Skip to content

fix(rust): do not try to connect when it is not needed #2192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
imobachgs merged 3 commits into from
Mar 24, 2025
Merged

fix(rust): do not try to connect when it is not needed #2192

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7b30033
fix(rust): do not try to connect when it is not needed
imobachgs Mar 22, 2025
a5cce61
docs(rust): update changes file
imobachgs Mar 22, 2025
1499236
chore(rust): updates from code review
imobachgs Mar 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 33 additions & 17 deletions rust/agama-cli/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,10 +183,10 @@ async fn build_manager<'a>() -> anyhow::Result<ManagerClient<'a>> {

/// True if use of the remote API is allowed (yes by default when the API is secure, the user is
/// asked if the API is insecure - e.g. when it uses self-signed certificate)
async fn allowed_insecure_api(use_insecure: bool, api_url: String) -> Result<bool, ServiceError> {
async fn allowed_insecure_api(use_insecure: bool, api_url: &str) -> Result<bool, ServiceError> {
// fake client used for remote site detection
let mut ping_client = BaseHTTPClient::default();
ping_client.base_url = api_url;
ping_client.base_url = api_url.to_string();

// decide whether access to remote site has to be insecure (self-signed certificate or not)
match ping_client.get::<HashMap<String, String>>("/ping").await {
Expand Down Expand Up @@ -217,29 +217,38 @@ pub fn download_file(url: &str, path: &PathBuf) -> Result<(), ServiceError> {
Ok(())
}

pub async fn run_command(cli: Cli) -> Result<(), ServiceError> {
// somehow check whether we need to ask user for self-signed certificate acceptance
let api_url = cli.opts.api.trim_end_matches('/').to_string();

async fn build_http_client(
api_url: &str,
insecure: bool,
authenticated: bool,
) -> Result<BaseHTTPClient, ServiceError> {
let mut client = BaseHTTPClient::default();
client.base_url = api_url.to_string();

client.base_url = api_url.clone();

if allowed_insecure_api(cli.opts.insecure, api_url.clone()).await? {
if allowed_insecure_api(insecure, &client.base_url).await? {
client = client.insecure();
}

// we need to distinguish commands on those which assume that authentication JWT is already
// available and those which not (or don't need it)
client = if let Commands::Auth(_) = cli.command {
client.unauthenticated()?
} else {
if authenticated {
// this deals with authentication need inside
client.authenticated()?
};
client.authenticated()
} else {
client.unauthenticated()
}
}

pub async fn run_command(cli: Cli) -> Result<(), ServiceError> {
// somehow check whether we need to ask user for self-signed certificate acceptance

let api_url = cli.opts.api.trim_end_matches('/').to_string();

match cli.command {
Commands::Config(subcommand) => run_config_cmd(client, subcommand).await?,
Commands::Config(subcommand) => {
let client = build_http_client(&api_url, cli.opts.insecure, true).await?;
run_config_cmd(client, subcommand).await?
}
Commands::Probe => {
let manager = build_manager().await?;
wait_for_services(&manager).await?;
Expand All @@ -255,10 +264,17 @@ pub async fn run_command(cli: Cli) -> Result<(), ServiceError> {
let method = method.unwrap_or_default();
finish(&manager, method).await?;
}
Commands::Questions(subcommand) => run_questions_cmd(client, subcommand).await?,
Commands::Logs(subcommand) => run_logs_cmd(client, subcommand).await?,
Commands::Questions(subcommand) => {
let client = build_http_client(&api_url, cli.opts.insecure, true).await?;
run_questions_cmd(client, subcommand).await?
}
Commands::Logs(subcommand) => {
let client = build_http_client(&api_url, cli.opts.insecure, true).await?;
run_logs_cmd(client, subcommand).await?
}
Commands::Download { url, destination } => download_file(&url, &destination)?,
Commands::Auth(subcommand) => {
let client = build_http_client(&api_url, cli.opts.insecure, false).await?;
run_auth_cmd(client, subcommand).await?;
}
};
Expand Down
6 changes: 6 additions & 0 deletions rust/package/agama.changes
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
-------------------------------------------------------------------
Sat Mar 22 22:58:09 UTC 2025 - Imobach Gonzalez Sosa <igonzalezsosa@suse.com>

- Do not try to connect to the HTTP server when it is not needed
(gh#agama-project/agama#2192).

-------------------------------------------------------------------
Fri Mar 21 16:37:32 UTC 2025 - Ladislav Slezák <lslezak@suse.com>

Expand Down