#4176 Add new option to disable SSL Validation in arguments

[rohitkrsoni]

This PR includes changes for addition of new option in the argument to disable SSL validation. ALL Tests Passed

Regarding new tests: I have doubts over the implementation of the change, if the change is approved, I will be writing the tests and complete any other additional requirements.

[rohitkrsoni]

@rohitkrsoni please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree [company="{your company}"]

Options:

• (default - no company specified) I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.

@microsoft-github-policy-service agree

• (when company given) I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer. By signing below, the defined term “You” includes me and my employer.

@microsoft-github-policy-service agree company="Microsoft"

Contributor License Agreement

@microsoft-github-policy-service agree

[baywet]

Thanks for the contributions!
A couple of initial comments.

[andrueastman]

Any chance you can also run dotnet format to fix the linting errors captured in the CI?

[rohitkrsoni]

Any chance you can also run dotnet format to fix the linting errors captured in the CI?

Done, Thanks

[pjmagee]

I agree with this, but it should be for every library. or at least allow to pass in the transport to disable SSL validation, some only allow you to pass in the proxy config but not configure the SSL Cert validation.

[baywet]

Can you also sign the CLA please? (see the bot comment)

[baywet]

Thanks for the changes.
We're getting close.
These classes also need to be updated:

• https://github.com/microsoft/kiota/blob/main/src/Kiota.Builder/Lock/KiotaLock.cs
• https://github.com/microsoft/kiota/blob/main/src/Kiota.Builder/Lock/KiotaLockComparer.cs

Also an entry needs to be added to the changelog

[rohitkrsoni]

Thanks for the changes. We're getting close. These classes also need to be updated:

• https://github.com/microsoft/kiota/blob/main/src/Kiota.Builder/Lock/KiotaLock.cs
• https://github.com/microsoft/kiota/blob/main/src/Kiota.Builder/Lock/KiotaLockComparer.cs

Also an entry needs to be added to the changelog

Hi @baywet, thanks for mentioning the files that needs to be changed but I didn't understand the functionality of Lock Files, could you please brief me about that, thanks

[baywet]

It's the file that's generated along with the client code. It effectively contains all the input parameters and a hash of the description. And the update command relies on it when refreshing the clients. This way if somebody generates with this option, and later on refreshes, they won't hit the SSL validation error.
All what needs to be done here is to add this additional property, and use it in the comparison.

[rohitkrsoni]

It's the file that's generated along with the client code. It effectively contains all the input parameters and a hash of the description. And the update command relies on it when refreshing the clients. This way if somebody generates with this option, and later on refreshes, they won't hit the SSL validation error. All what needs to be done here is to add this additional property, and use it in the comparison.

Thanks for the clarification, it makes sense now. I have done the changes.

[baywet]

Thanks for making the changes! @andrueastman for final review and merge

[rohitkrsoni]

Hi @baywet, One more thing, In download command handler, I am setting the value of --disable-ssl-option to Configuration.Download.DisableSSLValidation and we are also using search command in download command. but when checking the configuration in BaseKiotaCommandHandler.cs
https://github.com/rohitkrsoni/kiota/blob/8a0c7fa11c0210fc734689cb69d8b904bb69ce51/src/kiota/Handlers/BaseKiotaCommandHandler.cs#L65-L77
I am only checking for Configuration.Generation.DisableSSLValidation which will not work for download. I am unable to test the download command locally
Getting this error:

Will it be fine If I change the check to something like
if (Configuration.Generation.DisableSSLValidation || Configuration.Download.DisableSSLValidation )
Or there are some other option to check the value of DiasbleSSLValidation in all configs?

Sorry for the inconvenience, these things are hitting me at last :(

[rohitkrsoni]

Working Screenshots:
Show Command:

Generate Command:

[baywet]

For the search command I don't think we want to be able to disable the SSL validation at this point.
Search talks to GitHub APIs, and the certificate chain should be valid.
Subsequently, download is meant to download one of the search results. And at the moment all those search results will be hosted on GitHub or production services, with valid certificates.
Thanks for the extended testing on this

[andrueastman]

Thanks for the contribution @rohitkrsoni