Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug]: Query Validation Doesn't Support Insecure Backends #1311

Closed
1 of 6 tasks
tjwiebell opened this issue Jun 7, 2019 · 3 comments · Fixed by #1313
Closed
1 of 6 tasks

[bug]: Query Validation Doesn't Support Insecure Backends #1311

tjwiebell opened this issue Jun 7, 2019 · 3 comments · Fixed by #1313
Assignees
@tjwiebell
Labels
bug Something isn't working

Comments

@tjwiebell
Copy link
Contributor

Describe the bug
Query validation that runs at build time will fail if the backend instance provided uses https but the certificate is self-signed or not trusted. Given query validation is a development build time activity where this setup would be common, we should allow insecure backends (similarly to how we ignore SSL errors for proxied requests to Magento).

To Reproduce
Steps to reproduce the behavior:

  1. Setup insecure Magento backend
  2. Configure this backend in .env
  3. yarn build
  4. See error
...
$ yarn run download-schema && graphql validate-magento-pwa-queries --project venia
$ graphql get-schema --project venia
⚠ request to https://magento-pwa.localhost/graphql failed, reason: certificate has expired
Validating GraphQL queries in venia project...
✖ An error occurred:
Could not find a schema at lastCachedGraphQLSchema.json.
...

Expected behavior
Query validation runs successfully and build completes

Possible solutions
Add insecure: true to packages/venia-concept/.graphqlconfig so the command graphql get-schema --project venia works with insecure Magento backends.

Please let us know what packages this bug is in regards to:

  • venia-concept
  • pwa-buildpack
  • peregrine
  • pwa-devdocs
  • upward-js
  • upward-spec
@tjwiebell tjwiebell added the bug Something isn't working label Jun 7, 2019
@tjwiebell tjwiebell mentioned this issue Jun 7, 2019
Closed
@LucasCalazans
Copy link
Member

I've added the flag insecure: true but I'm getting the same issue.

yarn run build:

$ graphql get-schema --project venia
⚠ request to https://magento-pwa.localhost/graphql failed, reason: certificate has expired
Validating GraphQL queries in venia project...

My .graphqlconfig file (I'm not sure where I need to add this prop, so I've added in every node too 😄 ):

{
    "projects": {
        "venia": {
            "insecure": true,
            "schemaPath": "lastCachedGraphQLSchema.json",
            "extensions": {
                "endpoints": {
                    "default": "${env:MAGENTO_BACKEND_URL}/graphql"
                },
                "validate-magento-pwa-queries": {
                    "clients": ["apollo", "literal"],
                    "filesGlob": "src/**/*.{js,graphql,gql}"
                }
            }
        }
    }
}

@LucasCalazans
Copy link
Member

Actually, it works.

I changed to HTTP in my .env file but my Nginx was redirecting to HTTPS.

@tjwiebell tjwiebell mentioned this issue Jun 7, 2019
Merged
5 tasks
@tjwiebell
Copy link
Contributor Author

@LucasCalazans - I just pushed up PR #1313 with a working fix; looks like it was a CLI argument, not something you could configure in .graphqlconfig. As you've found, you can also just use an insecure backend.

@tjwiebell tjwiebell self-assigned this Jun 7, 2019
@brendanfalkowski brendanfalkowski mentioned this issue Oct 12, 2019
Closed
8 tasks
@zetlen zetlen mentioned this issue Nov 25, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tjwiebell tjwiebell

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add --insecure flag to GraphQL schema validation magento/pwa-studio
2 participants
@tjwiebell @LucasCalazans