Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Postinstall seems to ignore strict-ssl=false #211

Closed
alongotban opened this issue Mar 6, 2020 · 5 comments
Closed

Postinstall seems to ignore strict-ssl=false #211

alongotban opened this issue Mar 6, 2020 · 5 comments
Assignees
@mefellows

Comments

@alongotban
Copy link

We are using pact behind a corporate firewall. In view of #88 we have the following pact-related entries in our package.json:

  "config": {
    "pact_binary_location": "https://artifactory.ourcompany.com.au/artifactory/pact-github-repo/download/v1.81.0/"
  },
...
  "devDependencies": {
    "@pact-foundation/pact": "^9.6.0",
...

Our .npmrc contains

strict-ssl=false
cafile=/usr/local/ourcompany/certificates/ourcompany-proxy-internal.cer

which works for all packages - except for pact-foundation. We get:

Installing Pact Standalone Binary for darwin.
Downloading Pact Standalone Binary v1.73.0 for platform darwin from https://artifactory.ourcompany.com.au/artifactory/pact-github-repo/download/v1.81.0/pact-1.73.0-osx.tar.gz
Error: Error while installing binary: Postinstalled Failed Unexpectedly: Error downloading binary from https://artifactory.ourcompany.com.au/artifactory/pact-github-repo/download/v1.81.0/pact-1.73.0-osx.tar.gz: Error: Error while installing binary: Error: self signed certificate in certificate chain

We can curl https://artifactory.ourcompany.com.au/artifactory/pact-github-repo/download/v1.81.0/pact-1.73.0-osx.tar.gz, so we know the URL is correct.

It appears that the postinstall script https://github.com/pact-foundation/pact-node/blob/master/standalone/install.ts does not use the strict-ssl=false setting.
@mefellows mefellows self-assigned this Mar 6, 2020
@mefellows
Copy link
Member

Thanks for the report. I've pushed up a small change now, we'll get this out in the next release.

@mefellows mefellows assigned mefellows and unassigned mefellows Mar 6, 2020
@alongotban
Copy link
Author

Nice, thanks very much @mefellows. How can I find out when the next release will be coming out ? (This is blocking us from using Pact, unfortunately).

@mefellows
Copy link
Member

No worries. I just need another maintainer to review and sign off, and then we'll release. Usually, just a few days (so mid next week I'd say).

@alongotban
Copy link
Author

Great news @mefellows . I also noticed that I have to specify the version ${PACT_STANDALONE_VERSION} as part of the pact_binary_location:

"pact_binary_location": "https://artifactory.ourcompany.com.au/artifactory/pact-github-repo/download/v1.81.0/"

where as this could be done by the function createConfig() in install.ts. Then the binary location would not have to be updated when new version are available. Would you like me to create a separate issue/request for this ?

@mefellows
Copy link
Member

A separate issue would be great, thanks.

This is a fairly straightforward thing - we need to honour a standard npm setting.

In the other case, I think we'll need to discuss the pros/cons and interface for it.

TimothyJones added a commit that referenced this issue Mar 15, 2020
@TimothyJones
Merge pull request #212 from pact-foundation/fix/211_allow-strict-ssl…
2ddbeae 
…-in-install

fix: set strictSSL on custom downloads from NPM config. Fixes #211
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mefellows mefellows

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mefellows @alongotban