Add option to allow HTTP (not HTTPS) registries #7204
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Footpad
requested review from
neonichu,
tomerd and
MaxDesiatov
as code owners
|
@swift-ci please test |
yim-lee
reviewed
Dec 16, 2023
MaxDesiatov
changed the title
|
Hi @Footpad, thank you for your contribution! Would you be willing to address feedback on this PR and get it over the finish line? |
|
My apologies for the delay in checking back in on this PR - it has been quite busy since the holidays! There's an outstanding feedback that I'd like to get more input on from the team in terms of which direction we should take the feedback. Please take a look and let me know how we should proceed. Thanks! |
|
Updated PR incorporating feedback |
|
@swift-ci test |
|
@swift-ci test windows |
|
Thanks folks for the help in getting this merged! Appreciate your patience as well 😄 |
furby-tm
pushed a commit
to wabiverse/swift-package-manager
that referenced
this pull request
May 15, 2024
Addresses swiftlang#7170: this adds an option to the `package-registry` `set` and `publish` commands to allow using an HTTP registry endpoint, bypassing the existing requirement that package registries use HTTPS. ### Motivation: In short, the motivation is to allow publishing to a registry that is hosted on a local machine. It is difficult to host a fully TLS-compliant HTTPS endpoint on developer machines at scale. See more detail in swiftlang#7170 ### Modifications: * Adds a new `allowInsecureHTTP` flag to the Registry model. * Adds a new `--allow-insecure-http` flag to the `package-registry` `set` and `publish` commands. * Adds tests that validate the behavior of the model and command additions. * Adds tests that validate the requested constraints in swiftlang#7170 regarding HTTP endpoints, such as not being able to publish to an HTTP endpoint if there is authentication configured for it, and `login` command requiring HTTPS. ### Result: We will be able to use the `swift` CLI to publish to our HTTP registries locally hosted on our development machines. As a result, we will be able to migrate to the official tooling instead of needing to continue using home-rolled publish tooling.
furby-tm
pushed a commit
to wabiverse/swift-package-manager
that referenced
this pull request
May 15, 2024
Addresses swiftlang#7170: this adds an option to the `package-registry` `set` and `publish` commands to allow using an HTTP registry endpoint, bypassing the existing requirement that package registries use HTTPS. ### Motivation: In short, the motivation is to allow publishing to a registry that is hosted on a local machine. It is difficult to host a fully TLS-compliant HTTPS endpoint on developer machines at scale. See more detail in swiftlang#7170 ### Modifications: * Adds a new `allowInsecureHTTP` flag to the Registry model. * Adds a new `--allow-insecure-http` flag to the `package-registry` `set` and `publish` commands. * Adds tests that validate the behavior of the model and command additions. * Adds tests that validate the requested constraints in swiftlang#7170 regarding HTTP endpoints, such as not being able to publish to an HTTP endpoint if there is authentication configured for it, and `login` command requiring HTTPS. ### Result: We will be able to use the `swift` CLI to publish to our HTTP registries locally hosted on our development machines. As a result, we will be able to migrate to the official tooling instead of needing to continue using home-rolled publish tooling.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #7170: this adds an option to the
package-registrysetandpublishcommands to allow using an HTTP registry endpoint, bypassing the existing requirement that package registries use HTTPS.Motivation:
In short, the motivation is to allow publishing to a registry that is hosted on a local machine. It is difficult to host a fully TLS-compliant HTTPS endpoint on developer machines at scale. See more detail in #7170
Modifications:
allowInsecureHTTPflag to the Registry model.--allow-insecure-httpflag to thepackage-registrysetandpublishcommands.logincommand requiring HTTPS.Result:
We will be able to use the
swiftCLI to publish to our HTTP registries locally hosted on our development machines. As a result, we will be able to migrate to the official tooling instead of needing to continue using home-rolled publish tooling.