Add --insecure flag instead of NODE_TLS_REJECT_UNAUTHORIZED=0

mihaeu · mihaeu · commit ad6b3a462caa · 2022-06-06T14:38:22.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,6 +10,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 
 -   Added config option `personalAccessToken` and environment variable `CONFLUENCE_PERSONAL_ACCESS_TOKEN` in order to support authentication using [personal access tokens](https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html). (solves [#26](https://github.com/mihaeu/cosmere/issues/26))
+-   Added `--insecure` flag in order to not have to use `NODE_TLS_REJECT_UNAUTHORIZED=0` in cases where it's needed.
+
+### Changed
+
+-   Pictures are now only uploaded if they differ in filename or size. Only pictures that do not match will be deleted remotely (previously all pictures were deleted, then all were uploaded).
+
+### Fixed
+
+-   Fixed cache check so that only real changes in files require an update.
 
 ## [0.14.1] - 2021-08-25
 
diff --git a/README.md b/README.md
@@ -118,7 +118,7 @@ or create an alias:
 
 ### Custom certificates on Confluence instance
 
-Prepend `NODE_TLS_REJECT_UNAUTHORIZED=0` to your `cosmere` call in order to not reject invalid certificates. This is risky and it's preferable to get proper certificates.
+Use the `--insecure` option for your `cosmere` call in order to not reject invalid certificates. This is risky, and it's preferable to get proper certificates.
 
 ## Need new features?
 
diff --git a/bin/cosmere b/bin/cosmere
@@ -3,18 +3,19 @@
 const docopt = require('docopt');
 const options = docopt.docopt(`
 Usage:
-  cosmere [--force] [--config=<path>]
+  cosmere [--force] [--insecure] [--config=<path>]
   cosmere generate-config [--config=<path>]
 
 Options:
   --force           always upload even if the file looks the same
+  --insecure        disables certificate verification (!this makes the transfer insecure!)
   --config=<path>   specify the path to the config
 `);
 
 if (options['generate-config']) {
   require('../dist/src/cli/GenerateCommand').default(options['--config']);
 } else {
-  require('../dist/src/cli/MainCommand').default(options['--config'], options['--force'])
+  require('../dist/src/cli/MainCommand').default(options['--config'], options['--force'], options['--insecure'])
     .then()
     .catch(e  => {
         require('signale').fatal(e);
diff --git a/src/api/ConfluenceAPI.ts b/src/api/ConfluenceAPI.ts
@@ -3,49 +3,42 @@ import * as fs from "fs";
 import signale from "signale";
 import { GetAttachmentsResult } from "./GetAttachmentsResult";
 import { Attachment } from "./Attachment";
+import { Agent } from "https";
 
 export class ConfluenceAPI {
     private readonly baseUrl: string;
     private readonly authHeader: {
         Authorization: string;
     };
+    private readonly agent: Agent;
 
-    constructor(baseUrl: string, authorizationToken: string) {
+    constructor(baseUrl: string, authorizationToken: string, insecure: boolean) {
         this.baseUrl = baseUrl;
         this.authHeader = {
             Authorization: authorizationToken,
         };
+        this.agent = new (require("https").Agent)({
+            rejectUnauthorized: !insecure,
+        });
     }
 
     async updateConfluencePage(pageId: string, newPage: any) {
-        const config = {
-            headers: {
-                ...this.authHeader,
-                "Content-Type": "application/json",
-            },
-        };
         try {
-            await axios.put(`${this.baseUrl}/content/${pageId}`, newPage, config);
+            await axios.put(`${this.baseUrl}/content/${pageId}`, newPage, this.config());
         } catch (e) {
             signale.await(`First attempt failed, retrying ...`);
-            await axios.put(`${this.baseUrl}/content/${pageId}`, newPage, config);
+            await axios.put(`${this.baseUrl}/content/${pageId}`, newPage, this.config());
         }
     }
 
     async getAttachments(pageId: string): Promise<GetAttachmentsResult> {
-        return (
-            await axios.get(`${this.baseUrl}/content/${pageId}/child/attachment`, {
-                headers: this.authHeader,
-            })
-        ).data;
+        return (await axios.get(`${this.baseUrl}/content/${pageId}/child/attachment`, this.config())).data;
     }
 
     async deleteAttachment(attachment: Attachment) {
         try {
             signale.await(`Deleting attachment "${attachment.title}" ...`);
-            await axios.delete(`${this.baseUrl}/content/${attachment.id}`, {
-                headers: this.authHeader,
-            });
+            await axios.delete(`${this.baseUrl}/content/${attachment.id}`, this.config());
         } catch (e) {
             signale.error(`Deleting attachment "${attachment.title}" failed ...`);
         }
@@ -60,6 +53,7 @@ export class ConfluenceAPI {
                     "X-Atlassian-Token": "nocheck",
                     ...this.authHeader,
                 },
+                httpsAgent: this.agent,
                 data: {
                     file: fs.createReadStream(filename),
                 },
@@ -70,8 +64,16 @@ export class ConfluenceAPI {
     }
 
     async currentPage(pageId: string) {
-        return axios.get(`${this.baseUrl}/content/${pageId}?expand=body.storage,version`, {
-            headers: this.authHeader,
-        });
+        return axios.get(`${this.baseUrl}/content/${pageId}?expand=body.storage,version`, this.config());
+    }
+
+    private config() {
+        return {
+            headers: {
+                ...this.authHeader,
+                "Content-Type": "application/json",
+            },
+            httpsAgent: this.agent,
+        };
     }
 }
diff --git a/src/cli/MainCommand.ts b/src/cli/MainCommand.ts
@@ -3,9 +3,9 @@ import { ConfigLoader } from "../ConfigLoader";
 import { ConfluenceAPI } from "../api/ConfluenceAPI";
 import { updatePage } from "../UpdatePage";
 
-export default async function(configPath: string | null, force: boolean = false) {
+export default async function(configPath: string | null, force: boolean = false, insecure: boolean = false) {
     const config: Config = await ConfigLoader.load(configPath);
-    const confluenceAPI = new ConfluenceAPI(config.baseUrl, config.authorizationToken);
+    const confluenceAPI = new ConfluenceAPI(config.baseUrl, config.authorizationToken, insecure);
 
     for (const pageData of config.pages) {
         await updatePage(confluenceAPI, pageData, config, force);
diff --git a/tests/UpdatePage.test.ts b/tests/UpdatePage.test.ts
@@ -17,6 +17,6 @@ describe("UpdatePage", () => {
             configPath: "...",
             authorizationToken: "Bearer unbearable",
         };
-        expect(updatePage(new ConfluenceAPI("", "Bearer unbearable"), pageData, config, false)).toBeFalsy();
+        expect(updatePage(new ConfluenceAPI("", "Bearer unbearable", false), pageData, config, false)).toBeFalsy();
     });
 });
diff --git a/tests/api/ConfluenceAPI.test.ts b/tests/api/ConfluenceAPI.test.ts
@@ -1,6 +1,7 @@
 import { ConfluenceAPI } from "../../src/api/ConfluenceAPI";
 import axios from "axios";
 import { mocked } from "ts-jest/utils";
+import { Agent } from "https";
 
 jest.mock("axios");
 const axiosMock = mocked(axios, true);
@@ -9,12 +10,14 @@ describe("ConfluenceAPI", () => {
     it("fetches current version of confluence page", async () => {
         axiosMock.get.mockResolvedValue({ data: "Test" });
 
-        const confluenceAPI = new ConfluenceAPI("", "Bearer unbearable");
+        const confluenceAPI = new ConfluenceAPI("", "Bearer unbearable", false);
         await confluenceAPI.currentPage("2");
         expect(axiosMock.get).toHaveBeenCalledWith("/content/2?expand=body.storage,version", {
             headers: {
                 Authorization: "Bearer unbearable",
+                "Content-Type": "application/json",
             },
+            httpsAgent: expect.any(Agent),
         });
     });
 });
