Add proxy_ca_certificate_file output to start-proxy action#2846
Draft
Add proxy_ca_certificate_file output to start-proxy action#2846
proxy_ca_certificate_file output to start-proxy action#2846Conversation
Useful to avoid duplicating this across different extractors (e.g. C# and Go)
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds an output for the proxy CA certificate file in the start-proxy action to avoid duplicating certificate handling in different extractors.
- Adds FS import and logic to write the CA certificate to a temporary file.
- Updates the ProxyConfig type to include an optional certificate file property.
- Mirrors the changes in both the TypeScript and JavaScript implementations.
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| src/start-proxy-action.ts | Adds certificate file writing logic and exposes its file path output. |
| lib/start-proxy-action.js | Applies the same certificate file writing changes as in the TS file. |
Comments suppressed due to low confidence (1)
lib/start-proxy-action.js:122
- The catch block only logs the error without failing the action. To guarantee the certificate file is properly written, consider rethrowing the error so that the process fails on write errors.
} catch (error) {
Tip: Leave feedback on Copilot's review comments with the 👎 and 👍 buttons to help improve review quality. Learn more
| fs.writeFileSync(certificatePath, ca.cert); | ||
|
|
||
| proxyConfig.ca_certificate_file = certificatePath; | ||
| } catch (error) { |
There was a problem hiding this comment.
The catch block only logs the error without failing the action. Given the PR description's goal to ensure the certificate file is successfully written, consider rethrowing the error to fail execution if the write fails.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I figured it would be useful to avoid duplicating this across different extractors that e.g. set
SSL_CERT_FILEfor relevant sub-processes. That's currently done by the C# extractor and looks like will be done by the Go extractor as well. By doing it in the action, we can avoid duplicating this process in those extractors.Notes/questions for reviewers
Merge / deployment checklist