DEV2-3818 support insecure mode (#1319)

.prettierignore

@@ -6,4 +6,5 @@ assets
 binaries
 node_modules
 .vscode
-.github
+.github
+.vscode-test

package.json

@@ -177,7 +177,7 @@
     "diff": "^5.0.0",
     "eslint-plugin-no-only-tests": "^3.1.0",
     "extract-zip": "^2.0.1",
-    "https-proxy-agent": "^5.0.0",
+    "https-proxy-agent": "^5.0.1",
     "semver": "^7.3.2",
     "systeminformation": "^5.6.10",
     "tmp": "^0.2.1",
@@ -466,6 +466,11 @@
             "default": true,
             "description": "Use the proxy support for Tabnine (Visual Studio Code must be restarted for this setting to take effect)"
           },
+          "tabnine.ignoreCertificateErrors": {
+            "type": "boolean",
+            "default": false,
+            "description": "Ignore SSL certificate errors when calling Tabnine API (restart to take effect)"
+          },
           "tabnine.cloudHost": {
             "type": "string",
             "default": null,

src/binary/binaryFetcher/bundleDownloader.ts

@@ -65,8 +65,7 @@ function createBundleDirectory(bundleDirectory: string): Promise<void> {
 }
 
 async function getCurrentVersion(): Promise<string> {
-  const versionUrl = getUpdateVersionFileUrl();
-  const version = await downloadFileToStr(versionUrl);
+  const version = await downloadFileToStr(getUpdateVersionFileUrl());
   assertValidVersion(version);
   return version;
 }

src/binary/binaryFetcher/index.ts

@@ -13,6 +13,7 @@ import {
   InstallationState,
 } from "../../events/installationStateChangedEmitter";
 import EventName from "../../reports/EventName";
+import { Logger } from "../../utils/logger";
 
 export default async function fetchBinaryPath(): Promise<string> {
   if (process.env.BINARY_LOCATION) {
@@ -56,7 +57,8 @@ async function downloadVersion(): Promise<string> {
 async function handleErrorMessage(error: Error): Promise<string> {
   reportErrorEvent(EventName.BUNDLE_DOWNLOAD_FAILURE, error);
   reportException(error);
-  return new Promise((resolve, reject) => {
+  Logger.error(BUNDLE_DOWNLOAD_FAILURE_MESSAGE, error);
+  return new Promise((_resolve, reject) => {
     void window
       .showErrorMessage(
         BUNDLE_DOWNLOAD_FAILURE_MESSAGE,

src/binary/paths.ts

@@ -111,3 +111,8 @@ function getArch(): string {
     `Sorry, the architecture '${process.arch}' is not supported by TabNine.`
   );
 }
+
+export function versionOfPath(binaryPath: string): string | undefined {
+  const paresedPath = path.parse(binaryPath).dir.split(path.sep);
+  return paresedPath[paresedPath.length - 2];
+}

src/binary/runBinary.ts

@@ -1,23 +1,30 @@
+import * as semver from "semver";
 import * as vscode from "vscode";
 import tabnineExtensionProperties from "../globals/tabnineExtensionProperties";
 import fetchBinaryPath from "./binaryFetcher";
 import { BinaryProcessRun, runProcess } from "./runProcess";
 import { getCurrentVersion } from "../preRelease/versions";
 import { getTabnineExtensionContext } from "../globals/tabnineExtensionContext";
 import { getProxySettings } from "../proxyProvider";
+import { versionOfPath } from "./paths";
 
 export default async function runBinary(
   additionalArgs: string[] = [],
   inheritStdio = false
 ): Promise<BinaryProcessRun> {
   const [runArgs, metadata] = splitArgs(additionalArgs);
   const command = await fetchBinaryPath();
+  const version = versionOfPath(command);
   const context = getTabnineExtensionContext();
   const proxySettings = tabnineExtensionProperties.useProxySupport
     ? getProxySettings()
     : undefined;
   const args: string[] = [
     "--no-lsp=true",
+    "--tls_config",
+    version && (semver.eq(version, "4.7.1") || semver.gte(version, "4.22.0"))
+      ? `insecure=${tabnineExtensionProperties.ignoreCertificateErrors}`
+      : undefined,
     tabnineExtensionProperties.logEngine ? `--log_to_stderr` : null,
     tabnineExtensionProperties.logFilePath
       ? `--log-file-path=${tabnineExtensionProperties.logFilePath}`

src/enterprise/consts.ts

@@ -3,8 +3,16 @@ export const SELF_HOSTED_SERVER_CONFIGURATION = `tabnineSelfHostedUpdater.server
 export const SELF_HOSTED_IGNORE_PROXY_CONFIGURATION =
   "tabnineSelfHostedUpdater.useProxySupport";
 
+export const SELF_HOSTED_IGNORE_CERTIFICATE_ERRORS_CONFIGURATION =
+  "tabnineSelfHostedUpdater.ignoreCertificateErrors";
+
 export const IGNORE_PROXY_CONFIGURATION = "tabnine.useProxySupport";
 
+export const CA_CERTS_CONFIGURATION = "tabnine.caCerts";
+
+export const IGNORE_CERTIFICATE_ERRORS_CONFIGURATION =
+  "tabnine.ignoreCertificateErrors";
+
 export const TABNINE_HOST_CONFIGURATION = `tabnine.cloudHost`;
 
 export const INSTALL_COMMAND = "workbench.extensions.installExtension";

src/enterprise/extension.ts

@@ -22,8 +22,10 @@ import serverUrl from "./update/serverUrl";
 import tabnineExtensionProperties from "../globals/tabnineExtensionProperties";
 import { host } from "../utils/utils";
 import {
+  IGNORE_CERTIFICATE_ERRORS_CONFIGURATION,
   IGNORE_PROXY_CONFIGURATION,
   RELOAD_COMMAND,
+  SELF_HOSTED_IGNORE_CERTIFICATE_ERRORS_CONFIGURATION,
   SELF_HOSTED_IGNORE_PROXY_CONFIGURATION,
   SELF_HOSTED_SERVER_CONFIGURATION,
   TABNINE_HOST_CONFIGURATION,
@@ -53,7 +55,7 @@ export async function activate(
     })
   );
 
-  await copyServerUrlAndProxyConfigFromUpdater();
+  await copyConfigFromUpdater();
   if (!tryToUpdate()) {
     void confirmServerUrl();
     context.subscriptions.push(
@@ -190,7 +192,7 @@ async function uninstallOtherTabnineIfPresent(extensionIds: string[]) {
   }
 }
 
-async function copyServerUrlAndProxyConfigFromUpdater(): Promise<void> {
+async function copyConfigFromUpdater(): Promise<void> {
   const currentConfiguration = await vscode.workspace
     .getConfiguration()
     .get(TABNINE_HOST_CONFIGURATION);
@@ -221,4 +223,17 @@ async function copyServerUrlAndProxyConfigFromUpdater(): Promise<void> {
       .getConfiguration()
       .update(IGNORE_PROXY_CONFIGURATION, updaterServerUrlConfig, true);
   }
+
+  const ignoreCertificateErrorsConfig = await vscode.workspace
+    .getConfiguration()
+    .get(SELF_HOSTED_IGNORE_CERTIFICATE_ERRORS_CONFIGURATION);
+  if (ignoreCertificateErrorsConfig !== undefined) {
+    await vscode.workspace
+      .getConfiguration()
+      .update(
+        IGNORE_CERTIFICATE_ERRORS_CONFIGURATION,
+        ignoreCertificateErrorsConfig,
+        true
+      );
+  }
 }

src/enterprise/update/isHealthyServer.ts

@@ -1,11 +1,12 @@
-import createClient, { healthy } from "./client";
+import { URL } from "url";
+import { getHttpStatusCode } from "../../utils/download.utils";
 import serverUrl, { validateUrl } from "./serverUrl";
 
 export async function isHealthyServer(): Promise<boolean> {
   const url = serverUrl();
   if (!validateUrl(url)) {
     return false;
   }
-  const client = await createClient(url as string);
-  return healthy(client);
+
+  return (await getHttpStatusCode(new URL("/health", url))) === 200;
 }

src/enterprise/update/updateAndReload.ts

@@ -16,7 +16,7 @@ export default async function updateAndReload(serverUrl: string) {
       Logger.info("Tabnine updater - nothing to update");
     }
   } catch (e) {
-    Logger.error("Failed to update Tabnine plugin");
+    Logger.error("Failed to update Tabnine plugin", e);
     void vscode.window
       .showErrorMessage(
         "Failed to update Tabnine, check Tabnine log output for more details",

src/enterprise/update/updateTask.ts

@@ -2,9 +2,12 @@ import { commands, Uri, window, ProgressLocation } from "vscode";
 import * as tmp from "tmp";
 import { promisify } from "util";
 import * as semver from "semver";
+import { URL } from "url";
 import { INSTALL_COMMAND, UPDATE_PREFIX } from "../consts";
-import createClient from "./client";
-import downloadUrl from "./downloadUrl";
+import {
+  downloadFileToDestination,
+  downloadFileToStr,
+} from "../../utils/download.utils";
 
 const createTmpFile = promisify(tmp.file);
 
@@ -16,9 +19,8 @@ export default async function updateTask(
   serverUrl: string,
   currentVersion: string | undefined
 ): Promise<string | null> {
-  const client = await createClient(serverUrl);
-  let { data: latestVersion } = await client.get<string>(
-    `${UPDATE_PREFIX}/version`
+  let latestVersion = await downloadFileToStr(
+    new URL(`${UPDATE_PREFIX}/version`, serverUrl)
   );
   latestVersion = latestVersion.trim();
   if (!currentVersion || semver.gt(latestVersion, currentVersion)) {
@@ -30,9 +32,11 @@ export default async function updateTask(
       },
       async () => {
         const path = await createTmpFile();
-        await downloadUrl(
-          client,
-          `${UPDATE_PREFIX}/tabnine-vscode-${latestVersion}.vsix`,
+        await downloadFileToDestination(
+          new URL(
+            `${UPDATE_PREFIX}/tabnine-vscode-${latestVersion}.vsix`,
+            serverUrl
+          ),
           path
         );
         await commands.executeCommand(INSTALL_COMMAND, Uri.file(path));

src/globals/tabnineExtensionProperties.ts

@@ -1,6 +1,10 @@
 import * as vscode from "vscode";
 import { getTabnineExtensionContext } from "./tabnineExtensionContext";
-import { IGNORE_PROXY_CONFIGURATION } from "../enterprise/consts";
+import {
+  CA_CERTS_CONFIGURATION,
+  IGNORE_CERTIFICATE_ERRORS_CONFIGURATION,
+  IGNORE_PROXY_CONFIGURATION,
+} from "../enterprise/consts";
 
 const TELEMETRY_CONFIG_ID = "telemetry";
 const TELEMETRY_CONFIG_ENABLED_ID = "enableTelemetry";
@@ -35,6 +39,8 @@ interface TabNineExtensionProperties {
   useProxySupport: boolean;
   packageName: string;
   logEngine: boolean | undefined;
+  caCerts: string | undefined;
+  ignoreCertificateErrors: boolean;
 }
 
 function getContext(): TabNineExtensionProperties {
@@ -108,6 +114,14 @@ function getContext(): TabNineExtensionProperties {
     get useProxySupport(): boolean {
       return useProxySupport;
     },
+    get caCerts(): string | undefined {
+      return configuration.get<string>(CA_CERTS_CONFIGURATION);
+    },
+    get ignoreCertificateErrors(): boolean {
+      return !!configuration.get<boolean>(
+        IGNORE_CERTIFICATE_ERRORS_CONFIGURATION
+      );
+    },
     get logLevel(): string | undefined {
       return logLevel;
     },

src/preRelease/installer.ts

@@ -22,8 +22,6 @@ import { ExtensionContext, GitHubReleaseResponse } from "./types";
 import { Capability, isCapabilityEnabled } from "../capabilities/capabilities";
 import { Logger } from "../utils/logger";
 
-const badVersion = "9999.9999.9999";
-
 export default async function handlePreReleaseChannels(
   context: ExtensionContext
 ): Promise<void> {
@@ -71,9 +69,7 @@ function isNewerAlphaVersionAvailable(
   const availableSemverCoerce = semver.coerce(availableVersion)?.version || "";
 
   const isNewerVersion =
-    !!currentVersion &&
-    semver.gt(availableVersion, currentVersion) &&
-    semver.neq(availableSemverCoerce, badVersion);
+    !!currentVersion && semver.gt(availableVersion, currentVersion);
   const isAlphaAvailable = !!semver
     .prerelease(availableVersion)
     ?.includes("alpha");