fix: migrate ot openapi-typescript and openapi-fetch

Signed-off-by: Denis Golovin <dgolovin@redhat.com>

Author: dgolovin

.gitignore

@@ -7,4 +7,4 @@ redhat-authentication.cdix
 tests/**/output
 test-resources
 test-results
- 
+src/rh-api/gen 

package.json

@@ -34,7 +34,9 @@
     }
   },
   "scripts": {
-    "build": "vite build && node ./scripts/build.cjs",
+    "generate:registry-authorizer": "npx openapi-typescript src/rh-api/registry-authorizer-schema.json -o src/rh-api/gen/registry-authorizer.d.ts",
+    "generate:subscription": "npx openapi-typescript src/rh-api/subscription-schema.json -o src/rh-api/gen/subscription.d.ts",
+    "build": "pnpm generate:subscription && pnpm generate:registry-authorizer && vite build && node ./scripts/build.cjs",
     "watch": "vite build -w",
     "format:check": "prettier --end-of-line auto --cache --check \"{src,types,scripts}/**/*.{ts,js}\"",
     "format:fix": "prettier --cache --write \"{src,types,scripts}/**/*.{ts,js}\"",
@@ -49,11 +51,10 @@
   "dependencies": {
     "@podman-desktop/api": "^1.14.1",
     "@podman-desktop/podman-extension-api": "^1.14.2",
-    "@redhat-developer/rhcra-client": "^0.0.1",
-    "@redhat-developer/rhsm-client": "^0.0.4",
     "axios": "^1.8.2",
     "js-yaml": "^4.1.0",
     "object-hash": "3.0.0",
+    "openapi-fetch": "^0.13.4",
     "openid-client": "^5.7.0"
   },
   "devDependencies": {

pnpm-lock.yaml

@@ -20,12 +20,12 @@
 
 import type { AuthenticationGetSessionOptions, AuthenticationSession, ExtensionContext } from '@podman-desktop/api';
 import { authentication, commands } from '@podman-desktop/api';
-import { OrganizationService } from '@redhat-developer/rhsm-client';
 import { afterEach, beforeEach, expect, suite, test, vi } from 'vitest';
 
 import * as extension from './extension';
 import * as podmanCli from './podman-cli';
-import * as subscription from './subscription';
+import { Organization } from './rh-api/subscription';
+import * as subscription from './rh-api/subscription';
 import { ExtensionTelemetryLogger } from './telemetry';
 import * as util from './util';
 
@@ -180,8 +180,18 @@ suite('signin command telemetry reports', () => {
       },
     );
     vi.spyOn(subscription, 'isRedHatRegistryConfigured').mockReturnValue(true);
-    vi.spyOn(podmanCli, 'getConnectionForRunningPodmanMachine').mockReturnValue('machine1');
-    vi.spyOn(OrganizationService.prototype, 'checkOrgScaCapability').mockResolvedValue({ body: {} });
+    vi.spyOn(podmanCli, 'getConnectionForRunningPodmanMachine').mockReturnValue({
+      providerId: '1',
+      connection: {
+        name: 'machine1',
+        type: 'podman',
+        endpoint: {
+          socketPath: '/path/to/the/socket',
+        },
+        status: () => 'started',
+      },
+    });
+    vi.spyOn(Organization.prototype, 'checkOrgScaCapability').mockResolvedValue({ body: {} });
     await extension.activate(createExtContext());
     expect(commandFunctionCopy!).toBeDefined();
     await commandFunctionCopy!();

src/extension.spec.ts

@@ -17,9 +17,6 @@
  ***********************************************************************/
 
 import * as extensionApi from '@podman-desktop/api';
-import type { ServiceAccountV1 } from '@redhat-developer/rhcra-client';
-import { ContainerRegistryAuthorizerClient } from '@redhat-developer/rhcra-client';
-import { SubscriptionManagerClient } from '@redhat-developer/rhsm-client';
 
 import icon from '../icon.png';
 import { onDidChangeSessions, RedHatAuthenticationService } from './authentication-service';
@@ -35,10 +32,11 @@ import {
   runSubscriptionManagerRegister,
   runSubscriptionManagerUnregister,
 } from './podman-cli';
+import { ContainerRegistryAuthorizerClient } from './rh-api/registry-authorizer';
+import { isRedHatRegistryConfigured, REGISTRY_REDHAT_IO, SubscriptionManagerClient } from './rh-api/subscription';
 import { SSOStatusBarItem } from './status-bar-item';
-import { isRedHatRegistryConfigured, REGISTRY_REDHAT_IO, signIntoRedHatDeveloperAccount } from './subscription';
 import { ExtensionTelemetryLogger as TelemetryLogger } from './telemetry';
-import { isLinux } from './util';
+import { isLinux, signIntoRedHatDeveloperAccount } from './util';
 
 interface JwtToken {
   organization: {
@@ -96,29 +94,32 @@ function removeRegistry(serverUrl: string = REGISTRY_REDHAT_IO): void {
 async function createOrReuseRegistryServiceAccount(): Promise<void> {
   const currentSession = await signIntoRedHatDeveloperAccount();
   const accessTokenJson = parseJwt(currentSession!.accessToken);
-  const client = new ContainerRegistryAuthorizerClient({
+  const { serviceAccountsApiV1: saApiV1 } = new ContainerRegistryAuthorizerClient({
     BASE: 'https://access.redhat.com/hydra/rest/terms-based-registry',
     TOKEN: currentSession!.accessToken,
   });
-  const saApiV1 = client.serviceAccountsApiV1;
-  let selectedServiceAccount: ServiceAccountV1 | undefined;
-  try {
-    selectedServiceAccount = await saApiV1.serviceAccountByNameUsingGet1(
-      'podman-desktop',
-      accessTokenJson.organization.id,
-    );
-  } catch (err) {
+  let { data: serviceAccount } = await saApiV1.serviceAccountByNameUsingGet1(
+    'podman-desktop',
+    accessTokenJson.organization.id,
+  );
+
+  if (!serviceAccount) {
     // ignore error when there is no podman-desktop service account yet
-    selectedServiceAccount = await saApiV1.createServiceAccountUsingPost1({
+    const { data: createdServiceAccount } = await saApiV1.createServiceAccountUsingPost1({
       name: 'podman-desktop',
       description: 'Service account to use from Podman Desktop',
       redHatAccountId: accessTokenJson.organization.id,
     });
+    if (createdServiceAccount) {
+      serviceAccount = createdServiceAccount;
+    } else {
+      throw new Error(`Can't create registry authorizer service account.`);
+    }
   }
 
   await createRegistry(
-    selectedServiceAccount!.credentials!.username!,
-    selectedServiceAccount!.credentials!.password!,
+    serviceAccount!.credentials!.username!,
+    serviceAccount!.credentials!.password!,
     currentSession.account.label,
   );
 }
@@ -131,20 +132,20 @@ async function createOrReuseActivationKey(connection: extensionApi.ProviderConta
     TOKEN: currentSession!.accessToken,
   });
 
-  try {
-    await client.activationKey.showActivationKey('podman-desktop');
-    // podman-desktop activation key exists
-  } catch (err) {
-    // ignore and continue with activation key creation
-    // TODO: add check that used role and usage exists in organization
-    await client.activationKey.createActivationKeys({
+  const { error: showKeyErr } = await client.activationKey.showActivationKey('podman-desktop');
+
+  if (showKeyErr) {
+    // error is undefined when activation key already exists
+    const { error: createKeyErr } = await client.activationKey.createActivationKeys({
       name: 'podman-desktop',
       role: 'RHEl Workstation',
       usage: 'Development/Test',
       serviceLevel: 'Self-Support',
     });
+    if (createKeyErr) {
+      throw new Error(createKeyErr.error?.message);
+    }
   }
-
   await runSubscriptionManagerRegister(connection, 'podman-desktop', accessTokenJson.organization.id);
 }
 
@@ -154,8 +155,8 @@ async function isSimpleContentAccessEnabled(): Promise<boolean> {
     BASE: 'https://console.redhat.com/api/rhsm/v2',
     TOKEN: currentSession!.accessToken,
   });
-  const response = await client.organization.checkOrgScaCapability();
-  return !!response.body && response.body.simpleContentAccess === 'enabled';
+  const data = await client.organization.checkOrgScaCapability();
+  return data?.body?.simpleContentAccess === 'enabled';
 }
 
 async function isSubscriptionManagerInstalled(connection: extensionApi.ProviderContainerConnection): Promise<boolean> {

src/extension.ts

@@ -0,0 +1,63 @@
+/**********************************************************************
+ * Copyright (C) 2024-2025 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ ***********************************************************************/
+/* eslint-disable @typescript-eslint/explicit-function-return-type */
+
+import createClient from 'openapi-fetch';
+
+import type { paths } from './gen/registry-authorizer';
+import { ClientHolder } from './utils';
+
+export const REGISTRY_REDHAT_IO1 = 'registry.redhat.io';
+
+class ServiceAccountApiV1 extends ClientHolder<paths> {
+  serviceAccountByNameUsingGet1(name: string, rhAccountId: string) {
+    return this.client.GET('/v1/service-accounts/{rhAccountId}/{name}', {
+      params: {
+        path: {
+          name,
+          rhAccountId,
+        },
+      },
+    });
+  }
+
+  createServiceAccountUsingPost1(body: { name: string; description: string; redHatAccountId: string }) {
+    return this.client.POST('/v1/service-accounts', {
+      body,
+    });
+  }
+
+  removeServiceAccountUsingDelete1(name: string, rhAccountId: string) {
+    return this.client.DELETE('/v1/service-accounts/{rhAccountId}/{name}', {
+      params: {
+        path: {
+          name,
+          rhAccountId,
+        },
+      },
+    });
+  }
+}
+
+export class ContainerRegistryAuthorizerClient extends ClientHolder<paths> {
+  public serviceAccountsApiV1: ServiceAccountApiV1;
+  constructor(options: { BASE: string; TOKEN: string }) {
+    super(createClient<paths>({ baseUrl: options.BASE }), options.TOKEN);
+    this.serviceAccountsApiV1 = new ServiceAccountApiV1(this.client);
+  }
+}

src/rh-api/registry-authorizer-schema.json

@@ -1,5 +1,5 @@
 /**********************************************************************
- * Copyright (C) 2024 Red Hat, Inc.
+ * Copyright (C) 2024-2025 Red Hat, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,27 +15,18 @@
  *
  * SPDX-License-Identifier: Apache-2.0
  ***********************************************************************/
+/* eslint-disable @typescript-eslint/explicit-function-return-type */
 
 import { accessSync, constants, readFileSync } from 'node:fs';
 import { homedir } from 'node:os';
 import path from 'node:path';
 
-import * as extensionApi from '@podman-desktop/api';
+import createClient from 'openapi-fetch';
 
-export const REGISTRY_REDHAT_IO = 'registry.redhat.io';
+import type { paths } from './gen/subscription';
+import { ClientHolder } from './utils';
 
-export async function signIntoRedHatDeveloperAccount(
-  createIfNone = true,
-): Promise<extensionApi.AuthenticationSession | undefined> {
-  return extensionApi.authentication.getSession(
-    'redhat.authentication-provider',
-    [
-      'api.iam.registry_service_accounts', //scope that gives access to hydra service accounts API
-      'api.console',
-    ], // scope that gives access to console.redhat.com APIs
-    { createIfNone },
-  );
-}
+export const REGISTRY_REDHAT_IO = 'registry.redhat.io';
 
 // TODO: add listRegistries to registry API to allow search by
 // registry URL
@@ -59,3 +50,35 @@ export function isRedHatRegistryConfigured(): boolean {
   }
   return configured;
 }
+
+export class ActivationKey extends ClientHolder<paths> {
+  async createActivationKeys(body: { name: string; role: string; usage: string; serviceLevel: string }) {
+    return this.client.POST('/activation_keys', { body });
+  }
+  showActivationKey(name: string) {
+    return this.client.GET('/activation_keys/{name}', {
+      params: {
+        path: {
+          name,
+        },
+      },
+    });
+  }
+}
+
+export class Organization extends ClientHolder<paths> {
+  async checkOrgScaCapability() {
+    const response = await this.client.GET('/organization');
+    return response.data;
+  }
+}
+
+export class SubscriptionManagerClient extends ClientHolder<paths> {
+  activationKey: ActivationKey;
+  organization: Organization;
+  constructor(options: { BASE: string; TOKEN: string }) {
+    super(createClient<paths>({ baseUrl: options.BASE }), options.TOKEN);
+    this.activationKey = new ActivationKey(this.client);
+    this.organization = new Organization(this.client);
+  }
+}

src/rh-api/registry-authorizer.ts

@@ -0,0 +1,34 @@
+/**********************************************************************
+ * Copyright (C) 2025 Red Hat, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ ***********************************************************************/
+
+import type { Client } from 'openapi-fetch';
+
+export class ClientHolder<T extends object> {
+  protected client: Client<T>;
+  constructor(client: Client<T>, token?: string) {
+    this.client = client;
+    if (token) {
+      this.client.use({
+        onRequest({ request }) {
+          request.headers.set('Authorization', `Bearer ${token}`);
+          return request;
+        },
+      });
+    }
+  }
+}

src/rh-api/subscription-schema.json

@@ -1,5 +1,5 @@
 /**********************************************************************
- * Copyright (C) 2024 Red Hat, Inc.
+ * Copyright (C) 2024-2025 Red Hat, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,6 +18,9 @@
 
 import { platform } from 'node:os';
 
+import type { AuthenticationSession } from '@podman-desktop/api';
+import { authentication } from '@podman-desktop/api';
+
 const windows = platform() === 'win32';
 export function isWindows(): boolean {
   return windows;
@@ -30,3 +33,14 @@ const linux = platform() === 'linux';
 export function isLinux(): boolean {
   return linux;
 }
+
+export async function signIntoRedHatDeveloperAccount(createIfNone = true): Promise<AuthenticationSession | undefined> {
+  return authentication.getSession(
+    'redhat.authentication-provider',
+    [
+      'api.iam.registry_service_accounts', //scope that gives access to hydra service accounts API
+      'api.console',
+    ], // scope that gives access to console.redhat.com APIs
+    { createIfNone },
+  );
+}