hendrik/lens
1
0
Fork 0
mirror of https://github.com/lensapp/lens.git synced 2025-05-20 05:10:56 +00:00
Code Issues Projects Releases Wiki Activity

chore: convert request-system-cas to use PlatformSpecific

Browse Source 
Signed-off-by: Sebastian Malton <sebastian@malton.name>
This commit is contained in:
Sebastian Malton 2023-04-05 15:00:58 -04:00 committed by Janne Savolainen
parent 4f67334e90
commit a97a75c2de
9 changed files with 152 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/core/src/features/certificate-authorities/common/request-system-cas-token.ts
View File

@ -4,7 +4,10 @@
*/
import { getInjectionToken } from "@ogre-tools/injectable";
import type { PlatformSpecific } from "../../../common/utils/platform-specific-version.injectable";
export const requestSystemCAsInjectionToken = getInjectionToken<() => Promise<string[]>>({
export type RequestSystemCAs = () => Promise<string[]>;
export const platformSpecificRequestSystemCAsInjectionToken = getInjectionToken<PlatformSpecific<RequestSystemCAs>>({
id: "request-system-cas-token",
});

60
packages/core/src/features/certificate-authorities/main/darwin-request-system-cas.injectable.ts Normal file
View File

@ -0,0 +1,60 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import execFileInjectable from "../../../common/fs/exec-file.injectable";
import loggerInjectable from "../../../common/logger.injectable";
import type { AsyncResult } from "../../../common/utils/async-result";
import { platformSpecificRequestSystemCAsInjectionToken } from "../common/request-system-cas-token";
// https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Cheatsheet#other_assertions
const certSplitPattern = /(?=-----BEGIN\sCERTIFICATE-----)/g;
const darwinRequestSystemCAsInjectable = getInjectable({
id: "darwin-request-system-cas",
instantiate: (di) => ({
platform: "darwin" as const,
instantiate: () => {
const execFile = di.inject(execFileInjectable);
const logger = di.inject(loggerInjectable);
const execSecurity = async (...args: string[]): Promise<AsyncResult<string[]>> => {
const result = await execFile("/usr/bin/security", args);
if (!result.callWasSuccessful) {
return {
callWasSuccessful: false,
error: result.error.stderr || result.error.message,
};
}
return {
callWasSuccessful: true,
response: result.response.split(certSplitPattern),
};
};
return async () => {
const [trustedResult, rootCAResult] = await Promise.all([
execSecurity("find-certificate", "-a", "-p"),
execSecurity("find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain"),
]);
if (!trustedResult.callWasSuccessful) {
logger.warn(`[INJECT-CAS]: Error retrieving trusted CAs: ${trustedResult.error}`);
} else if (!rootCAResult.callWasSuccessful) {
logger.warn(`[INJECT-CAS]: Error retrieving root CAs: ${rootCAResult.error}`);
} else {
return [...new Set([...trustedResult.response, ...rootCAResult.response])];
}
return [];
};
},
}),
causesSideEffects: true,
injectionToken: platformSpecificRequestSystemCAsInjectionToken,
});
export default darwinRequestSystemCAsInjectable;

17
packages/core/src/features/certificate-authorities/main/linux-request-system-cas.injectable.ts Normal file
View File

@ -0,0 +1,17 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import { platformSpecificRequestSystemCAsInjectionToken } from "../common/request-system-cas-token";
const linuxRequestSystemCAsInjectable = getInjectable({
id: "linux-request-system-cas",
instantiate: () => ({
platform: "linux" as const,
instantiate: () => async () => [],
}),
injectionToken: platformSpecificRequestSystemCAsInjectionToken,
});
export default linuxRequestSystemCAsInjectable;

9
packages/core/src/features/certificate-authorities/main/request-system-cas.global-override-for-injectable.ts Normal file
View File

@ -0,0 +1,9 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getGlobalOverride } from "@k8slens/test-utils";
import requestSystemCAsInjectable from "./request-system-cas.injectable";
export default getGlobalOverride(requestSystemCAsInjectable, () => async () => []);

57
packages/core/src/features/certificate-authorities/main/request-system-cas.injectable.darwin.ts
View File

@ -1,57 +0,0 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import execFileInjectable from "../../../common/fs/exec-file.injectable";
import loggerInjectable from "../../../common/logger.injectable";
import type { AsyncResult } from "../../../common/utils/async-result";
import { requestSystemCAsInjectionToken } from "../common/request-system-cas-token";
// https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Cheatsheet#other_assertions
const certSplitPattern = /(?=-----BEGIN\sCERTIFICATE-----)/g;
const requestSystemCAsInjectable = getInjectable({
id: "request-system-cas",
instantiate: (di) => {
const execFile = di.inject(execFileInjectable);
const logger = di.inject(loggerInjectable);
const execSecurity = async (...args: string[]): Promise<AsyncResult<string[]>> => {
const result = await execFile("/usr/bin/security", args);
if (!result.callWasSuccessful) {
return {
callWasSuccessful: false,
error: result.error.stderr || result.error.message,
};
}
return {
callWasSuccessful: true,
response: result.response.split(certSplitPattern),
};
};
return async () => {
const [trustedResult, rootCAResult] = await Promise.all([
execSecurity("find-certificate", "-a", "-p"),
execSecurity("find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain"),
]);
if (!trustedResult.callWasSuccessful) {
logger.warn(`[INJECT-CAS]: Error retreiving trusted CAs: ${trustedResult.error}`);
} else if (!rootCAResult.callWasSuccessful) {
logger.warn(`[INJECT-CAS]: Error retreiving root CAs: ${rootCAResult.error}`);
} else {
return [...new Set([...trustedResult.response, ...rootCAResult.response])];
}
return [];
};
},
causesSideEffects: true,
injectionToken: requestSystemCAsInjectionToken,
});
export default requestSystemCAsInjectable;

14
packages/core/src/features/certificate-authorities/main/request-system-cas.injectable.testing-env.ts
View File

@ -1,14 +0,0 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import { requestSystemCAsInjectionToken } from "../common/request-system-cas-token";
const requestSystemCAsInjectable = getInjectable({
id: "request-system-cas",
instantiate: () => async () => [],
injectionToken: requestSystemCAsInjectionToken,
});
export default requestSystemCAsInjectable;

6
packages/core/src/features/certificate-authorities/main/request-system-cas.injectable.linux.ts → packages/core/src/features/certificate-authorities/main/request-system-cas.injectable.ts
View File

@ -3,12 +3,12 @@
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import { requestSystemCAsInjectionToken } from "../common/request-system-cas-token";
import platformSpecificVersionInjectable from "../../../common/utils/platform-specific-version.injectable";
import { platformSpecificRequestSystemCAsInjectionToken } from "../common/request-system-cas-token";
const requestSystemCAsInjectable = getInjectable({
id: "request-system-cas",
instantiate: () => async () => [],
injectionToken: requestSystemCAsInjectionToken,
instantiate: (di) => di.inject(platformSpecificVersionInjectable)(platformSpecificRequestSystemCAsInjectionToken),
});
export default requestSystemCAsInjectable;

56
packages/core/src/features/certificate-authorities/main/request-system-cas.injectable.win32.ts
View File

@ -1,56 +0,0 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import execFileInjectable from "../../../common/fs/exec-file.injectable";
import loggerInjectable from "../../../common/logger.injectable";
import { requestSystemCAsInjectionToken } from "../common/request-system-cas-token";
const pemEncoding = (hexEncodedCert: String) => {
const certData = Buffer.from(hexEncodedCert, "hex").toString("base64");
const lines = ["-----BEGIN CERTIFICATE-----"];
for (let i = 0; i < certData.length; i += 64) {
lines.push(certData.substring(i, i + 64));
}
lines.push("-----END CERTIFICATE-----", "");
return lines.join("\r\n");
};
const requestSystemCAsInjectable = getInjectable({
id: "request-system-cas",
instantiate: (di) => {
const winCARootsExePath: string = __non_webpack_require__.resolve("win-ca/lib/roots.exe");
const execFile = di.inject(execFileInjectable);
const logger = di.inject(loggerInjectable);
return async () => {
/**
* This needs to be done manually because for some reason calling the api from "win-ca"
* directly fails to load "child_process" correctly on renderer
*/
const result = await execFile(winCARootsExePath, {
maxBuffer: 128 * 1024 * 1024, // 128 MiB
});
if (!result.callWasSuccessful) {
logger.warn(`[INJECT-CAS]: Error retrieving CAs`, result.error);
return [];
}
return result
.response
.split("\r\n")
.filter(Boolean)
.map(pemEncoding);
};
},
causesSideEffects: true,
injectionToken: requestSystemCAsInjectionToken,
});
export default requestSystemCAsInjectable;

59
packages/core/src/features/certificate-authorities/main/win32-request-system-cas.injectable.ts Normal file
View File

@ -0,0 +1,59 @@
/**
* Copyright (c) OpenLens Authors. All rights reserved.
* Licensed under MIT License. See LICENSE in root directory for more information.
*/
import { getInjectable } from "@ogre-tools/injectable";
import execFileInjectable from "../../../common/fs/exec-file.injectable";
import loggerInjectable from "../../../common/logger.injectable";
import { platformSpecificRequestSystemCAsInjectionToken } from "../common/request-system-cas-token";
const pemEncoding = (hexEncodedCert: String) => {
const certData = Buffer.from(hexEncodedCert, "hex").toString("base64");
const lines = ["-----BEGIN CERTIFICATE-----"];
for (let i = 0; i < certData.length; i += 64) {
lines.push(certData.substring(i, i + 64));
}
lines.push("-----END CERTIFICATE-----", "");
return lines.join("\r\n");
};
const win32RequestSystemCAsInjectable = getInjectable({
id: "win32-request-system-cas",
instantiate: (di) => ({
platform: "win32" as const,
instantiate: () => {
const winCARootsExePath: string = __non_webpack_require__.resolve("win-ca/lib/roots.exe");
const execFile = di.inject(execFileInjectable);
const logger = di.inject(loggerInjectable);
return async () => {
/**
* This needs to be done manually because for some reason calling the api from "win-ca"
* directly fails to load "child_process" correctly on renderer
*/
const result = await execFile(winCARootsExePath, {
maxBuffer: 128 * 1024 * 1024, // 128 MiB
});
if (!result.callWasSuccessful) {
logger.warn(`[INJECT-CAS]: Error retrieving CAs`, result.error);
return [];
}
return result
.response
.split("\r\n")
.filter(Boolean)
.map(pemEncoding);
};
},
}),
causesSideEffects: true,
injectionToken: platformSpecificRequestSystemCAsInjectionToken,
});
export default win32RequestSystemCAsInjectable;