0
0
mirror of https://github.com/renovatebot/renovate.git synced 2024-12-22 13:38:32 +00:00
renovatebot_renovate/lib/util/http/host-rules.ts
RahulGautamSingh 2eb7c76027 feat(http)!: remove dnsCache option (#29449)
BREAKING CHANGE: dnsCache is now removed
2024-07-25 15:28:16 +02:00

215 lines
5.1 KiB
TypeScript

import is from '@sindresorhus/is';
import { GlobalConfig } from '../../config/global';
import {
BITBUCKET_API_USING_HOST_TYPES,
GITEA_API_USING_HOST_TYPES,
GITHUB_API_USING_HOST_TYPES,
GITLAB_API_USING_HOST_TYPES,
} from '../../constants';
import { logger } from '../../logger';
import { hasProxy } from '../../proxy';
import type { HostRule } from '../../types';
import * as hostRules from '../host-rules';
import { matchRegexOrGlobList } from '../string-match';
import { parseUrl } from '../url';
import { keepAliveAgents } from './keep-alive';
import type { GotOptions, InternalHttpOptions } from './types';
export type HostRulesGotOptions = Pick<
GotOptions & InternalHttpOptions,
| 'hostType'
| 'url'
| 'noAuth'
| 'headers'
| 'token'
| 'username'
| 'password'
| 'context'
| 'enabled'
| 'abortOnError'
| 'abortIgnoreStatusCodes'
| 'timeout'
| 'lookup'
| 'agent'
| 'http2'
| 'https'
| 'readOnly'
>;
export function findMatchingRule<GotOptions extends HostRulesGotOptions>(
url: string,
options: GotOptions,
): HostRule {
const { hostType, readOnly } = options;
let res = hostRules.find({ hostType, url, readOnly });
if (
is.nonEmptyString(res.token) ||
is.nonEmptyString(res.username) ||
is.nonEmptyString(res.password)
) {
// do not fallback if we already have auth infos
return res;
}
// Fallback to `github` hostType
if (
hostType &&
GITHUB_API_USING_HOST_TYPES.includes(hostType) &&
hostType !== 'github'
) {
res = {
...hostRules.find({
hostType: 'github',
url,
}),
...res,
};
}
// Fallback to `gitlab` hostType
if (
hostType &&
GITLAB_API_USING_HOST_TYPES.includes(hostType) &&
hostType !== 'gitlab'
) {
res = {
...hostRules.find({
hostType: 'gitlab',
url,
}),
...res,
};
}
// Fallback to `bitbucket` hostType
if (
hostType &&
BITBUCKET_API_USING_HOST_TYPES.includes(hostType) &&
hostType !== 'bitbucket'
) {
res = {
...hostRules.find({
hostType: 'bitbucket',
url,
}),
...res,
};
}
// Fallback to `gitea` hostType
if (
hostType &&
GITEA_API_USING_HOST_TYPES.includes(hostType) &&
hostType !== 'gitea'
) {
res = {
...hostRules.find({
hostType: 'gitea',
url,
}),
...res,
};
}
return res;
}
// Apply host rules to requests
export function applyHostRule<GotOptions extends HostRulesGotOptions>(
url: string,
options: GotOptions,
hostRule: HostRule,
): GotOptions {
const { username, password, token, enabled, authType } = hostRule;
const host = parseUrl(url)?.host;
if (options.noAuth) {
logger.trace({ url }, `Authorization disabled`);
} else if (
is.nonEmptyString(options.headers?.authorization) ||
is.nonEmptyString(options.password) ||
is.nonEmptyString(options.token)
) {
logger.once.debug(`hostRules: authentication already set for ${host}`);
logger.trace({ url }, `Authorization already set`);
} else if (password !== undefined) {
logger.once.debug(`hostRules: applying Basic authentication for ${host}`);
logger.trace({ url }, `Applying Basic authentication`);
options.username = username;
options.password = password;
} else if (token) {
logger.once.debug(`hostRules: applying Bearer authentication for ${host}`);
logger.trace({ url }, `Applying Bearer authentication`);
options.token = token;
options.context = { ...options.context, authType };
} else if (enabled === false) {
options.enabled = false;
} else {
logger.once.debug(`hostRules: no authentication for ${host}`);
}
// Apply optional params
if (hostRule.abortOnError) {
options.abortOnError = hostRule.abortOnError;
}
if (hostRule.abortIgnoreStatusCodes) {
options.abortIgnoreStatusCodes = hostRule.abortIgnoreStatusCodes;
}
if (hostRule.timeout) {
options.timeout = hostRule.timeout;
}
if (hostRule.headers) {
const allowedHeaders = GlobalConfig.get('allowedHeaders', []);
const filteredHeaders: Record<string, string> = {};
for (const [header, value] of Object.entries(hostRule.headers)) {
if (matchRegexOrGlobList(header, allowedHeaders)) {
filteredHeaders[header] = value;
} else {
logger.once.error(
{ allowedHeaders, header },
'Disallowed hostRules headers',
);
}
}
options.headers = {
...filteredHeaders,
...options.headers,
};
}
if (hostRule.keepAlive) {
options.agent = keepAliveAgents;
}
if (!hasProxy() && hostRule.enableHttp2 === true) {
options.http2 = true;
}
if (is.nonEmptyString(hostRule.httpsCertificateAuthority)) {
options.https = {
...(options.https ?? {}),
certificateAuthority: hostRule.httpsCertificateAuthority,
};
}
if (is.nonEmptyString(hostRule.httpsPrivateKey)) {
options.https = {
...(options.https ?? {}),
key: hostRule.httpsPrivateKey,
};
}
if (is.nonEmptyString(hostRule.httpsCertificate)) {
options.https = {
...(options.https ?? {}),
certificate: hostRule.httpsCertificate,
};
}
return options;
}