Support TLS in Daml Helper --json-api requests

This PR accepts the --tls flag but rejects the flags to set certs because those don’t really make sense here (or are at least not easily settable). Unfortunately no great way to test this without a huge amount of test infrastructure to setup a custom TLS reverse proxy for tests. If someone has an idea to add a reasonable test, I’m all ears. changelog_begin - [Daml Assistant] The `daml ledger` commands now accepts `--tls` in combination with `--json-api` to access a JSON API behind a TLS reverse proxy. changelog_end
digital-asset · cocreature · Sep 1, 2021 · Aug 30, 2021 · Aug 30, 2021 · 8854ea7300dd68ee0be8d19132db0eb23075e508
commit 8854ea7300dd68ee0be8d19132db0eb23075e508
diff --git a/daml-assistant/daml-helper/src/DA/Daml/Helper/Ledger.hs b/daml-assistant/daml-helper/src/DA/Daml/Helper/Ledger.hs
@@ -594,9 +594,12 @@ httpBsRequest args method path modify = do
 
 makeRequest :: LedgerArgs -> Method -> Path -> (Request -> Request) -> IO Request
 makeRequest LedgerArgs {sslConfigM, tokM, port, host} method path modify = do
-  when (isJust sslConfigM) $
-    fail "The HTTP JSON API doesn't support TLS requests, but a TLS flag was set."
+  secure <- case sslConfigM of
+    Nothing -> pure False
+    Just (L.ClientSSLConfig Nothing Nothing Nothing) -> pure True
+    Just _ -> fail "The HTTP JSON API does not support --pem, --crt and --cacrt flags."
   pure $
+    setRequestSecure secure $
     setRequestPort port $
     setRequestHost (BSC.pack host) $
     setRequestMethod (unMethod method) $