Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Host "sp-rest-proxy" as an independent web-app on Azure or pass authentication in configs to be used in CI/CD pipeline #141

Open
ashishpCACTUS opened this issue Feb 28, 2022 · 1 comment

Comments

@ashishpCACTUS
Copy link

Hi Andrew, Before I post my query I would like to thank you so much for developing this proxy. It has immensely helped us to move into Local development of SharePoint solutions and in past couple of years it has been working fantastically without any issues.

This request can be very much similar to the other open one - #139

We use this proxy inside a Angular solutions to route the SharePoint calls on the Local Dev. The local Dev is working properly. We have started using cypress/cucumber tool for Automation. The local automation work is also working fine. The issue is not with CI test integration with cypress.

Below is the CI sample GitHub workflow

`name: SharePoint CI

on:
push:
branches:
- CI_Testing

jobs:
cypress-run:
runs-on: ubuntu-latest
container: cypress/browsers:node14.15.0-chrome96-ff94
steps:
- name: Checkout
uses: actions/checkout@v2
# Install NPM dependencies, cache them correctly
# and run all Cypress tests
- name: Cypress run
uses: cypress-io/github-action@v2
with:
start: npm run start, npm run start2
wait-on: 'http://localhost:4200'
wait-on-timeout: 320
browser: chrome
spec: cypress/integration/executioncheck.spec.feature `

npm run start2 - command calls the node server.js and start the rest proxy.

Below is how proxy is configured

const RestProxy = require('sp-rest-proxy'); const settings = { configPath: './config/private.json', port: "8080", // Local server port }; const restProxy = new RestProxy(settings); restProxy.serve();

The proxy authentication is set locally into Add-in permission by running the proxy once and setting the permissions

Angular app proxy redirection:

{ "/sites/*": { "target": "http://localhost:8080", "secure": false, "changeOrigin": true, "logLevel": "debug", "pathRewrite": {"^/sites" : "http://localhost:8080/sites"} } }

Everything works fine... Starting the proxy, starting the angular app... Running the Test cases. The problem is at the proxy calls. Proxy calls return 'Unsupported security token' issue. I am not sure if setting the permissions locally and using the same config inside the GitHub action is causing the issue or something else.

I tried hosting the proxy as a web-app on Azure. (I know you don't recommend the same but with App minimal permission and to host the same on QA url with local clientID and secret set, I am ok to take that risk) . Here is the hosted site https://app-clsproxy.azurewebsites.net/
Even this provides the same issue. Sample relative endpoint '/_api/web/getUserById(9)?$expand=Groups'

I want to know, if it is possible to set the credentials locally and upload the credentials file onto a Azure app / CI pipeline will work ? Or is it possible to pass the credentials inside the settings file using GitHub secrets can work on the fly.

I dig through the code base / documentation to pass url and credentials through config but it didnt work.

We had developed a custom web-api using Node-SP-auth for connecting some Outlook addin to SharePoint. But these we had to write some custom logic thus we had opted for that solution. Currently the sp-rest-proxy solves our Development and Automation
needs on Local machines. If it can be configured to be used in the GitHub actions then it solves my case.

@koltyakov
Copy link
Owner

Hi @ashishpCACTUS,

Thanks for using sp-rest-proxy and good feedback.

Please check auth configuration via environment variables: https://github.com/koltyakov/node-sp-auth-config#environment-variables

Key things:

  • Password/secret is encoded using machine key with ethernet adapter as a fallback (the idea is to use locally and don't afraid accidental leak private JSON as it only can be decoded on the same machine), in environments such as Cloud/Kube encryption key might be new on a container restart
  • Creds prompt in a headless environment might lead to console stuck, headless mode must be turned on https://github.com/koltyakov/node-sp-auth-config#headless-mode
  • sp-rest-proxy is for local dev scenarios, please don't accidentally expose API anonymously, it's better start it with only access within CI runner on its localhost together with the app (e.g. https://github.com/koltyakov/sp-rest-proxy#webpack-dev-server)

Hope this helps.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants