NuGet - Allow to set allowInsecureConnections package source attribute (#2758)

Author: EyalDelarea

buildtools/cli.go

@@ -566,9 +566,18 @@ func NugetCmd(c *cli.Context) error {
 		return err
 	}
 
+	allowInsecureConnection, err := cliutils.ExtractBoolFlagFromArgs(&filteredNugetArgs, "allow-insecure-connections")
+	if err != nil {
+		return err
+	}
+
 	nugetCmd := dotnet.NewNugetCommand()
-	nugetCmd.SetServerDetails(rtDetails).SetRepoName(targetRepo).SetBuildConfiguration(buildConfiguration).
-		SetBasicCommand(filteredNugetArgs[0]).SetUseNugetV2(useNugetV2)
+	nugetCmd.SetServerDetails(rtDetails).
+		SetRepoName(targetRepo).
+		SetBuildConfiguration(buildConfiguration).
+		SetBasicCommand(filteredNugetArgs[0]).
+		SetUseNugetV2(useNugetV2).
+		SetAllowInsecureConnections(allowInsecureConnection)
 	// Since we are using the values of the command's arguments and flags along the buildInfo collection process,
 	// we want to separate the actual NuGet basic command (restore/build...) from the arguments and flags
 	if len(filteredNugetArgs) > 1 {
@@ -604,10 +613,15 @@ func DotnetCmd(c *cli.Context) error {
 		return err
 	}
 
+	allowInsecureConnection, err := cliutils.ExtractBoolFlagFromArgs(&filteredDotnetArgs, "allow-insecure-connections")
+	if err != nil {
+		return err
+	}
+
 	// Run command.
 	dotnetCmd := dotnet.NewDotnetCoreCliCommand()
 	dotnetCmd.SetServerDetails(rtDetails).SetRepoName(targetRepo).SetBuildConfiguration(buildConfiguration).
-		SetBasicCommand(filteredDotnetArgs[0]).SetUseNugetV2(useNugetV2)
+		SetBasicCommand(filteredDotnetArgs[0]).SetUseNugetV2(useNugetV2).SetAllowInsecureConnections(allowInsecureConnection)
 	// Since we are using the values of the command's arguments and flags along the buildInfo collection process,
 	// we want to separate the actual .NET basic command (restore/build...) from the arguments and flags
 	if len(filteredDotnetArgs) > 1 {

go.mod

@@ -167,12 +167,12 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
-// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241113152357-24197a744331
+replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241121163158-04daeb8132c3
 
-// replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.12.5-0.20241107141149-42cf964808a1
+replace github.com/jfrog/jfrog-cli-security => github.com/EyalDelarea/jfrog-cli-security v0.0.0-20241121103043-02719f295f02
 
 // replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240918081224-1c584cc334c7
 
-// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20240918150101-ad5b10435a12
+replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20241121100855-e7a75ceee2bd
 
 // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog dev

go.sum

@@ -10,6 +10,8 @@ github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0
 github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
 github.com/CycloneDX/cyclonedx-go v0.9.0 h1:inaif7qD8bivyxp7XLgxUYtOXWtDez7+j72qKTMQTb8=
 github.com/CycloneDX/cyclonedx-go v0.9.0/go.mod h1:NE/EWvzELOFlG6+ljX/QeMlVt9VKcTwu8u0ccsACEsw=
+github.com/EyalDelarea/jfrog-cli-security v0.0.0-20241121103043-02719f295f02 h1:oyTvu0FWw+qlEcinSd/8/U+JWR00uQSSa9y0fO+ZVAo=
+github.com/EyalDelarea/jfrog-cli-security v0.0.0-20241121103043-02719f295f02/go.mod h1:5LBGwth7TXkEH8MO0JJXvpoRktMAV2BK7Q5nQePNrv4=
 github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
 github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
@@ -161,8 +163,8 @@ github.com/jedib0t/go-pretty/v6 v6.6.1 h1:iJ65Xjb680rHcikRj6DSIbzCex2huitmc7bDtx
 github.com/jedib0t/go-pretty/v6 v6.6.1/go.mod h1:zbn98qrYlh95FIhwwsbIip0LYpwSG8SUOScs+v9/t0E=
 github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5eI=
 github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw=
-github.com/jfrog/build-info-go v1.10.5 h1:cW03JlPlKv7RMUU896uLUxyLWXAmCgR5Y5QX0fwgz0Q=
-github.com/jfrog/build-info-go v1.10.5/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE=
+github.com/jfrog/build-info-go v1.8.9-0.20241121100855-e7a75ceee2bd h1:PzxnJ1mjHIL4bAC4RPm87WnJ1TZXFBicyOhtIHRQH6g=
+github.com/jfrog/build-info-go v1.8.9-0.20241121100855-e7a75ceee2bd/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE=
 github.com/jfrog/froggit-go v1.16.2 h1:F//S83iXH14qsCwYzv0zB2JtjS2pJVEsUoEmYA+37dQ=
 github.com/jfrog/froggit-go v1.16.2/go.mod h1:5VpdQfAcbuyFl9x/x8HGm7kVk719kEtW/8YJFvKcHPA=
 github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s=
@@ -171,12 +173,10 @@ github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYL
 github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w=
 github.com/jfrog/jfrog-cli-artifactory v0.1.7 h1:/PBDO6nS6cf3PK+GRkd6BJtZnvYasi1PrQhRiayirso=
 github.com/jfrog/jfrog-cli-artifactory v0.1.7/go.mod h1:M5pZTHnsYNDmml/FAnoxxt4QiHOIUHPx91th30AtwfM=
-github.com/jfrog/jfrog-cli-core/v2 v2.56.8 h1:UexulAwRVN20VmYACijkTFYKqtUq5myE4okEgmUrorw=
-github.com/jfrog/jfrog-cli-core/v2 v2.56.8/go.mod h1:RY74eDpw1WBxruSfZ0HO1ax7c1NAj+rbBgA/hVOJNME=
+github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241121163158-04daeb8132c3 h1:cJSPTMflqE+ucC/h2/BB6BkVxz3BG8PnivCb00Dxt/Y=
+github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20241121163158-04daeb8132c3/go.mod h1:zVyWxMkBpZwy/AvTohefIlaZzYKBMFje+gKKKlkunNo=
 github.com/jfrog/jfrog-cli-platform-services v1.4.0 h1:g6A30+tOfXd1h6VASeNwH+5mhs5bPQJ0MFzZs/4nlvs=
 github.com/jfrog/jfrog-cli-platform-services v1.4.0/go.mod h1:Ky4SDXuMeaiNP/5zMT1YSzIuXG+cNYYOl8BaEA7Awbc=
-github.com/jfrog/jfrog-cli-security v1.12.5 h1:2JHPyapXuHQw/qEaElGxBUGrJCZlVFLXDdxkqhf10vE=
-github.com/jfrog/jfrog-cli-security v1.12.5/go.mod h1:5LBGwth7TXkEH8MO0JJXvpoRktMAV2BK7Q5nQePNrv4=
 github.com/jfrog/jfrog-client-go v1.48.0 h1:hx5B7+Wnobmzq4aFVZtALtbEVDFcjpn0Wb4q2m6H4KU=
 github.com/jfrog/jfrog-client-go v1.48.0/go.mod h1:1a7bmQHkRmPEza9wva2+WVrYzrGbosrMymq57kyG5gU=
 github.com/jszwec/csvutil v1.10.0 h1:upMDUxhQKqZ5ZDCs/wy+8Kib8rZR8I8lOR34yJkdqhI=

nuget_test.go

@@ -107,6 +107,7 @@ func TestNuGetWithGlobalConfig(t *testing.T) {
 	assert.NoError(t, err)
 	err = createConfigFileForTest([]string{jfrogHomeDir}, tests.NugetRemoteRepo, "", t, project.Nuget, true)
 	assert.NoError(t, err)
+	// allow insecure connection for testings to work with localhost server
 	testNugetCmd(t, projectPath, tests.NuGetBuildName, "1", []string{"packagesconfig"}, []string{"nuget", "restore"}, []int{6})
 
 	cleanTestsHomeEnv()
@@ -117,7 +118,10 @@ func testNugetCmd(t *testing.T, projectPath, buildName, buildNumber string, expe
 	assert.NoError(t, err, "Failed to get current dir")
 	chdirCallback := clientTestUtils.ChangeDirWithCallback(t, wd, projectPath)
 	defer chdirCallback()
+
+	allowInsecureConnectionForTests(&args)
 	args = append(args, "--build-name="+buildName, "--build-number="+buildNumber)
+
 	err = runNuGet(t, args...)
 	if err != nil {
 		return
@@ -152,6 +156,12 @@ func testNugetCmd(t *testing.T, projectPath, buildName, buildNumber string, expe
 	inttestutils.DeleteBuild(serverDetails.ArtifactoryUrl, buildName, artHttpDetails)
 }
 
+// Add allow insecure connection for testings to work with localhost server
+func allowInsecureConnectionForTests(args *[]string) *[]string {
+	*args = append(*args, "--allow-insecure-connections")
+	return args
+}
+
 func assertNugetDependencies(t *testing.T, module buildInfo.Module, moduleName string) {
 	for _, dependency := range module.Dependencies {
 		switch dependency.Id {
@@ -224,10 +234,11 @@ func runInitNewConfig(t *testing.T, testSuite testInitNewConfigDescriptor, baseR
 	params := &dotnet.DotnetCommand{}
 	server := &config.ServerDetails{ArtifactoryUrl: baseRtUrl, User: "user", Password: "password"}
 	params.SetServerDetails(server).
-		SetUseNugetV2(testSuite.useNugetV2)
-	// Prepare the config file with NuGet authentication
+		SetUseNugetV2(testSuite.useNugetV2).
+		SetAllowInsecureConnections(true)
 
-	configFile, err := dotnet.InitNewConfig(tempDirPath, "", server, testSuite.useNugetV2)
+	// Prepare the config file with NuGet authentication
+	configFile, err := dotnet.InitNewConfig(tempDirPath, "", server, testSuite.useNugetV2, true)
 	if err != nil {
 		assert.NoError(t, err)
 		return

utils/cliutils/commandsflags.go

@@ -376,7 +376,8 @@ const (
 	npmDetailedSummary = npmPrefix + detailedSummary
 
 	// Unique nuget/dotnet config flags
-	nugetV2 = "nuget-v2"
+	nugetV2                  = "nuget-v2"
+	allowInsecureConnections = "allow-insecure-connections"
 
 	// Unique go flags
 	noFallback = "no-fallback"
@@ -1161,6 +1162,10 @@ var flagsMap = map[string]cli.Flag{
 		Name:  nugetV2,
 		Usage: "[Default: false] Set to true if you'd like to use the NuGet V2 protocol when restoring packages from Artifactory.` `",
 	},
+	allowInsecureConnections: cli.BoolFlag{
+		Name:  allowInsecureConnections,
+		Usage: "[Default: false] Set to true if you wish to configure NuGet sources with unsecured connections. This is recommended for testing purposes only. ` `",
+	},
 	noFallback: cli.BoolTFlag{
 		Name:  noFallback,
 		Usage: "[Default: false] Set to true to avoid downloading packages from the VCS, if they are missing in Artifactory.` `",
@@ -1882,7 +1887,7 @@ var commandFlags = map[string][]string{
 		global, serverIdResolve, repoResolve, nugetV2,
 	},
 	Nuget: {
-		buildName, buildNumber, module, Project,
+		buildName, buildNumber, module, Project, allowInsecureConnections,
 	},
 	DotnetConfig: {
 		global, serverIdResolve, repoResolve, nugetV2,

utils/cliutils/utils.go

@@ -809,3 +809,15 @@ func getDebFlag(c *cli.Context) (deb string, err error) {
 	}
 	return deb, nil
 }
+
+// ExtractBoolFlagFromArgs Extracts a boolean flag from the args and removes it from the slice.
+func ExtractBoolFlagFromArgs(filteredArgs *[]string, flagName string) (value bool, err error) {
+	var flagIndex int
+	var boolFlag bool
+	flagIndex, boolFlag, err = coreutils.FindBooleanFlag("--"+flagName, *filteredArgs)
+	if err != nil {
+		return false, err
+	}
+	coreutils.RemoveFlagFromCommand(filteredArgs, flagIndex, flagIndex)
+	return boolFlag, nil
+}

utils/cliutils/utils_test.go

@@ -140,3 +140,88 @@ func TestShouldCheckLatestCliVersion(t *testing.T) {
 	assert.NoError(t, err)
 	assert.True(t, shouldCheck)
 }
+
+func TestExtractBoolFlagFromArgs(t *testing.T) {
+	testCases := []struct {
+		name          string
+		args          []string
+		flagName      string
+		expectedValue bool
+		expectedErr   bool
+		expectedArgs  []string
+	}{
+		{
+			name:          "Flag present as --flagName (implied true)",
+			args:          []string{"somecmd", "--flagName", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: true,
+			expectedErr:   false,
+			expectedArgs:  []string{"somecmd", "otherarg"},
+		},
+		{
+			name:          "Flag present as --flagName=true",
+			args:          []string{"somecmd", "--flagName=true", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: true,
+			expectedErr:   false,
+			expectedArgs:  []string{"somecmd", "otherarg"},
+		},
+		{
+			name:          "Flag present as --flagName=false",
+			args:          []string{"somecmd", "--flagName=false", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: false,
+			expectedErr:   false,
+			expectedArgs:  []string{"somecmd", "otherarg"},
+		},
+		{
+			name:          "Flag not present",
+			args:          []string{"somecmd", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: false,
+			expectedErr:   false,
+			expectedArgs:  []string{"somecmd", "otherarg"},
+		},
+		{
+			name:          "Flag present with invalid value",
+			args:          []string{"somecmd", "--flagName=invalid", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: false,
+			expectedErr:   true,
+			expectedArgs:  []string{"somecmd", "--flagName=invalid", "otherarg"},
+		},
+		{
+			name:          "Flag present as -flagName (should not be found)",
+			args:          []string{"somecmd", "-flagName", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: false,
+			expectedErr:   false,
+			expectedArgs:  []string{"somecmd", "-flagName", "otherarg"},
+		},
+		{
+			name:          "Flag present multiple times",
+			args:          []string{"somecmd", "--flagName", "--flagName=false", "otherarg"},
+			flagName:      "flagName",
+			expectedValue: true,
+			expectedErr:   false,
+			expectedArgs:  []string{"somecmd", "--flagName=false", "otherarg"},
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			// Make a copy to avoid modifying the original
+			argsCopy := append([]string(nil), tc.args...)
+			value, err := ExtractBoolFlagFromArgs(&argsCopy, tc.flagName)
+
+			if tc.expectedErr {
+				assert.Error(t, err)
+			} else {
+				assert.NoError(t, err)
+			}
+
+			assert.Equal(t, tc.expectedValue, value)
+			assert.Equal(t, tc.expectedArgs, argsCopy)
+		})
+	}
+}