Add support for custom root certificate in GitHub Copilot for Xcode

Fixes github#95 Add support for specifying extra CA certificates in GitHub Copilot for Xcode. * Add a new `@AppStorage` property for `nodeExtraCaCerts` in `Core/Sources/HostApp/AdvancedSettings/EnterpriseSection.swift`. * Add a new `SettingsTextField` for "Node extra CA certs" in `Core/Sources/HostApp/AdvancedSettings/EnterpriseSection.swift`. * Add a new function `nodeExtraCaCertsChanged` to handle changes in `Core/Sources/HostApp/AdvancedSettings/EnterpriseSection.swift`. * Add a new environment variable `NODE_EXTRA_CA_CERTS` in `Tool/Sources/GitHubCopilotService/LanguageServer/GitHubCopilotService.swift`. * Update the `environment` dictionary to include `nodeExtraCaCerts` in `Tool/Sources/GitHubCopilotService/LanguageServer/GitHubCopilotService.swift`. * Add a new preference key `nodeExtraCaCerts` in `Tool/Sources/Preferences/Keys.swift`. --- For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/github/CopilotForXcode/issues/95?shareId=XXXX-XXXX-XXXX-XXXX).
zkhin · Jan 14, 2025 · de50527 · de50527
1 parent dfe1195
commit de50527
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 7 deletions.
diff --git a/Core/Sources/HostApp/AdvancedSettings/EnterpriseSection.swift b/Core/Sources/HostApp/AdvancedSettings/EnterpriseSection.swift
@@ -4,19 +4,25 @@ import Toast
 
 struct EnterpriseSection: View {
     @AppStorage(\.gitHubCopilotEnterpriseURI) var gitHubCopilotEnterpriseURI
+    @AppStorage(\.nodeExtraCaCerts) var nodeExtraCaCerts
     @Environment(\.toast) var toast
 
     var body: some View {
         SettingsSection(title: "Enterprise") {
             SettingsTextField(
                 title: "Auth provider URL",
                 prompt: "https://your-enterprise.ghe.com",
-                text: DebouncedBinding($gitHubCopilotEnterpriseURI, handler: urlChanged).binding
+                text: DebouncedBinding($gitHubCopilotEnterpriseURI, handler: enterpriseUrlChanged).binding
+            )
+            SettingsTextField(
+                title: "Node extra CA certs",
+                prompt: "Path to extra CA certs (requires restart)",
+                text: DebouncedBinding($nodeExtraCaCerts, handler: nodeExtraCaCertsChanged).binding
             )
         }
     }
 
-    func urlChanged(_ url: String) {
+    func enterpriseUrlChanged(_ url: String) {
         if !url.isEmpty {
             validateAuthURL(url)
         }
@@ -26,6 +32,13 @@ struct EnterpriseSection: View {
         )
     }
 
+    func nodeExtraCaCertsChanged(_ path: String) {
+        NotificationCenter.default.post(
+            name: .gitHubCopilotShouldRefreshEditorInformation,
+            object: nil
+        )
+    }
+
     func validateAuthURL(_ url: String) {
         let maybeURL = URL(string: url)
         guard let parsedURl = maybeURL else {

diff --git a/Tool/Sources/GitHubCopilotService/LanguageServer/GitHubCopilotService.swift b/Tool/Sources/GitHubCopilotService/LanguageServer/GitHubCopilotService.swift
@@ -130,6 +130,8 @@ public class GitHubCopilotBaseService {
             let home = ProcessInfo.processInfo.homePath
             let versionNumber = JSONValue(stringLiteral: Bundle.main.infoDictionary?["CFBundleShortVersionString"] as? String ?? "")
             let xcodeVersion = JSONValue(stringLiteral: SystemInfo().xcodeVersion() ?? "")
+            let nodeExtraCaCerts: String = UserDefaults.shared.value(for: \.nodeExtraCaCerts)
+            let nodeExtraCaCertMap: [String: String] = nodeExtraCaCerts.isEmpty ? [:] : ["NODE_EXTRA_CA_CERTS": nodeExtraCaCerts]
 
             #if DEBUG
             // Use local language server if set and available
@@ -145,13 +147,13 @@ public class GitHubCopilotBaseService {
                 }
             }
             // Set debug port and verbose when running in debug
-            let environment: [String: String] = ["HOME": home, "GH_COPILOT_DEBUG_UI_PORT": "8080", "GH_COPILOT_VERBOSE": "true"]
+            let environment: [String: String] = ["HOME": home, "GH_COPILOT_DEBUG_UI_PORT": "8080", "GH_COPILOT_VERBOSE": "true"].merging(nodeExtraCaCertMap) { _, new in new }
             #else
-            let environment: [String: String] = if UserDefaults.shared.value(for: \.verboseLoggingEnabled) {
+            let environment: [String: String] = (if UserDefaults.shared.value(for: \.verboseLoggingEnabled) {
                 ["HOME": home, "GH_COPILOT_VERBOSE": "true"]
             } else {
                 ["HOME": home]
-            }
+            }).merging(nodeExtraCaCertMap) { _, new in new }
             #endif
 
             let executionParams = Process.ExecutionParameters(
@@ -276,7 +278,7 @@ public class GitHubCopilotBaseService {
 }
 
 public final class GitHubCopilotService: GitHubCopilotBaseService,
-                                         GitHubCopilotSuggestionServiceType, GitHubCopilotConversationServiceType, GitHubCopilotAuthServiceType
+                                          GitHubCopilotSuggestionServiceType, GitHubCopilotConversationServiceType, GitHubCopilotAuthServiceType
 {
 
     private var ongoingTasks = Set<Task<[CodeSuggestion], Error>>()
@@ -695,4 +697,3 @@ extension InitializingServer: GitHubCopilotLSP {
         try await sendRequest(endpoint.request)
     }
 }
-
diff --git a/Tool/Sources/Preferences/Keys.swift b/Tool/Sources/Preferences/Keys.swift
@@ -551,6 +551,10 @@ public extension UserDefaultPreferenceKeys {
         .init(defaultValue: "", key: "GitHubCopilotEnterpriseURI")
     }
 
+    var nodeExtraCaCerts: PreferenceKey<String> {
+        .init(defaultValue: "", key: "NodeExtraCaCerts")
+    }
+
     var verboseLoggingEnabled: PreferenceKey<Bool> {
         .init(defaultValue: false, key: "VerboseLoggingEnabled")
     }