Add develocityAllowUntrustedServer as ShortLivedTokenClient constructor argument

2025-11-26 17:09:10 +08:00 · 2025-03-12 14:12:04 -05:00
parent 2ee6cdf283
commit 34dcae18f8
3 changed files with 35 additions and 16 deletions
--- a/sources/src/develocity/build-scan.ts
+++ b/sources/src/develocity/build-scan.ts
@@ -28,7 +28,11 @@ export async function setup(config: BuildScanConfig): Promise<void> {
        maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree())
    }

-    return setupToken(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry())
+    return setupToken(
+        config.getDevelocityAccessKey(),
+        config.getDevelocityTokenExpiry(),
+        config.getDevelocityAllowUntrustedServer()
+    )
 }

 function maybeExportVariable(variableName: string, value: unknown): void {
--- a/sources/src/develocity/short-lived-token.ts
+++ b/sources/src/develocity/short-lived-token.ts
@@ -3,11 +3,15 @@ import * as core from '@actions/core'
 import {BuildScanConfig} from '../configuration'
 import {recordDeprecation} from '../deprecation-collector'

-export async function setupToken(develocityAccessKey: string, develocityTokenExpiry: string): Promise<void> {
+export async function setupToken(
+    develocityAccessKey: string,
+    develocityTokenExpiry: string,
+    develocityAllowUntrustedServer: boolean | undefined
+): Promise<void> {
    if (develocityAccessKey) {
        try {
            core.debug('Fetching short-lived token...')
-            const tokens = await getToken(develocityAccessKey, develocityTokenExpiry)
+            const tokens = await getToken(develocityAccessKey, develocityTokenExpiry, develocityAllowUntrustedServer)
            if (tokens != null && !tokens.isEmpty()) {
                core.debug(`Got token(s), setting the access key env vars`)
                const token = tokens.raw()
@@ -41,10 +45,14 @@ function handleMissingAccessToken(): void {
    }
 }

-export async function getToken(accessKey: string, expiry: string): Promise<DevelocityAccessCredentials | null> {
+export async function getToken(
+    accessKey: string,
+    expiry: string,
+    develocityAllowUntrustedServer: undefined | boolean
+): Promise<DevelocityAccessCredentials | null> {
    const empty: Promise<DevelocityAccessCredentials | null> = new Promise(r => r(null))
    const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey)
-    const shortLivedTokenClient = new ShortLivedTokenClient()
+    const shortLivedTokenClient = new ShortLivedTokenClient(develocityAllowUntrustedServer)

    if (develocityAccessKey == null) {
        return empty
@@ -67,12 +75,19 @@ export async function getToken(accessKey: string, expiry: string): Promise<Devel
 }

 class ShortLivedTokenClient {
-    httpc = new httpm.HttpClient('gradle/actions/setup-gradle', undefined, {
-        ignoreSslError: process.env.DEVELOCITY_ALLOW_UNTRUSTED_SERVER === 'true'
-    })
+    httpc: httpm.HttpClient
    maxRetries = 3
    retryInterval = 1000

+    constructor(develocityAllowUntrustedServer: boolean | undefined) {
+        this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle')
+        if (develocityAllowUntrustedServer !== undefined) {
+            this.httpc.requestOptions = {
+                ignoreSslError: develocityAllowUntrustedServer
+            }
+        }
+    }
+
    async fetchToken(serverUrl: string, accessKey: HostnameAccessKey, expiry: string): Promise<HostnameAccessKey> {
        const queryParams = expiry ? `?expiresInHours=${expiry}` : ''
        const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl