mirror of
https://github.com/balena-io/balena-cli.git
synced 2025-01-04 13:04:09 +00:00
d0e4fa0e59
Change-type: patch
150 lines
5.3 KiB
TypeScript
150 lines
5.3 KiB
TypeScript
/**
|
|
* @license
|
|
* Copyright 2019-2020 Balena Ltd.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
import type { Options as GlobalTunnelNgConfig } from 'global-tunnel-ng';
|
|
export type { GlobalTunnelNgConfig };
|
|
|
|
import { CliSettings } from './bootstrap';
|
|
|
|
type ProxyConfig = string | GlobalTunnelNgConfig;
|
|
|
|
/**
|
|
* Global proxy setup. Originally, `global-tunnel-ng` was used, but it only
|
|
* supports Node.js versions older than 10.16.0. For v10.16.0 and later,
|
|
* we use `global-agent` (which only supports Node.js v10.0.0 and later).
|
|
*
|
|
* For backwards compatibility reasons, in either case we still accept a
|
|
* 'proxy' setting in `.balenarc.yml` that follows the
|
|
* `global-tunnel-ng` object configuration format:
|
|
* https://www.npmjs.com/package/global-tunnel-ng#options
|
|
*
|
|
* The proxy may also be configured with the environment variables:
|
|
* BALENARC_PROXY, HTTP_PROXY, HTTPS_PROXY, http_proxy, and https_proxy,
|
|
* any of which should contain a URL in the usual format (authentication
|
|
* details are optional): http://username:password@domain.com:1234
|
|
*
|
|
* A proxy exclusion list in the NO_PROXY variable is only supported when
|
|
* `global-agent` is used, i.e. with Node.js v10.16.0 or later. The format
|
|
* is specified at: https://www.npmjs.com/package/global-agent#exclude-urls
|
|
* Patterns are matched with matcher: https://www.npmjs.com/package/matcher
|
|
* 'localhost' and '127.0.0.1' are always excluded. If NO_PROXY is not defined,
|
|
* default exclusion patterns are added for all private IPv4 address ranges.
|
|
*/
|
|
export async function setupGlobalHttpProxy(settings: CliSettings) {
|
|
// `global-tunnel-ng` accepts lowercase variables with higher precedence
|
|
// than uppercase variables, but `global-agent` does not accept lowercase.
|
|
// Set uppercase versions for backwards compatibility.
|
|
const { env } = process;
|
|
if (env.http_proxy) {
|
|
env.HTTP_PROXY = env.http_proxy;
|
|
}
|
|
if (env.https_proxy) {
|
|
env.HTTPS_PROXY = env.https_proxy;
|
|
}
|
|
delete env.http_proxy;
|
|
delete env.https_proxy;
|
|
|
|
const proxy = settings.getCatch<ProxyConfig>('proxy');
|
|
if (proxy || env.HTTPS_PROXY || env.HTTP_PROXY) {
|
|
const semver = await import('semver');
|
|
if (semver.lt(process.version, '10.16.0')) {
|
|
await setupGlobalTunnelNgProxy(proxy);
|
|
} else {
|
|
// use global-agent instead of global-tunnel-ng
|
|
await setupGlobalAgentProxy(settings, proxy);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* `global-tunnel-ng` proxy setup.
|
|
* See docs for setupGlobalHttpProxy() above.
|
|
*/
|
|
async function setupGlobalTunnelNgProxy(proxy?: ProxyConfig) {
|
|
const globalTunnel = await import('global-tunnel-ng');
|
|
// Init the tunnel even if BALENARC_PROXY is not defined, because
|
|
// other env vars may be defined. If no proxy configuration exists,
|
|
// initialize() does nothing.
|
|
globalTunnel.initialize(proxy);
|
|
(global as any).PROXY_CONFIG = globalTunnel.proxyConfig;
|
|
}
|
|
|
|
/**
|
|
* `global-agent` proxy setup.
|
|
* See docs for setupGlobalHttpProxy() above, and also the README file
|
|
* (Proxy Support section).
|
|
* If `proxy` is undefined, HTTP(S)_PROXY env vars are expected to be set.
|
|
*/
|
|
async function setupGlobalAgentProxy(
|
|
settings: CliSettings,
|
|
proxy?: ProxyConfig,
|
|
) {
|
|
const noProxy = settings.getCatch<string>('noProxy');
|
|
// Always exclude localhost, even if NO_PROXY is set
|
|
const requiredNoProxy = ['localhost', '127.0.0.1'];
|
|
// Private IPv4 address patterns in `matcher` format: https://www.npmjs.com/package/matcher
|
|
const privateNoProxy = ['*.local', '10.*', '192.168.*'];
|
|
for (let i = 16; i <= 31; i++) {
|
|
privateNoProxy.push(`172.${i}.*`);
|
|
}
|
|
|
|
// BALENARC_DO_PROXY is a list of entries to exclude from BALENARC_NO_PROXY
|
|
// (so "do proxy" takes precedence over "no proxy"). It is an undocumented
|
|
// feature/hack added to facilitate testing of the CLI's standalone executable
|
|
// through a local proxy server, by setting BALENARC_DO_PROXY="localhost,127.0.0.1"
|
|
// See also runCommandInSubprocess() function in `tests/helpers.ts`.
|
|
const doProxy = (process.env.BALENARC_DO_PROXY || '').split(',');
|
|
|
|
const env = process.env;
|
|
env.GLOBAL_AGENT_ENVIRONMENT_VARIABLE_NAMESPACE = '';
|
|
env.NO_PROXY = [
|
|
...requiredNoProxy,
|
|
...(noProxy ? noProxy.split(',').filter((v) => v) : privateNoProxy),
|
|
]
|
|
.filter((i) => !doProxy.includes(i))
|
|
.join(',');
|
|
|
|
if (proxy) {
|
|
const proxyUrl: string =
|
|
typeof proxy === 'string' ? proxy : makeUrlFromTunnelNgConfig(proxy);
|
|
|
|
env.HTTPS_PROXY = env.HTTP_PROXY = proxyUrl;
|
|
}
|
|
|
|
const { bootstrap } = await import('global-agent');
|
|
bootstrap();
|
|
}
|
|
|
|
/** Make a URL in the format 'http://bob:secret@proxy.company.com:12345' */
|
|
export function makeUrlFromTunnelNgConfig(cfg: GlobalTunnelNgConfig): string {
|
|
let url: string = cfg.host;
|
|
if (cfg.proxyAuth) {
|
|
url = `${cfg.proxyAuth}@${url}`;
|
|
}
|
|
if (cfg.protocol) {
|
|
// accept 'http', 'http:', 'http://' and the like
|
|
const match = cfg.protocol.match(/^[^:/]+/);
|
|
if (match) {
|
|
url = `${match[0].toLowerCase()}://${url}`;
|
|
}
|
|
}
|
|
if (cfg.port) {
|
|
url = `${url}:${cfg.port}`;
|
|
}
|
|
return url;
|
|
}
|