Steve: Fix healthcheck

When we request Steve at the HTTP port, if HTTPS is enabled, it just tries
to redirect us to the HTTPS port instead.  Therefore we should just disable
the HTTP port completely (we never use it, and we do not expect external
users); instead, we try the HTTPS port for the health check.

Signed-off-by: Mark Yen <mark.yen@suse.com>

Author: mook-as

background.ts

@@ -228,10 +228,10 @@ Electron.app.whenReady().then(async() => {
     // Check for required OS versions and features
     await checkPrerequisites();
 
-    DashboardServer.getInstance().init();
-
     await setupNetworking();
 
+    DashboardServer.getInstance().init();
+
     try {
       deploymentProfiles = await readDeploymentProfiles();
     } catch (ex: any) {
@@ -1277,12 +1277,14 @@ function newK8sManager() {
 
         if (enabledK8s) {
           try {
-            const [steveHttpsPort, steveHttpPort] = await getAvailablePorts(2);
-
-            console.log(`Steve ports: HTTPS=${ steveHttpsPort } HTTP=${ steveHttpPort }`);
-            await Steve.getInstance().start(steveHttpsPort, steveHttpPort);
-            DashboardServer.getInstance().setStevePort(steveHttpsPort); // recreate proxy middleware
-            setSteveCertPort(steveHttpsPort); // update certificate-error allowed URLs
+            const [stevePort] = await getAvailablePorts(1);
+
+            console.log(`Steve HTTPS port: ${ stevePort }`);
+            // Set the Steve HTTPS port for certificate checking before setting
+            // up Steve itself.
+            setSteveCertPort(stevePort);
+            await Steve.getInstance().start(stevePort);
+            DashboardServer.getInstance().setStevePort(stevePort); // recreate proxy middleware
           } catch (ex) {
             console.error('Failed to start Steve:', ex);
           }

pkg/rancher-desktop/backend/steve.ts

@@ -1,9 +1,10 @@
 import { ChildProcess, spawn } from 'child_process';
-import http from 'http';
 import os from 'os';
 import path from 'path';
 import { setTimeout } from 'timers/promises';
 
+import Electron from 'electron';
+
 import K3sHelper from '@pkg/backend/k3sHelper';
 import Logging from '@pkg/utils/logging';
 import paths from '@pkg/utils/paths';
@@ -19,7 +20,6 @@ export class Steve {
 
   private isRunning: boolean;
   private httpsPort = 0;
-  private httpPort = 0;
 
   private constructor() {
     this.isRunning = false;
@@ -41,9 +41,8 @@ export class Steve {
    * @description Starts the Steve API if one is not already running.
    * Returns only after Steve is ready to accept connections.
    * @param httpsPort The HTTPS port for Steve to listen on.
-   * @param httpPort The HTTP port for Steve to listen on.
    */
-  public async start(httpsPort: number, httpPort: number) {
+  public async start(httpsPort: number) {
     const { pid } = this.process || { };
 
     if (this.isRunning && pid) {
@@ -53,7 +52,6 @@ export class Steve {
     }
 
     this.httpsPort = httpsPort;
-    this.httpPort = httpPort;
 
     const osSpecificName = /^win/i.test(os.platform()) ? 'steve.exe' : 'steve';
     const stevePath = path.join(paths.resources, os.platform(), 'internal', osSpecificName);
@@ -76,7 +74,7 @@ export class Steve {
         '--https-listen-port',
         String(httpsPort),
         '--http-listen-port',
-        String(httpPort),
+        '0', // Disable HTTP support; it does not work correctly anyway.
       ],
       { env },
     );
@@ -129,7 +127,7 @@ export class Steve {
       }
 
       if (await this.isPortReady()) {
-        console.debug(`Steve is ready after ${ attempt } attempt(s)`);
+        console.debug(`Steve is ready after ${ attempt } / ${ maxAttempts } attempt(s)`);
 
         return;
       }
@@ -149,24 +147,43 @@ export class Steve {
    * schema controller has registered it.
    */
   private isPortReady(): Promise<boolean> {
+    // Steve's HTTP port just redirects to HTTPS, so we might as well go to the
+    // HTTPS port directly.  We will need to ignore certificate errors; however,
+    // neither the NodeJS stack nor Electron.net.request() would pass through
+    // the `Electron.app.on('certificate-error', ...)` handler, so we cannot use
+    // the normal certificate handling for this health check.  Instead, we
+    // create a temporary session with a certificate verify proc that ignores
+    // errors, and use that session for the health check request.
     return new Promise((resolve) => {
-      const req = http.request({
+      const session = Electron.session.fromPartition('steve-healthcheck', { cache: false });
+
+      session.setCertificateVerifyProc((request, callback) => {
+        if (request.hostname === '127.0.0.1') {
+          // We do not have any more information to narrow down the certificate;
+          // given that we're doing this in a private partition, it should be
+          // safe to allow all localhost certificates.  In particular, we do not
+          // get access to the port number, and all the Steve certificates have
+          // generic fields (e.g. subject).
+          callback(0);
+        } else {
+          // Unexpected request; not sure how this could happen in a new session,
+          // but we can at least pretend to do the right thing.
+          callback(-3); // Use Chromium's default verification.
+        }
+      });
+
+      const req = Electron.net.request({
+        protocol: 'https:',
         hostname: '127.0.0.1',
-        port:     this.httpPort,
+        port:     this.httpsPort,
         path:     '/v1/namespaces',
         method:   'GET',
-        timeout:  1000,
-        agent:    false,
-      }, (res) => {
-        res.resume();
-        resolve(res.statusCode === 200);
+        redirect: 'error',
+        session,
       });
 
+      req.on('response', (res) => resolve(res.statusCode === 200));
       req.on('error', () => resolve(false));
-      req.on('timeout', () => {
-        req.destroy();
-        resolve(false);
-      });
       req.end();
     });
   }