-
Notifications
You must be signed in to change notification settings - Fork 674
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate http usage: restore
scenarios promote warning to error for http sources
#5731
Deprecate http usage: restore
scenarios promote warning to error for http sources
#5731
Conversation
nuget push
promote warning to error for http sourcesrestore
scenarios promote warning to error for http sources
18162b4
to
faf0a89
Compare
77e06d4
to
1851cf0
Compare
d2054fb
to
1fbf7b3
Compare
restore
scenarios promote warning to error for http sourcesrestore
/ install
scenarios promote warning to error for http sources
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apologies for the slow turnaround.
Product changes look good.
Some test questions.
test/NuGet.Clients.FuncTests/NuGet.CommandLine.FuncTest/Commands/RestoreCommandTests.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetInstallCommandTest.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Core.FuncTests/Msbuild.Integration.Test/MsbuildRestoreTaskTests.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Clients.FuncTests/NuGet.CommandLine.FuncTest/Caching/CachingTestContext.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Clients.Tests/NuGet.CommandLine.Test/NuGetInstallCommandTest.cs
Outdated
Show resolved
Hide resolved
restore
/ install
scenarios promote warning to error for http sourcesrestore
scenarios promote warning to error for http sources
test/NuGet.Clients.FuncTests/NuGet.CommandLine.FuncTest/Commands/RestoreCommandTests.cs
Show resolved
Hide resolved
Assert.Contains($"Added package 'A.1.0.0' to folder '{projectBPackages}'", result.Output); | ||
Assert.DoesNotContain(warningForHttpsSource, result.Output); | ||
if (hasHttpWarning) | ||
Assert.DoesNotContain(errorForHttpsSource, result.AllOutput); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of asserting a missing error, why can't this depend on result.Success.Should().BeTrue()
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From what I have seen, it is possible for the restore command runner to log an error and still exit code of 0. This is just making sure that is not happening and this error is not logged.
test/NuGet.Clients.FuncTests/NuGet.CommandLine.FuncTest/Commands/RestoreCommandTests.cs
Outdated
Show resolved
Hide resolved
@@ -66,7 +66,7 @@ public async Task FeedPackagePruning_GivenThatAV3FeedPrunesAPackageDuringRestore | |||
server.Start(); | |||
|
|||
var feedUrl = server.Uri + "index.json"; | |||
|
|||
pathContext.Settings.AddSource(feedUrl, feedUrl, allowInsecureConnectionsValue: "true"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a tracking issue to change all the test dependencies to use HTTPS?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No. I think that is a good point.
test/NuGet.Core.FuncTests/Msbuild.Integration.Test/MsbuildRestoreTaskTests.cs
Show resolved
Hide resolved
test/NuGet.Core.FuncTests/Msbuild.Integration.Test/MsbuildRestoreTaskTests.cs
Outdated
Show resolved
Hide resolved
test/NuGet.Core.FuncTests/NuGet.Commands.FuncTest/RestoreCommandTests.cs
Outdated
Show resolved
Hide resolved
<configuration> | ||
<packageSources> | ||
<clear /> | ||
<add key=""http-feed"" value=""{source}"" allowInsecureConnections=""true""/> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like allowInsecureConnections
setting can also be configured through an environment variable. I guess we need a test to verify that behavior as well. I am okay with addressing this comment in a follow up pull-request.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are you referring to setting the config file as follows
<packageSources>
<clear />
<add key="source" value="http://source" allowInsecureConnections="${Allow_Insecure_Connection_Value}" />
</packageSources>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, you are correct Nigusu. However, environment variable syntax is a bit different as I explained below. NuGet uses Environment.ExpandEnvironment .NET API internally.
<packageSources>
<clear />
<add key="source" value="http://source" allowInsecureConnections="%AllowInsecureConnectionValue%" />
</packageSources>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feel free to address this comment in a separate PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't env var vs a nuget.config value stylistic?
What's the benefit of the env var over the nguet.config.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can't think of any benefit with the environment variable for this setting. I added the comment because currently code expands environment variable for this setting also. May be we could remove the environment variable support for this setting because it doesn't add much value to the users.
test/NuGet.Core.FuncTests/NuGet.Commands.FuncTest/RestoreCommandTests.cs
Outdated
Show resolved
Hide resolved
@NuGet/nuget-client Any suggestions? |
Bug
Fixes: NuGet/Home#13353
Regression? Last working version:
Description
Promote http source usage warnings in restore scenarios to errors.
PR Checklist
PR has a meaningful title
PR has a linked issue.
Described changes
Tests
Documentation
https://github.com/Add documentation for NU1302 Home#13502