Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add proxy_ca_certificate_file output to start-proxy action #2846

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add proxy_ca_certificate_file output to start-proxy action #2846

wants to merge 1 commit into from

Conversation

mbg
Copy link
Member

@mbg mbg commented Apr 7, 2025
edited
Loading

I figured it would be useful to avoid duplicating this across different extractors that e.g. set SSL_CERT_FILE for relevant sub-processes. That's currently done by the C# extractor and looks like will be done by the Go extractor as well. By doing it in the action, we can avoid duplicating this process in those extractors.

Notes/questions for reviewers

  • We might take this opportunity to add corresponding cleanup logic here as well.
  • Currently, the implementation is such that we continue as before if writing the file fails, but we should probably just fail hard to guarantee that the file has been written if the proxy is initialised.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@mbg
Add proxy_ca_certificate_file output to start-proxy action
f28be58 
Useful to avoid duplicating this across different extractors (e.g. C# and Go)
@mbg mbg marked this pull request as ready for review April 7, 2025 13:04
@Copilot Copilot bot review requested due to automatic review settings April 7, 2025 13:04
@mbg mbg requested a review from a team as a code owner April 7, 2025 13:04
Copilot
Copilot AI reviewed Apr 7, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds an output for the proxy CA certificate file in the start-proxy action to avoid duplicating certificate handling in different extractors.

  • Adds FS import and logic to write the CA certificate to a temporary file.
  • Updates the ProxyConfig type to include an optional certificate file property.
  • Mirrors the changes in both the TypeScript and JavaScript implementations.

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File Description
src/start-proxy-action.ts Adds certificate file writing logic and exposes its file path output.
lib/start-proxy-action.js Applies the same certificate file writing changes as in the TS file.
Comments suppressed due to low confidence (1)

lib/start-proxy-action.js:122

  • The catch block only logs the error without failing the action. To guarantee the certificate file is properly written, consider rethrowing the error so that the process fails on write errors.
    } catch (error) {

Tip: Leave feedback on Copilot's review comments with the 👎 and 👍 buttons to help improve review quality. Learn more

src/start-proxy-action.ts
fs.writeFileSync(certificatePath, ca.cert);

proxyConfig.ca_certificate_file = certificatePath;
} catch (error) {
Copy link
Preview

Copilot AI Apr 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The catch block only logs the error without failing the action. Given the PR description's goal to ensure the certificate file is successfully written, consider rethrowing the error to fail execution if the write fails.

Copilot is powered by AI, so mistakes are possible. Review output carefully before use.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mbg