Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Warn when http sources are used in push/delete operations #4552

Merged
merged 12 commits into from
Apr 14, 2022
Merged

Warn when http sources are used in push/delete operations #4552

merged 12 commits into from
Apr 14, 2022

Conversation

nkolev92
Copy link
Member

@nkolev92 nkolev92 commented Apr 7, 2022
edited
Loading

Bug

Fixes: https://github.com/NuGet/Client.Engineering/issues/1520

Regression? Last working version:

Description

Enable warnings for all nuget.exe and dotnet.exe push/delete scenarios.
Note that the changes are in shared code for push and delete and not in nuget.exe/dotnet.exe specific parts.

PR Checklist

  • PR has a meaningful title

  • PR has a linked issue.

  • Described changes

  • Tests

    • Automated tests added
    • OR
    • Test exception
    • OR
    • N/A

  • Documentation

    • Documentation PR or issue filled
    • OR
    • N/A - This is something that will be documented as part of the wider effort.

@nkolev92 nkolev92 marked this pull request as ready for review April 7, 2022 17:20
@nkolev92 nkolev92 requested a review from a team as a code owner April 7, 2022 17:20
@nkolev92 nkolev92 mentioned this pull request Apr 8, 2022
Merged
8 tasks
@nkolev92 nkolev92 requested a review from kartheekp-ms April 11, 2022 17:23
kartheekp-ms
kartheekp-ms reviewed Apr 12, 2022
View reviewed changes
Copy link
Contributor

@kartheekp-ms kartheekp-ms left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great test coverage for this work. I just have few comments otherwise I am good with the proposed changes.

src/NuGet.Core/NuGet.Commands/CommandRunners/PushRunner.cs Show resolved Hide resolved
src/NuGet.Core/NuGet.Commands/CommandRunners/PushRunner.cs
if (packageSource.IsHttp && !packageSource.IsHttps &&
(packageSource.ProtocolVersion == 3 || packageSource.Source.EndsWith("json", StringComparison.OrdinalIgnoreCase)))
{
logger.LogWarning(string.Format(CultureInfo.CurrentCulture, Strings.Warning_HttpServerUsage, "push", packageSource.Source));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we raise the warnings for HTTP symbol servers also?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are. The check is done inside.
The reason why we're special casing V3 here is because V3 is the only source that redirects. For the other ones you have to pass the exact target url.

PushCommand_WhenPushingToAnHttpServerWithSymbols_Warns tests that.

src/NuGet.Core/NuGet.Commands/Utility/CommandRunnerUtility.cs Show resolved Hide resolved
src/NuGet.Core/NuGet.Commands/Utility/CommandRunnerUtility.cs Show resolved Hide resolved
src/NuGet.Core/NuGet.Protocol/Resources/PackageUpdateResource.cs Show resolved Hide resolved
src/NuGet.Core/NuGet.Protocol/Resources/PackageUpdateResource.cs Show resolved Hide resolved
@nkolev92 nkolev92 requested a review from kartheekp-ms April 12, 2022 01:43
erdembayar
erdembayar reviewed Apr 12, 2022
View reviewed changes
src/NuGet.Core/NuGet.Commands/Utility/CommandRunnerUtility.cs
@@ -67,7 +67,15 @@ public static string GetApiKey(ISettings settings, string endpoint, string sourc
return apiKey ?? defaultApiKey;
}

public static async Task<PackageUpdateResource> GetPackageUpdateResource(IPackageSourceProvider sourceProvider, string source)
public static async Task<PackageUpdateResource> GetPackageUpdateResource(IPackageSourceProvider sourceProvider, PackageSource packageSource)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this change made? Why need to separate it?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you look at the runner code, I use the effective PackageSource to check for http.
I don't want to create the PackageSource twice.

@nkolev92 nkolev92 requested a review from erdembayar April 12, 2022 18:28
kartheekp-ms
kartheekp-ms previously approved these changes Apr 13, 2022
View reviewed changes
jeffkl
jeffkl previously approved these changes Apr 13, 2022
View reviewed changes
@nkolev92 nkolev92 dismissed stale reviews from jeffkl and kartheekp-ms via cd070ea April 13, 2022 18:04
@nkolev92 nkolev92 force-pushed the dev-nkolev92-pushWarnings branch from 9836827 to cd070ea Compare April 13, 2022 18:04
@nkolev92
Copy link
Member Author

My build was failing due to a flaky test. I created a fix for it #4569.

In the meantime, can I get an approval again @NuGet/nuget-client

@nkolev92 nkolev92 requested review from jeffkl and kartheekp-ms April 14, 2022 00:06
@nkolev92 nkolev92 merged commit eea4636 into dev Apr 14, 2022
@nkolev92 nkolev92 deleted the dev-nkolev92-pushWarnings branch April 14, 2022 22:38
@erdembayar erdembayar mentioned this pull request Apr 19, 2022
Merged
8 tasks
@heng-liu heng-liu mentioned this pull request Aug 1, 2023
Closed
@heng-liu heng-liu mentioned this pull request Aug 28, 2023
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kartheekp-ms kartheekp-ms kartheekp-ms approved these changes

@erdembayar erdembayar Awaiting requested review from erdembayar

@jeffkl jeffkl Awaiting requested review from jeffkl

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nkolev92 @erdembayar @jeffkl @kartheekp-ms