fix: default endpoint [IDE-377]

[teodora-sandu]

Description

Changes the default auth host used when a custom endpoint is not provided so it's https://app.snyk.io instead of https://snyk.io and improves the computation logic for the URLs needed by the backend.

Re-enables the integration tests too so they run in the pipeline. They would have caught this bug before if they were enabled.

It's best to review this commit by commit.

Checklist

• Tests added and all succeed
• Linted
• CHANGELOG.md updated
• README.md updated, if user-facing

Screenshots / GIFs

Because of https://snyksec.atlassian.net/browse/IDE-354 it's important to restart VSCode when changing the organisation because the feature flag doesn't get updated in-between scans.

• without feature flag (stable LS)

  • without custom endpoint
    

  • with prod custom endpoint
    

  • with dev custom endpoint
    

• without feature flag (newest LS)

  • without custom endpoint
    

  • with prod custom endpoint
    

  • with dev custom endpoint
    

• with feature flag

  • without custom endpoint
    

  • with prod custom endpoint
    

  • with dev custom endpoint
    

[teodora-sandu]

This check is only for when the custom endpoint is provided, which is now only going to be api.*.snyk.io because of the validation we added in the Settings page. So it's irrelevant

[bastiandoetsch]

Just realized: this may be why fedramp is having problems right now - we need snykgov.io as valid domain :). But yeah, I think I need to look deeper into the code - settings and how it flows together.

[bastiandoetsch]

I think the integration tests in vscode never have worked. When I said that we should re-enable them, I thought we were talking about LS? Anyhoo, if you get them running, no harm done :D

[teodora-sandu]

I did say snyk-ls in my message on Slack but meant vscode-extension 🤦 But I added some new tests to VSCode that I would like to run in the pipeline so this is still useful if there's no harm done

[bastiandoetsch]

I think we should be a bit more supportive here - e.g. automatically transform "old" app.snyk.io endpoints into the new correct format to ease migration to the new rules. At least in IntelliJ, the new format & validation has been causing problems for some ppl. WDYT?

[teodora-sandu]

I could be missing something but in this case the customEndpoint will be exactly what's provided in the UI, which is validated anyway and can only be the new format (api.snyk.io). And so I don't think there's any situation in which the old format will be provided?

[teodora-sandu]

This function actually was not used anymore so I removed it from the code but the same answer could apply to #466 (comment) I think. Let me know what you think!

[bastiandoetsch]

Hm, what about people already having configured a custom endpoint? They would see a validation error without having changed anything. This may already happen, now, but I'd love to improve the UX.

[teodora-sandu]

I agree, in hindsight, that the validation is very inconvenient for customers who have the old endpoint configured. In https://snyksec.atlassian.net/browse/IDE-126 we said we want to enforce the new endpoint to be used, is there some other way we can enforce it while not breaking existing customer's setup?