mirror of
https://github.com/lensapp/lens.git
synced 2025-05-20 05:10:56 +00:00
0eee5a07c5
* Remove mac-ca usage since it was only in tests (#6043) * Make injecting CAs injectable, remove mac-ca as dependency * Fix win-ca failing on electron renderer on windows * Fix the matcher under features/ for main Signed-off-by: Sebastian Malton <sebastian@malton.name> * Fix type errors from new types Signed-off-by: Sebastian Malton <sebastian@malton.name> * Temp change to see windows errors on CI Signed-off-by: Sebastian Malton <sebastian@malton.name> * Fix temp change Signed-off-by: Sebastian Malton <sebastian@malton.name> * Change error message for windows Signed-off-by: Sebastian Malton <sebastian@malton.name> * Increase maxBuffer size when reading windows CAs Signed-off-by: Sebastian Malton <sebastian@malton.name> * Switch back to running integration tests on windows Signed-off-by: Sebastian Malton <sebastian@malton.name> * Fix usage after rebase Signed-off-by: Sebastian Malton <sebastian@malton.name> * Update lock file Signed-off-by: Sebastian Malton <sebastian@malton.name> Signed-off-by: Sebastian Malton <sebastian@malton.name>
58 lines
2.0 KiB
TypeScript
58 lines
2.0 KiB
TypeScript
/**
|
|
* Copyright (c) OpenLens Authors. All rights reserved.
|
|
* Licensed under MIT License. See LICENSE in root directory for more information.
|
|
*/
|
|
import { getInjectable } from "@ogre-tools/injectable";
|
|
import execFileInjectable from "../fs/exec-file.injectable";
|
|
import loggerInjectable from "../logger.injectable";
|
|
import type { AsyncResult } from "../utils/async-result";
|
|
import { requestSystemCAsInjectionToken } from "./request-system-cas-token";
|
|
|
|
// https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Cheatsheet#other_assertions
|
|
const certSplitPattern = /(?=-----BEGIN\sCERTIFICATE-----)/g;
|
|
|
|
const requestSystemCAsInjectable = getInjectable({
|
|
id: "request-system-cas",
|
|
instantiate: (di) => {
|
|
const execFile = di.inject(execFileInjectable);
|
|
const logger = di.inject(loggerInjectable);
|
|
|
|
const execSecurity = async (...args: string[]): Promise<AsyncResult<string[]>> => {
|
|
const result = await execFile("/usr/bin/security", args);
|
|
|
|
if (!result.callWasSuccessful) {
|
|
return {
|
|
callWasSuccessful: false,
|
|
error: result.error.stderr || result.error.message,
|
|
};
|
|
}
|
|
|
|
return {
|
|
callWasSuccessful: true,
|
|
response: result.response.split(certSplitPattern),
|
|
};
|
|
};
|
|
|
|
return async () => {
|
|
const [trustedResult, rootCAResult] = await Promise.all([
|
|
execSecurity("find-certificate", "-a", "-p"),
|
|
execSecurity("find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain"),
|
|
]);
|
|
|
|
if (!trustedResult.callWasSuccessful) {
|
|
logger.warn(`[INJECT-CAS]: Error retreiving trusted CAs: ${trustedResult.error}`);
|
|
} else if (!rootCAResult.callWasSuccessful) {
|
|
logger.warn(`[INJECT-CAS]: Error retreiving root CAs: ${rootCAResult.error}`);
|
|
} else {
|
|
return [...new Set([...trustedResult.response, ...rootCAResult.response])];
|
|
}
|
|
|
|
return [];
|
|
};
|
|
},
|
|
causesSideEffects: true,
|
|
injectionToken: requestSystemCAsInjectionToken,
|
|
});
|
|
|
|
export default requestSystemCAsInjectable;
|