b/sources/test/jest/short-lived-token.test.ts index 994f3eb..0bc83c8 100644 --- a/sources/test/jest/short-lived-token.test.ts +++ b/sources/test/jest/short-lived-token.test.ts @@ -39,7 +39,7 @@ describe('short lived tokens', () => { message: 'connect ECONNREFUSED 127.0.0.1:3333', code: 'ECONNREFUSED' }) - await expect(getToken('localhost=key0', '', false)) + await expect(getToken('localhost=key0', false, '')) .resolves .toBeNull() }) @@ -50,14 +50,14 @@ describe('short lived tokens', () => { .times(3) .reply(500, 'Internal error') expect.assertions(1) - await expect(getToken('dev=xyz', '', false)) + await expect(getToken('dev=xyz', false, '')) .resolves .toBeNull() }) it('get short lived token returns null when access key is empty', async () => { expect.assertions(1) - await expect(getToken('', '', false)) + await expect(getToken('', false, '')) .resolves .toBeNull() }) @@ -67,7 +67,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token') expect.assertions(1) - await expect(getToken('dev=key1', '', false)) + await expect(getToken('dev=key1', false, '')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token"}]}) }) @@ -80,7 +80,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token2') expect.assertions(1) - await expect(getToken('dev=key1;prod=key2', '', false)) + await expect(getToken('dev=key1;prod=key2', false, '')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]}) }) @@ -97,7 +97,7 @@ describe('short lived tokens', () => { .post('/api/auth/token') .reply(200, 'token2') expect.assertions(1) - await expect(getToken('dev=key1;bogus=key0;prod=key2', '', false)) + await expect(getToken('dev=key1;bogus=key0;prod=key2', false, '')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]}) }) @@ -112,7 +112,7 @@ describe('short lived tokens', () => { .times(3) .reply(500, 'Internal Error') expect.assertions(1) - await expect(getToken('dev=key1;bogus=key0', '', false)) + await expect(getToken('dev=key1;bogus=key0', false, '')) .resolves .toBeNull() }) @@ -122,7 +122,7 @@ describe('short lived tokens', () => { .post('/api/auth/token?expiresInHours=4') .reply(200, 'token') expect.assertions(1) - await expect(getToken('dev=key1', '4', false)) + await expect(getToken('dev=key1', false, '4')) .resolves .toEqual({"keys": [{"hostname": "dev", "key": "token"}]}) })