// This should only be called from config public void SaveProxySetting() { if (!string.IsNullOrEmpty(ProxyAddress)) { string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy); IOUtil.DeleteFile(proxyConfigFile); Trace.Info($"Store proxy configuration to '{proxyConfigFile}' for proxy '{ProxyAddress}'"); File.WriteAllText(proxyConfigFile, ProxyAddress); File.SetAttributes(proxyConfigFile, File.GetAttributes(proxyConfigFile) | FileAttributes.Hidden); string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials); IOUtil.DeleteFile(proxyCredFile); if (!string.IsNullOrEmpty(ProxyUsername) && !string.IsNullOrEmpty(ProxyPassword)) { string lookupKey = Guid.NewGuid().ToString("D").ToUpperInvariant(); Trace.Info($"Store proxy credential lookup key '{lookupKey}' to '{proxyCredFile}'"); File.WriteAllText(proxyCredFile, lookupKey); File.SetAttributes(proxyCredFile, File.GetAttributes(proxyCredFile) | FileAttributes.Hidden); var credStore = HostContext.GetService <IAgentCredentialStore>(); credStore.Write($"VSTS_AGENT_PROXY_{lookupKey}", ProxyUsername, ProxyPassword); } } else { Trace.Info("No proxy configuration exist."); } }
// This should only be called from unconfig public void DeleteProxySetting() { string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials); if (File.Exists(proxyCredFile)) { Trace.Info("Delete proxy credential from credential store."); string lookupKey = File.ReadAllLines(proxyCredFile).FirstOrDefault(); if (!string.IsNullOrEmpty(lookupKey)) { var credStore = HostContext.GetService <IAgentCredentialStore>(); credStore.Delete($"VSTS_AGENT_PROXY_{lookupKey}"); } Trace.Info($"Delete .proxycredentials file: {proxyCredFile}"); IOUtil.DeleteFile(proxyCredFile); } string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass); if (File.Exists(proxyBypassFile)) { Trace.Info($"Delete .proxybypass file: {proxyBypassFile}"); IOUtil.DeleteFile(proxyBypassFile); } string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy); Trace.Info($"Delete .proxy file: {proxyConfigFile}"); IOUtil.DeleteFile(proxyConfigFile); }
public void LoadProxyBypassList() { string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass); if (File.Exists(proxyBypassFile)) { Trace.Verbose($"Try read proxy bypass list from file: {proxyBypassFile}."); foreach (string bypass in File.ReadAllLines(proxyBypassFile).Where(value => !string.IsNullOrWhiteSpace(value)).Select(value => value.Trim())) { Trace.Info($"Bypass proxy for: {bypass}."); ProxyBypassList.Add(bypass.Trim()); } } foreach (var envVar in new string[] { "no_proxy" }) { Trace.Verbose($"Try reading proxy bypass list from environment variable: '{envVar}'."); var proxyBypassEnv = Environment.GetEnvironmentVariable(envVar) ?? string.Empty; foreach (string bypass in proxyBypassEnv.Split(new [] { ',', ';' }).Where(value => !string.IsNullOrWhiteSpace(value)).Select(value => value.Trim())) { Trace.Info($"Bypass proxy for: {bypass}."); ProxyBypassList.Add(bypass); } } }
public void LoadCertificateSettings() { string certSettingFile = HostContext.GetConfigFile(WellKnownConfigFile.Certificates); if (File.Exists(certSettingFile)) { Trace.Info($"Load agent certificate setting from '{certSettingFile}'"); var certSetting = IOUtil.LoadObject <AgentCertificateSetting>(certSettingFile); ArgUtil.NotNull(certSetting, nameof(AgentCertificateSetting)); if (certSetting.SkipServerCertValidation) { Trace.Info("Ignore SSL server certificate validation error"); SkipServerCertificateValidation = true; VssClientHttpRequestSettings.Default.ServerCertificateValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator; } if (!string.IsNullOrEmpty(certSetting.CACert)) { // make sure all settings file exist ArgUtil.File(certSetting.CACert, nameof(certSetting.CACert)); Trace.Info($"CA '{certSetting.CACert}'"); CACertificateFile = certSetting.CACert; } if (!string.IsNullOrEmpty(certSetting.ClientCert)) { // make sure all settings file exist ArgUtil.File(certSetting.ClientCert, nameof(certSetting.ClientCert)); ArgUtil.File(certSetting.ClientCertPrivatekey, nameof(certSetting.ClientCertPrivatekey)); ArgUtil.File(certSetting.ClientCertArchive, nameof(certSetting.ClientCertArchive)); Trace.Info($"Client cert '{certSetting.ClientCert}'"); Trace.Info($"Client cert private key '{certSetting.ClientCertPrivatekey}'"); Trace.Info($"Client cert archive '{certSetting.ClientCertArchive}'"); ClientCertificateFile = certSetting.ClientCert; ClientCertificatePrivateKeyFile = certSetting.ClientCertPrivatekey; ClientCertificateArchiveFile = certSetting.ClientCertArchive; if (!string.IsNullOrEmpty(certSetting.ClientCertPasswordLookupKey)) { var cerdStore = HostContext.GetService <IAgentCredentialStore>(); ClientCertificatePassword = cerdStore.Read($"VSTS_AGENT_CLIENT_CERT_PASSWORD_{certSetting.ClientCertPasswordLookupKey}").Password; HostContext.SecretMasker.AddValue(ClientCertificatePassword, WellKnownSecretAliases.ClientCertificatePassword); } _agentClientCertificateManager.AddClientCertificate(ClientCertificateArchiveFile, ClientCertificatePassword); } } else { Trace.Info("No certificate setting found."); } }
// This should only be called from config public void SaveCertificateSetting() { string certSettingFile = HostContext.GetConfigFile(WellKnownConfigFile.Certificates); IOUtil.DeleteFile(certSettingFile); var setting = new AgentCertificateSetting(); if (SkipServerCertificateValidation) { Trace.Info($"Store Skip ServerCertificateValidation setting to '{certSettingFile}'"); setting.SkipServerCertValidation = true; } if (!string.IsNullOrEmpty(CACertificateFile)) { Trace.Info($"Store CA cert setting to '{certSettingFile}'"); setting.CACert = CACertificateFile; } if (!string.IsNullOrEmpty(ClientCertificateFile) && !string.IsNullOrEmpty(ClientCertificatePrivateKeyFile) && !string.IsNullOrEmpty(ClientCertificateArchiveFile)) { Trace.Info($"Store client cert settings to '{certSettingFile}'"); setting.ClientCert = ClientCertificateFile; setting.ClientCertPrivatekey = ClientCertificatePrivateKeyFile; setting.ClientCertArchive = ClientCertificateArchiveFile; if (!string.IsNullOrEmpty(ClientCertificatePassword)) { string lookupKey = Guid.NewGuid().ToString("D").ToUpperInvariant(); Trace.Info($"Store client cert private key password with lookup key {lookupKey}"); var credStore = HostContext.GetService <IAgentCredentialStore>(); credStore.Write($"VSTS_AGENT_CLIENT_CERT_PASSWORD_{lookupKey}", "VSTS", ClientCertificatePassword); setting.ClientCertPasswordLookupKey = lookupKey; } } if (SkipServerCertificateValidation || !string.IsNullOrEmpty(CACertificateFile) || !string.IsNullOrEmpty(ClientCertificateFile)) { IOUtil.SaveObject(setting, certSettingFile); File.SetAttributes(certSettingFile, File.GetAttributes(certSettingFile) | FileAttributes.Hidden); } }
// This should only be called from unconfig public void DeleteCertificateSetting() { string certSettingFile = HostContext.GetConfigFile(WellKnownConfigFile.Certificates); if (File.Exists(certSettingFile)) { Trace.Info($"Load agent certificate setting from '{certSettingFile}'"); var certSetting = IOUtil.LoadObject <AgentCertificateSetting>(certSettingFile); if (certSetting != null && !string.IsNullOrEmpty(certSetting.ClientCertPasswordLookupKey)) { Trace.Info("Delete client cert private key password from credential store."); var credStore = HostContext.GetService <IAgentCredentialStore>(); credStore.Delete($"VSTS_AGENT_CLIENT_CERT_PASSWORD_{certSetting.ClientCertPasswordLookupKey}"); } Trace.Info($"Delete cert setting file: {certSettingFile}"); IOUtil.DeleteFile(certSettingFile); } }
public void LoadProxyBypassList() { string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass); if (File.Exists(proxyBypassFile)) { Trace.Verbose($"Try read proxy bypass list from file: {proxyBypassFile}."); foreach (string bypass in File.ReadAllLines(proxyBypassFile)) { if (string.IsNullOrWhiteSpace(bypass)) { continue; } else { Trace.Info($"Bypass proxy for: {bypass}."); ProxyBypassList.Add(bypass.Trim()); } } } }
public void LoadProxyBypassList() { string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass); if (File.Exists(proxyBypassFile)) { Trace.Verbose($"Try read proxy bypass list from file: {proxyBypassFile}."); foreach (string bypass in File.ReadAllLines(proxyBypassFile).Where(value => !string.IsNullOrWhiteSpace(value)).Select(value => value.Trim())) { Trace.Info($"Bypass proxy for: {bypass}."); ProxyBypassList.Add(bypass.Trim()); } } var proxyBypassEnv = AgentKnobs.NoProxy.GetValue(HostContext).AsString(); foreach (string bypass in proxyBypassEnv.Split(new [] { ',', ';' }).Where(value => !string.IsNullOrWhiteSpace(value)).Select(value => value.Trim())) { Trace.Info($"Bypass proxy for: {bypass}."); ProxyBypassList.Add(bypass); } }
private void LoadProxySetting() { string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy); if (File.Exists(proxyConfigFile)) { // we expect the first line of the file is the proxy url Trace.Verbose($"Try read proxy setting from file: {proxyConfigFile}."); ProxyAddress = File.ReadLines(proxyConfigFile).FirstOrDefault() ?? string.Empty; ProxyAddress = ProxyAddress.Trim(); Trace.Verbose($"{ProxyAddress}"); } if (string.IsNullOrEmpty(ProxyAddress)) { Trace.Verbose("Try read proxy setting from environment variable: 'VSTS_HTTP_PROXY'."); ProxyAddress = Environment.GetEnvironmentVariable("VSTS_HTTP_PROXY") ?? string.Empty; ProxyAddress = ProxyAddress.Trim(); Trace.Verbose($"{ProxyAddress}"); } if (!string.IsNullOrEmpty(ProxyAddress) && !Uri.IsWellFormedUriString(ProxyAddress, UriKind.Absolute)) { Trace.Info($"The proxy url is not a well formed absolute uri string: {ProxyAddress}."); ProxyAddress = string.Empty; } if (!string.IsNullOrEmpty(ProxyAddress)) { Trace.Info($"Config proxy at: {ProxyAddress}."); string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials); if (File.Exists(proxyCredFile)) { string lookupKey = File.ReadAllLines(proxyCredFile).FirstOrDefault(); if (!string.IsNullOrEmpty(lookupKey)) { var credStore = HostContext.GetService <IAgentCredentialStore>(); var proxyCred = credStore.Read($"VSTS_AGENT_PROXY_{lookupKey}"); ProxyUsername = proxyCred.UserName; ProxyPassword = proxyCred.Password; } } if (string.IsNullOrEmpty(ProxyUsername)) { ProxyUsername = Environment.GetEnvironmentVariable("VSTS_HTTP_PROXY_USERNAME"); } if (string.IsNullOrEmpty(ProxyPassword)) { ProxyPassword = Environment.GetEnvironmentVariable("VSTS_HTTP_PROXY_PASSWORD"); } if (!string.IsNullOrEmpty(ProxyPassword)) { HostContext.SecretMasker.AddValue(ProxyPassword); } if (string.IsNullOrEmpty(ProxyUsername) || string.IsNullOrEmpty(ProxyPassword)) { Trace.Info($"Config proxy use DefaultNetworkCredentials."); } else { Trace.Info($"Config authentication proxy as: {ProxyUsername}."); } string proxyBypassFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyBypass); if (File.Exists(proxyBypassFile)) { Trace.Verbose($"Try read proxy bypass list from file: {proxyBypassFile}."); foreach (string bypass in File.ReadAllLines(proxyBypassFile)) { if (string.IsNullOrWhiteSpace(bypass)) { continue; } else { Trace.Info($"Bypass proxy for: {bypass}."); ProxyBypassList.Add(bypass.Trim()); } } } WebProxy = new AgentWebProxy(ProxyAddress, ProxyUsername, ProxyPassword, ProxyBypassList); } else { Trace.Info($"No proxy setting found."); } }
private void LoadProxySetting() { string proxyConfigFile = HostContext.GetConfigFile(WellKnownConfigFile.Proxy); if (File.Exists(proxyConfigFile)) { // we expect the first line of the file is the proxy url Trace.Verbose($"Try read proxy setting from file: {proxyConfigFile}."); ProxyAddress = File.ReadLines(proxyConfigFile).FirstOrDefault() ?? string.Empty; ProxyAddress = ProxyAddress.Trim(); Trace.Verbose($"{ProxyAddress}"); } if (string.IsNullOrEmpty(ProxyAddress)) { ProxyAddress = AgentKnobs.ProxyAddress.GetValue(HostContext).AsString(); Trace.Verbose($"Proxy address: {ProxyAddress}"); } if (!string.IsNullOrEmpty(ProxyAddress) && !Uri.IsWellFormedUriString(ProxyAddress, UriKind.Absolute)) { Trace.Error($"The proxy url is not a well formed absolute uri string: {ProxyAddress}."); ProxyAddress = string.Empty; } if (!string.IsNullOrEmpty(ProxyAddress)) { Trace.Info($"Config proxy at: {ProxyAddress}."); string proxyCredFile = HostContext.GetConfigFile(WellKnownConfigFile.ProxyCredentials); if (File.Exists(proxyCredFile)) { string lookupKey = File.ReadAllLines(proxyCredFile).FirstOrDefault(); if (!string.IsNullOrEmpty(lookupKey)) { var credStore = HostContext.GetService <IAgentCredentialStore>(); var proxyCred = credStore.Read($"VSTS_AGENT_PROXY_{lookupKey}"); ProxyUsername = proxyCred.UserName; ProxyPassword = proxyCred.Password; } } if (string.IsNullOrEmpty(ProxyUsername)) { ProxyUsername = AgentKnobs.ProxyUsername.GetValue(HostContext).AsString(); } if (string.IsNullOrEmpty(ProxyPassword)) { ProxyPassword = AgentKnobs.ProxyPassword.GetValue(HostContext).AsString(); } if (!string.IsNullOrEmpty(ProxyPassword)) { HostContext.SecretMasker.AddValue(ProxyPassword); } if (string.IsNullOrEmpty(ProxyUsername) || string.IsNullOrEmpty(ProxyPassword)) { Trace.Info($"Config proxy use DefaultNetworkCredentials."); } else { Trace.Info($"Config authentication proxy as: {ProxyUsername}."); } LoadProxyBypassList(); _agentWebProxy.Update(ProxyAddress, ProxyUsername, ProxyPassword, ProxyBypassList); } else { Trace.Info($"No proxy setting found."); } }