inherit from electron

Author: samgst-amazon

packages/core/src/amazonq/lsp/lspClient.ts

@@ -262,6 +262,7 @@ export async function activate(extensionContext: ExtensionContext, resourcePaths
         // TODO(jmkeyes): we always use the debug options...?
         execArgv: debugOptions.execArgv,
         warnThresholds: { memory: memoryWarnThreshold },
+        env: (resourcePaths as any).env,
     })
 
     const documentSelector = [{ scheme: 'file', language: '*' }]

packages/core/src/shared/lsp/baseLspInstaller.ts

@@ -24,6 +24,24 @@ export abstract class BaseLspInstaller<T extends ResourcePaths = ResourcePaths,
         this.logger = getLogger(loggerName)
     }
 
+    /**
+     * Gets environment settings for the Node.js process
+     */
+    protected getProxyEnvironment(): Record<string, string> {
+        const env: Record<string, string> = {}
+
+        // Get SSL settings from VS Code
+        const httpSettings = vscode.workspace.getConfiguration('http')
+        const strictSSL = httpSettings.get<boolean>('proxyStrictSSL', true)
+
+        // Handle SSL certificate verification
+        if (!strictSSL) {
+            env.NODE_TLS_REJECT_UNAUTHORIZED = '0'
+        }
+
+        return env
+    }
+
     async resolve(): Promise<LspResolution<T>> {
         const { id, manifestUrl, supportedVersions, path, suppressPromptPrefix } = this.config
         if (path) {
@@ -35,6 +53,7 @@ export abstract class BaseLspInstaller<T extends ResourcePaths = ResourcePaths,
                 location: 'override',
                 version: '0.0.0',
                 resourcePaths: this.resourcePaths(),
+                env: this.getProxyEnvironment(),
             }
         }
 
@@ -73,6 +92,7 @@ export abstract class BaseLspInstaller<T extends ResourcePaths = ResourcePaths,
             // }
             // ```
             resourcePaths: this.resourcePaths(assetDirectory),
+            env: this.getProxyEnvironment(),
         }
         return r
     }

packages/core/src/shared/lsp/types.ts

@@ -52,6 +52,10 @@ export interface LspResolution<T extends ResourcePaths> extends LspResult {
      * ```
      */
     resourcePaths: T
+    /**
+     * Environment variables to pass to the Node.js process, including proxy settings
+     */
+    env?: Record<string, string>
 }
 
 export interface TargetContent {

packages/core/src/shared/lsp/utils/platform.ts

@@ -81,26 +81,97 @@ export async function validateNodeExe(nodePath: string[], lsp: string, args: str
     }
 }
 
+/**
+ * Gets Electron settings from VS Code
+ */
+export function getElectronSettings(): { caCerts?: string; proxyRules?: string; proxyBypassRules?: string } {
+    try {
+        // Access Electron's modules through VSCode's API
+        // @ts-ignore - This is a valid access pattern in VSCode extensions
+        const electron = require('electron')
+        const result: { caCerts?: string; proxyRules?: string; proxyBypassRules?: string } = {}
+
+        // Get certificates
+        if (electron?.net?.getCACertificates) {
+            const certs = electron.net.getCACertificates()
+            if (certs && certs.length > 0) {
+                // Convert the certificates to PEM format
+                result.caCerts = certs
+                    .map((cert: any) => cert.pemEncoded)
+                    .filter(Boolean)
+                    .join('\n')
+            }
+        }
+
+        // Get proxy settings from Electron
+        if (electron?.session?.defaultSession?.getProxyRules) {
+            result.proxyRules = electron.session.defaultSession.getProxyRules()
+        }
+
+        if (electron?.session?.defaultSession?.getProxyBypassRules) {
+            result.proxyBypassRules = electron.session.defaultSession.getProxyBypassRules()
+        }
+
+        return result
+    } catch (err) {
+        // Silently fail if we can't access Electron
+        return {}
+    }
+}
+
 export function createServerOptions({
     encryptionKey,
     executable,
     serverModule,
     execArgv,
     warnThresholds,
+    env,
 }: {
     encryptionKey: Buffer
     executable: string[]
     serverModule: string
     execArgv: string[]
     warnThresholds?: { cpu?: number; memory?: number }
+    env?: Record<string, string>
 }) {
     return async () => {
         const bin = executable[0]
         const args = [...executable.slice(1), serverModule, ...execArgv]
         if (isDebugInstance()) {
             args.unshift('--inspect=6080')
         }
-        const lspProcess = new ChildProcess(bin, args, { warnThresholds })
+
+        // Merge environment variables
+        const processEnv = { ...process.env }
+        if (env) {
+            Object.assign(processEnv, env)
+        }
+
+        // Get Electron settings (certificates and proxy)
+        const electronSettings = getElectronSettings()
+
+        // Add system CA certificates to the Node process if not already set
+        if (!processEnv.NODE_EXTRA_CA_CERTS && electronSettings.caCerts) {
+            processEnv.NODE_EXTRA_CA_CERTS = electronSettings.caCerts
+        }
+
+        // Add Electron proxy settings to the Node process
+        if (electronSettings.proxyRules && !processEnv.HTTP_PROXY) {
+            processEnv.HTTP_PROXY = electronSettings.proxyRules
+            processEnv.HTTPS_PROXY = electronSettings.proxyRules
+        }
+
+        // Add proxy bypass rules if available
+        if (electronSettings.proxyBypassRules) {
+            processEnv.NO_PROXY = electronSettings.proxyBypassRules
+        }
+
+        const lspProcess = new ChildProcess(bin, args, {
+            warnThresholds,
+            spawnOptions: {
+                env: processEnv,
+            },
+        })
 
         // this is a long running process, awaiting it will never resolve
         void lspProcess.run()