Support single tenant instances

Author: r

README.md

@@ -78,6 +78,7 @@ The ZeroPath Security extension integrates the [ZeroPath](https://zeropath.com)
    - Navigate to Settings → API Tokens
    - Create a new API token if you don't have one
    - Click "Configure Credentials" in the VS Code sidebar
+   - (Optional) Enter a custom ZeroPath instance URL if using an enterprise deployment
    - Enter your Client ID and Client Secret
    - Select your version control system (GitHub, GitLab, Bitbucket, or Generic)
 
@@ -185,7 +186,7 @@ The extension automatically detects your Git repository and connects it to your
 The extension can be configured through VS Code settings:
 
 - `zeropath.vcs` - Primary VCS provider (github/gitlab/bitbucket/generic)
-- `zeropath.apiBaseUrl` - API base URL (default: https://zeropath.com)
+- `zeropath.apiBaseUrl` - API base URL (default: https://zeropath.com, can be configured during credential setup)
 - `zeropath.organizationId` - Organization ID (auto-detected from token)
 - `zeropath.defaultScanType` - Default scan type filter (FullScan/PrScan)
 

media/sidebar-backup.js

@@ -8,6 +8,7 @@ let filteredIssues = [];
 let selectedScanId = null;
 let expandedIssueId = null;
 let searchTerm = '';
+let baseUrl = 'https://zeropath.com'; // Default to zeropath.com
 
 // Send ready message when DOM is loaded
 document.addEventListener('DOMContentLoaded', () => {
@@ -21,6 +22,12 @@ window.addEventListener('message', event => {
     console.log('Received message:', message);
 
     switch (message.type) {
+        case 'config':
+            if (message.baseUrl) {
+                baseUrl = message.baseUrl;
+                console.log('Base URL set to:', baseUrl);
+            }
+            break;
         case 'loading':
             setLoading(message.loading);
             break;
@@ -243,7 +250,9 @@ function renderIssues(issues, scanId) {
 
             // Dashboard link
             if (issue.id) {
-                const dashboardUrl = 'https://zeropath.com/app/issues/' + issue.id;
+                // Ensure baseUrl doesn't end with a slash
+                const cleanBaseUrl = baseUrl.endsWith('/') ? baseUrl.slice(0, -1) : baseUrl;
+                const dashboardUrl = cleanBaseUrl + '/app/issues/' + issue.id;
                 expandedContent += '<div style="margin-bottom: 10px;">';
                 expandedContent += '<button data-url="' + escapeHtml(dashboardUrl) + '" style="background: var(--vscode-button-secondaryBackground); color: var(--vscode-button-secondaryForeground);">🔗 View in Dashboard</button>';
                 expandedContent += '</div>';

media/sidebar.js

@@ -8,6 +8,7 @@ let filteredIssues = [];
 let selectedScanId = null;
 let expandedIssueId = null;
 let searchTerm = '';
+let baseUrl = 'https://zeropath.com'; // Default to zeropath.com
 
 // Store patch data in memory instead of encoding it
 const patchDataStore = new Map();
@@ -24,6 +25,12 @@ window.addEventListener('message', event => {
     console.log('Received message:', message);
 
     switch (message.type) {
+        case 'config':
+            if (message.baseUrl) {
+                baseUrl = message.baseUrl;
+                console.log('Base URL set to:', baseUrl);
+            }
+            break;
         case 'loading':
             setLoading(message.loading);
             break;
@@ -306,7 +313,9 @@ function renderIssues(issues, scanId) {
                 dashboardLink.onclick = (e) => {
                     e.preventDefault();
                     e.stopPropagation();
-                    openExternal('https://zeropath.com/app/issues/' + issue.id);
+                    // Ensure baseUrl doesn't end with a slash
+                    const cleanBaseUrl = baseUrl.endsWith('/') ? baseUrl.slice(0, -1) : baseUrl;
+                    openExternal(cleanBaseUrl + '/app/issues/' + issue.id);
                 };
                 dashboardLinkDiv.appendChild(dashboardLink);
                 expandedDiv.appendChild(dashboardLinkDiv);

src/extension.ts

@@ -43,9 +43,6 @@ export function activate(context: vscode.ExtensionContext) {
 				if (replace !== 'Yes') { return; }
 			}
 
-			// Show a more informative message
-			vscode.window.showInformationMessage('Configure Zeropath Security credentials. You can get your API tokens from https://zeropath.com');
-			
 			const stored = await promptAndStoreCredentials(context.secrets);
 			if (stored) {
 				// Clear cache when new credentials are saved
@@ -67,7 +64,9 @@ export function activate(context: vscode.ExtensionContext) {
 					const config = vscode.workspace.getConfiguration('zeropath');
 					await config.update('vcs', vcsPick.value, vscode.ConfigurationTarget.Global);
 				}
-				vscode.window.showInformationMessage('Zeropath credentials saved successfully! You can now use the "View Scans & Issues" button to browse scans.');
+				const currentConfig = vscode.workspace.getConfiguration('zeropath');
+				const baseUrl = currentConfig.get<string>('apiBaseUrl', 'https://zeropath.com');
+				vscode.window.showInformationMessage(`Zeropath credentials saved successfully! Using instance: ${baseUrl}. You can now use the "View Scans & Issues" button to browse scans.`);
 
 				// Credentials saved successfully
 				}

src/sidebar.ts

@@ -82,6 +82,12 @@ export class ZeropathSidebarProvider implements vscode.WebviewViewProvider {
 		switch (message.type) {
 			case 'ready':
 				console.log('Zeropath: Webview ready message received');
+				
+				// Send configuration including base URL
+				const config = vscode.workspace.getConfiguration('zeropath');
+				const baseUrl = config.get<string>('apiBaseUrl', 'https://zeropath.com');
+				this.postMessage({ type: 'config', baseUrl: baseUrl });
+				
 				// Check if we should auto-load scans
 				if (this._shouldLoadScansOnReady) {
 					console.log('Zeropath: Auto-loading scans on ready');

src/zeropathApi.ts

@@ -173,9 +173,37 @@ export async function getConfiguredCredentials(secretStorage: vscode.SecretStora
 }
 
 export async function promptAndStoreCredentials(secretStorage: vscode.SecretStorage): Promise<ZeropathCredentials | undefined> {
+	const config = vscode.workspace.getConfiguration('zeropath');
+	const currentBaseUrl = config.get<string>('apiBaseUrl', 'https://zeropath.com');
+	
+	// First, ask for the base URL
+	const baseUrlInput = await vscode.window.showInputBox({
+		prompt: 'Enter ZeroPath Instance URL (press Enter for default)',
+		value: currentBaseUrl,
+		placeHolder: 'https://zeropath.com',
+		ignoreFocusOut: true,
+		validateInput: (value) => {
+			if (value && !value.startsWith('http://') && !value.startsWith('https://')) {
+				return 'URL must start with http:// or https://';
+			}
+			return undefined;
+		}
+	});
+	
+	// If user cancels, return undefined
+	if (baseUrlInput === undefined) { return undefined; }
+	
+	// Use the input value or default to zeropath.com
+	const baseUrl = baseUrlInput.trim() || 'https://zeropath.com';
+	
+	// Save the base URL to configuration
+	if (baseUrl !== currentBaseUrl) {
+		await config.update('apiBaseUrl', baseUrl, vscode.ConfigurationTarget.Global);
+	}
+	
 	const clientId = await vscode.window.showInputBox({
 		prompt: 'Enter Zeropath API Token Id',
-		placeHolder: 'Your API Token ID from https://zeropath.com',
+		placeHolder: `Your API Token ID from ${baseUrl}`,
 		ignoreFocusOut: true,
 		password: false,
 		validateInput: (value) => {