Warn for http when used in source commands

[martinrrm]

Bug

Fixes: https://github.com/NuGet/Client.Engineering/issues/1622

Regression? Last working version:

Description

Added a warn when using HTTP sources in dotnet and nuget commands.

PR Checklist

• PR has a meaningful title

• PR has a linked issue.

• Described changes

• Tests

  • Automated tests added
  • OR
  • Test exception
  • OR
  • N/A

• Documentation

  • Documentation PR or issue filled
  • OR
  • N/A

[nkolev92]

Have we considered adding it to the list itself so that the warning is visible when the source isn't selected?

[zivkan]

The control is currently WinForms, with a custom renderer for each list item, so it's quite complex to change. I don't know how easy it would be to port this to WPF, which would make it a lot easier.

[kartheekp-ms]

I think we should split this PR into two. One PR for CLI experience and other one for VS experience. Looking at the screenshots in the PR description, I think it only addresses one scenario when user edits the URI scheme to HTTP. I think we should also consider displaying a warning icon next to the package source if it's URI Scheme is HTTP. Tagging @JonDouglas for inputs on VS experience.

[martinrrm]

Removed the UI changes and only left CLI changes

[nkolev92]

@NuGet/nuget-client
Please re-review this.

[donnie-msft]

split this PR into two. One PR for CLI experience and other one for VS experience. Looking at the screenshots in the PR description, I think it only addresses one scenario when user edits the URI scheme to HTTP. I think we should also

@martinrrm - This PR doesn't seem to affect the VS options dialog, so I disagree that it will fix the issue # 1154
@nkolev92 - I don't understand the reasoning my issue for VS was changed to include CLI & VS. If you still feel that's the case, how do you suggest this PR avoid closing the VS portion of the issue marked as "Fixes"?

[nkolev92]

@donnie-msft

We were capturing general scenarios for raising warnings. We want to do it all anyways.
We made that issue tackle source managing scenarios altogether.

I didn't want to create 2 or 3 different issues myself, as I didn't want to guess how many PRs these changes would take (by extension how many issues).

how do you suggest this PR avoid closing the VS portion of the issue marked as "Fixes"?

it's on @martinrrm as the issue assignee and PR author to ensure he has an issue for each PR as needed.

He can make that issue an epic and list 2-3 different issues, or he can just create one new issue and convert that particular issue back to a VS Options dialog specific.
This is bikeshedding imo.

[donnie-msft]

Nice! Just a few suggestions...

[nkolev92]

For what is worth, I also added a comment when I changed the scope of the issue

https://github.com/NuGet/Client.Engineering/issues/1154#issuecomment-1082259969

[donnie-msft]

@martinrrm based on Nikolche's response, I went ahead and restored 1154 back to being VS Options focused. Please create a new GH issue for the CLI side, and make this PR resolve it rather than the VS one. Thanks

[martinrrm]

@donnie-msft Thanks for the review! About the issue, I decided to separate it into two PRs, thank you for updating the PRs title. New issue: https://github.com/NuGet/Client.Engineering/issues/1622

[martinrrm]

Is this test fix correct? I think -Verbosity Quiet shows errors and warnings, right?

[donnie-msft]

My understanding - this isn't testing output, but it's testing that a config file contains a particular URL. I'm actually not sure this assertion belongs here. The test is kind of overloaded.

[kartheekp-ms]

I think -Verbosity Quiet shows errors and warnings, right?

Yup that is my understanding too.

[kartheekp-ms]

I guess this change is required for assert at line#605 to pass.

[donnie-msft]

nifty

[kartheekp-ms]

I think there are 2 different scenarios possible here. A single HTTP source or multiple HTTP sources. The following implementation has different messages for each case. Can we reuse the same functionality here?

NuGet.Client/src/NuGet.Core/NuGet.CommandLine.XPlat/Commands/PackageReferenceCommands/ListPackage/ListPackageCommandRunner.cs

Lines 180 to 198 in d970aa3

	if (httpPackageSources != null && httpPackageSources.Count != 0)
	{
	if (httpPackageSources.Count == 1)
	{
	listPackageArgs.Logger.LogWarning(
	string.Format(CultureInfo.CurrentCulture,
	Strings.Warning_HttpServerUsage,
	"list package",
	httpPackageSources[0]));
	}
	else
	{
	listPackageArgs.Logger.LogWarning(
	string.Format(CultureInfo.CurrentCulture,
	Strings.Warning_HttpServerUsage_MultipleSources,
	"list package",
	Environment.NewLine + string.Join(Environment.NewLine, httpPackageSources.Select(e => e.Name))));
	}
	}

[erdembayar]

By reading at code, it looks there is single source. If only single source is expected, then why bother creating new httpPackageSources list? it's unnecessary allocation.
Probably just do same thing you did in src/NuGet.Core/NuGet.Commands/SourcesCommands/SourceRunners.cs file.

[martinrrm]

This is the list command so there are multiple sources, here I'm iterating through all the sources and storing the HTTP sources in a new list so I can print them later

[kartheekp-ms]

I guess this change is required for assert at line#605 to pass.