Merge pull request #3444 from github/mbg/start-proxy/error-types

Report some types of errors in `start-proxy` status reports

src/start-proxy-action.ts

@@ -2,29 +2,22 @@ import { ChildProcess, spawn } from "child_process";
 import * as path from "path";
 
 import * as core from "@actions/core";
-import * as toolcache from "@actions/tool-cache";
 import { pki } from "node-forge";
 
 import * as actionsUtil from "./actions-util";
-import { getApiDetails, getAuthorizationHeaderFor } from "./api-client";
-import { Config } from "./config-utils";
 import { KnownLanguage } from "./languages";
 import { getActionsLogger, Logger } from "./logging";
 import {
   Credential,
+  credentialToStr,
   getCredentials,
-  getDownloadUrl,
+  getProxyBinaryPath,
+  getSafeErrorMessage,
   parseLanguage,
-  UPDATEJOB_PROXY,
+  sendFailedStatusReport,
+  sendSuccessStatusReport,
 } from "./start-proxy";
-import {
-  ActionName,
-  createStatusReportBase,
-  getActionsStatus,
-  sendStatusReport,
-  sendUnhandledErrorStatusReport,
-  StatusReportBase,
-} from "./status-report";
+import { ActionName, sendUnhandledErrorStatusReport } from "./status-report";
 import * as util from "./util";
 
 const KEY_SIZE = 2048;
@@ -94,35 +87,6 @@ function generateCertificateAuthority(): CertificateAuthority {
   return { cert: pem, key };
 }
 
-interface StartProxyStatus extends StatusReportBase {
-  // A comma-separated list of registry types which are configured for CodeQL.
-  // This only includes registry types we support, not all that are configured.
-  registry_types: string;
-}
-
-async function sendSuccessStatusReport(
-  startedAt: Date,
-  config: Partial<Config>,
-  registry_types: string[],
-  logger: Logger,
-) {
-  const statusReportBase = await createStatusReportBase(
-    ActionName.StartProxy,
-    "success",
-    startedAt,
-    config,
-    await util.checkDiskUsage(logger),
-    logger,
-  );
-  if (statusReportBase !== undefined) {
-    const statusReport: StartProxyStatus = {
-      ...statusReportBase,
-      registry_types: registry_types.join(","),
-    };
-    await sendStatusReport(statusReport);
-  }
-}
-
 async function run(startedAt: Date) {
   // To capture errors appropriately, keep as much code within the try-catch as
   // possible, and only use safe functions outside.
@@ -181,25 +145,7 @@ async function run(startedAt: Date) {
       logger,
     );
   } catch (unwrappedError) {
-    const error = util.wrapError(unwrappedError);
-    core.setFailed(`start-proxy action failed: ${error.message}`);
-
-    // We skip sending the error message and stack trace here to avoid the possibility
-    // of leaking any sensitive information into the telemetry.
-    const errorStatusReportBase = await createStatusReportBase(
-      ActionName.StartProxy,
-      getActionsStatus(error),
-      startedAt,
-      {
-        languages: language && [language],
-      },
-      await util.checkDiskUsage(logger),
-      logger,
-      "Error from start-proxy Action omitted",
-    );
-    if (errorStatusReportBase !== undefined) {
-      await sendStatusReport(errorStatusReportBase);
-    }
+    await sendFailedStatusReport(logger, startedAt, language, unwrappedError);
   }
 }
 
@@ -214,7 +160,7 @@ async function runWrapper() {
     await sendUnhandledErrorStatusReport(
       ActionName.StartProxy,
       startedAt,
-      new Error("Error from start-proxy Action omitted"),
+      getSafeErrorMessage(util.wrapError(error)),
       logger,
     );
   }
@@ -277,42 +223,4 @@ async function startProxy(
   core.setOutput("proxy_urls", JSON.stringify(registry_urls));
 }
 
-async function getProxyBinaryPath(logger: Logger): Promise<string> {
-  const proxyFileName =
-    process.platform === "win32" ? `${UPDATEJOB_PROXY}.exe` : UPDATEJOB_PROXY;
-  const proxyInfo = await getDownloadUrl(logger);
-
-  let proxyBin = toolcache.find(proxyFileName, proxyInfo.version);
-  if (!proxyBin) {
-    const apiDetails = getApiDetails();
-    const authorization = getAuthorizationHeaderFor(
-      logger,
-      apiDetails,
-      proxyInfo.url,
-    );
-    const temp = await toolcache.downloadTool(
-      proxyInfo.url,
-      undefined,
-      authorization,
-      {
-        accept: "application/octet-stream",
-      },
-    );
-    const extracted = await toolcache.extractTar(temp);
-    proxyBin = await toolcache.cacheDir(
-      extracted,
-      proxyFileName,
-      proxyInfo.version,
-    );
-  }
-  proxyBin = path.join(proxyBin, proxyFileName);
-  return proxyBin;
-}
-
-function credentialToStr(c: Credential): string {
-  return `Type: ${c.type}; Host: ${c.host}; Url: ${c.url} Username: ${
-    c.username
-  }; Password: ${c.password !== undefined}; Token: ${c.token !== undefined}`;
-}
-
 void runWrapper();

src/start-proxy.test.ts

@@ -1,21 +1,110 @@
-import test from "ava";
+import * as filepath from "path";
+
+import * as core from "@actions/core";
+import * as toolcache from "@actions/tool-cache";
+import test, { ExecutionContext } from "ava";
 import sinon from "sinon";
 
 import * as apiClient from "./api-client";
 import * as defaults from "./defaults.json";
 import { KnownLanguage } from "./languages";
-import { getRunnerLogger } from "./logging";
+import { getRunnerLogger, Logger } from "./logging";
 import * as startProxyExports from "./start-proxy";
 import { parseLanguage } from "./start-proxy";
+import * as statusReport from "./status-report";
 import {
   checkExpectedLogMessages,
   getRecordingLogger,
   makeTestToken,
   setupTests,
+  withRecordingLoggerAsync,
 } from "./testing-utils";
+import { ConfigurationError } from "./util";
 
 setupTests(test);
 
+const sendFailedStatusReportTest = test.macro({
+  exec: async (
+    t: ExecutionContext<unknown>,
+    err: Error,
+    expectedMessage: string,
+    expectedStatus: statusReport.ActionStatus = "failure",
+  ) => {
+    const now = new Date();
+
+    // Override core.setFailed to avoid it setting the program's exit code
+    sinon.stub(core, "setFailed").returns();
+
+    const createStatusReportBase = sinon.stub(
+      statusReport,
+      "createStatusReportBase",
+    );
+    createStatusReportBase.resolves(undefined);
+
+    await withRecordingLoggerAsync(async (logger) => {
+      await startProxyExports.sendFailedStatusReport(
+        logger,
+        now,
+        undefined,
+        err,
+      );
+
+      // Check that the stub has been called exactly once, with the expected arguments,
+      // but not with the message from the error.
+      sinon.assert.calledOnceWithExactly(
+        createStatusReportBase,
+        statusReport.ActionName.StartProxy,
+        expectedStatus,
+        now,
+        sinon.match.any,
+        sinon.match.any,
+        sinon.match.any,
+        expectedMessage,
+      );
+      t.false(
+        createStatusReportBase.calledWith(
+          statusReport.ActionName.StartProxy,
+          expectedStatus,
+          now,
+          sinon.match.any,
+          sinon.match.any,
+          sinon.match.any,
+          sinon.match((msg: string) => msg.includes(err.message)),
+        ),
+        "createStatusReportBase was called with the error message",
+      );
+    });
+  },
+
+  title: (providedTitle = "") => `sendFailedStatusReport - ${providedTitle}`,
+});
+
+test(
+  "reports generic error message for non-StartProxyError error",
+  sendFailedStatusReportTest,
+  new Error("Something went wrong today"),
+  "Error from start-proxy Action omitted (Error).",
+);
+
+test(
+  "reports generic error message for non-StartProxyError error with safe error message",
+  sendFailedStatusReportTest,
+  new Error(
+    startProxyExports.getStartProxyErrorMessage(
+      startProxyExports.StartProxyErrorType.DownloadFailed,
+    ),
+  ),
+  "Error from start-proxy Action omitted (Error).",
+);
+
+test(
+  "reports generic error message for ConfigurationError error",
+  sendFailedStatusReportTest,
+  new ConfigurationError("Something went wrong today"),
+  "Error from start-proxy Action omitted (ConfigurationError).",
+  "user-error",
+);
+
 const toEncodedJSON = (data: any) =>
   Buffer.from(JSON.stringify(data)).toString("base64");
 
@@ -301,3 +390,209 @@ test("getDownloadUrl returns matching release asset", async (t) => {
   t.is(info.version, defaults.cliVersion);
   t.is(info.url, "url-we-want");
 });
+
+test("credentialToStr - hides passwords", (t) => {
+  const secret = "password123";
+  const credential = {
+    type: "maven_credential",
+    password: secret,
+  };
+
+  const str = startProxyExports.credentialToStr(credential);
+
+  t.false(str.includes(secret));
+  t.is(
+    "Type: maven_credential; Host: undefined; Url: undefined Username: undefined; Password: true; Token: false",
+    str,
+  );
+});
+
+test("credentialToStr - hides tokens", (t) => {
+  const secret = "password123";
+  const credential = {
+    type: "maven_credential",
+    token: secret,
+  };
+
+  const str = startProxyExports.credentialToStr(credential);
+
+  t.false(str.includes(secret));
+  t.is(
+    "Type: maven_credential; Host: undefined; Url: undefined Username: undefined; Password: false; Token: true",
+    str,
+  );
+});
+
+test("getSafeErrorMessage - returns actual message for `StartProxyError`", (t) => {
+  const error = new startProxyExports.StartProxyError(
+    startProxyExports.StartProxyErrorType.DownloadFailed,
+  );
+  t.is(
+    startProxyExports.getSafeErrorMessage(error),
+    startProxyExports.getStartProxyErrorMessage(error.errorType),
+  );
+});
+
+test("getSafeErrorMessage - does not return message for arbitrary errors", (t) => {
+  const error = new Error(
+    startProxyExports.getStartProxyErrorMessage(
+      startProxyExports.StartProxyErrorType.DownloadFailed,
+    ),
+  );
+
+  const message = startProxyExports.getSafeErrorMessage(error);
+
+  t.not(message, error.message);
+  t.assert(message.startsWith("Error from start-proxy Action omitted"));
+  t.assert(message.includes(error.name));
+});
+
+const wrapFailureTest = test.macro({
+  exec: async (
+    t: ExecutionContext<unknown>,
+    setup: () => void,
+    fn: (logger: Logger) => Promise<void>,
+  ) => {
+    await withRecordingLoggerAsync(async (logger) => {
+      setup();
+
+      await t.throwsAsync(fn(logger), {
+        instanceOf: startProxyExports.StartProxyError,
+      });
+    });
+  },
+  title: (providedTitle) => `${providedTitle} - wraps errors on failure`,
+});
+
+test("downloadProxy - returns file path on success", async (t) => {
+  await withRecordingLoggerAsync(async (logger) => {
+    const testPath = "/some/path";
+    sinon.stub(toolcache, "downloadTool").resolves(testPath);
+
+    const result = await startProxyExports.downloadProxy(
+      logger,
+      "url",
+      undefined,
+    );
+    t.is(result, testPath);
+  });
+});
+
+test(
+  "downloadProxy",
+  wrapFailureTest,
+  () => {
+    sinon.stub(toolcache, "downloadTool").throws();
+  },
+  async (logger) => {
+    await startProxyExports.downloadProxy(logger, "url", undefined);
+  },
+);
+
+test("extractProxy - returns file path on success", async (t) => {
+  await withRecordingLoggerAsync(async (logger) => {
+    const testPath = "/some/path";
+    sinon.stub(toolcache, "extractTar").resolves(testPath);
+
+    const result = await startProxyExports.extractProxy(logger, "/other/path");
+    t.is(result, testPath);
+  });
+});
+
+test(
+  "extractProxy",
+  wrapFailureTest,
+  () => {
+    sinon.stub(toolcache, "extractTar").throws();
+  },
+  async (logger) => {
+    await startProxyExports.extractProxy(logger, "path");
+  },
+);
+
+test("cacheProxy - returns file path on success", async (t) => {
+  await withRecordingLoggerAsync(async (logger) => {
+    const testPath = "/some/path";
+    sinon.stub(toolcache, "cacheDir").resolves(testPath);
+
+    const result = await startProxyExports.cacheProxy(
+      logger,
+      "/other/path",
+      "proxy",
+      "1.0",
+    );
+    t.is(result, testPath);
+  });
+});
+
+test(
+  "cacheProxy",
+  wrapFailureTest,
+  () => {
+    sinon.stub(toolcache, "cacheDir").throws();
+  },
+  async (logger) => {
+    await startProxyExports.cacheProxy(logger, "/other/path", "proxy", "1.0");
+  },
+);
+
+test("getProxyBinaryPath - returns path from tool cache if available", async (t) => {
+  mockGetReleaseByTag();
+
+  await withRecordingLoggerAsync(async (logger) => {
+    const toolcachePath = "/path/to/proxy/dir";
+    sinon.stub(toolcache, "find").returns(toolcachePath);
+
+    const path = await startProxyExports.getProxyBinaryPath(logger);
+
+    t.assert(path);
+    t.is(
+      path,
+      filepath.join(toolcachePath, startProxyExports.getProxyFilename()),
+    );
+  });
+});
+
+test("getProxyBinaryPath - downloads proxy if not in cache", async (t) => {
+  const downloadUrl = "url-we-want";
+  mockGetReleaseByTag([
+    { name: startProxyExports.getProxyPackage(), url: downloadUrl },
+  ]);
+
+  await withRecordingLoggerAsync(async (logger) => {
+    const toolcachePath = "/path/to/proxy/dir";
+    const find = sinon.stub(toolcache, "find").returns("");
+    const getApiDetails = sinon.stub(apiClient, "getApiDetails").returns({
+      auth: "",
+      url: "",
+      apiURL: "",
+    });
+    const getAuthorizationHeaderFor = sinon
+      .stub(apiClient, "getAuthorizationHeaderFor")
+      .returns(undefined);
+    const archivePath = "/path/to/archive";
+    const downloadTool = sinon
+      .stub(toolcache, "downloadTool")
+      .resolves(archivePath);
+    const extractedPath = "/path/to/extracted";
+    const extractTar = sinon
+      .stub(toolcache, "extractTar")
+      .resolves(extractedPath);
+    const cacheDir = sinon.stub(toolcache, "cacheDir").resolves(toolcachePath);
+
+    const path = await startProxyExports.getProxyBinaryPath(logger);
+
+    t.assert(find.calledOnce);
+    t.assert(getApiDetails.calledOnce);
+    t.assert(getAuthorizationHeaderFor.calledOnce);
+    t.assert(downloadTool.calledOnceWith(downloadUrl));
+    t.assert(extractTar.calledOnceWith(archivePath));
+    t.assert(cacheDir.calledOnceWith(extractedPath));
+
+    t.assert(path);
+    t.is(
+      path,
+      filepath.join(toolcachePath, startProxyExports.getProxyFilename()),
+    );
+  });
+});

src/start-proxy.ts

@@ -1,12 +1,161 @@
-import * as core from "@actions/core";
+import * as path from "path";
 
-import { getApiClient } from "./api-client";
+import * as core from "@actions/core";
+import * as toolcache from "@actions/tool-cache";
+
+import {
+  getApiClient,
+  getApiDetails,
+  getAuthorizationHeaderFor,
+} from "./api-client";
 import * as artifactScanner from "./artifact-scanner";
+import { Config } from "./config-utils";
 import * as defaults from "./defaults.json";
 import { KnownLanguage } from "./languages";
 import { Logger } from "./logging";
+import {
+  ActionName,
+  createStatusReportBase,
+  getActionsStatus,
+  sendStatusReport,
+  StatusReportBase,
+} from "./status-report";
+import * as util from "./util";
 import { ConfigurationError, getErrorMessage, isDefined } from "./util";
 
+/**
+ * Enumerates specific error types for which we have corresponding error messages that
+ * are safe to include in status reports.
+ */
+export enum StartProxyErrorType {
+  DownloadFailed,
+  ExtractionFailed,
+  CacheFailed,
+}
+
+/**
+ * @returns The error message corresponding to the error type.
+ */
+export function getStartProxyErrorMessage(
+  errorType: StartProxyErrorType,
+): string {
+  switch (errorType) {
+    case StartProxyErrorType.DownloadFailed:
+      return "Failed to download proxy archive.";
+    case StartProxyErrorType.ExtractionFailed:
+      return "Failed to extract proxy archive.";
+    case StartProxyErrorType.CacheFailed:
+      return "Failed to add proxy to toolcache";
+  }
+}
+
+/**
+ * We want to avoid accidentally leaking secrets that may be contained in exception
+ * messages in the `start-proxy` action. Consequently, we don't report the messages
+ * of arbitrary exceptions. This type of error ensures that the message is one from
+ * `StartProxyErrorType` and therefore safe to include in a status report.
+ */
+export class StartProxyError extends Error {
+  public readonly errorType: StartProxyErrorType;
+
+  constructor(errorType: StartProxyErrorType) {
+    super();
+    this.errorType = errorType;
+  }
+}
+
+interface StartProxyStatus extends StatusReportBase {
+  // A comma-separated list of registry types which are configured for CodeQL.
+  // This only includes registry types we support, not all that are configured.
+  registry_types: string;
+}
+
+/**
+ * Sends a status report for the `start-proxy` action indicating a successful outcome.
+ *
+ * @param startedAt When the action was started.
+ * @param config The configuration used.
+ * @param registry_types The types of registries that are configured.
+ * @param logger The logger to use.
+ */
+export async function sendSuccessStatusReport(
+  startedAt: Date,
+  config: Partial<Config>,
+  registry_types: string[],
+  logger: Logger,
+) {
+  const statusReportBase = await createStatusReportBase(
+    ActionName.StartProxy,
+    "success",
+    startedAt,
+    config,
+    await util.checkDiskUsage(logger),
+    logger,
+  );
+  if (statusReportBase !== undefined) {
+    const statusReport: StartProxyStatus = {
+      ...statusReportBase,
+      registry_types: registry_types.join(","),
+    };
+    await sendStatusReport(statusReport);
+  }
+}
+
+/**
+ * Returns an error message for `error` that can safely be reported in a status report,
+ * i.e. that does not contain sensitive information.
+ *
+ * @param error The error for which to get an error message.
+ */
+export function getSafeErrorMessage(error: Error): string {
+  // If the error is a `StartProxyError`, resolve the error type to the corresponding
+  // error message.
+  if (error instanceof StartProxyError) {
+    return getStartProxyErrorMessage(error.errorType);
+  }
+
+  // Otherwise, omit the actual error message.
+  return `Error from start-proxy Action omitted (${error.constructor.name}).`;
+}
+
+/**
+ * Sends a status report for the `start-proxy` action indicating a failure.
+ *
+ * @param logger The logger to use.
+ * @param startedAt When the action was started.
+ * @param language The language provided as input, if any.
+ * @param unwrappedError The exception that was thrown.
+ */
+export async function sendFailedStatusReport(
+  logger: Logger,
+  startedAt: Date,
+  language: KnownLanguage | undefined,
+  unwrappedError: unknown,
+) {
+  const error = util.wrapError(unwrappedError);
+  core.setFailed(`start-proxy action failed: ${error.message}`);
+
+  // To avoid the possibility of leaking sensitive information into the telemetry,
+  // we don't include arbitrary error messages. Instead, `getSafeErrorMessage` will
+  // return a generic message that includes the type of the error, unless it can decide
+  // that the message is safe to include.
+  const statusReportMessage = getSafeErrorMessage(error);
+  const errorStatusReportBase = await createStatusReportBase(
+    ActionName.StartProxy,
+    getActionsStatus(error),
+    startedAt,
+    {
+      languages: language && [language],
+    },
+    await util.checkDiskUsage(logger),
+    logger,
+    statusReportMessage,
+  );
+  if (errorStatusReportBase !== undefined) {
+    await sendStatusReport(errorStatusReportBase);
+  }
+}
+
 export const UPDATEJOB_PROXY = "update-job-proxy";
 export const UPDATEJOB_PROXY_VERSION = "v2.0.20250624110901";
 const UPDATEJOB_PROXY_URL_PREFIX =
@@ -277,3 +426,125 @@ export async function getDownloadUrl(
     version: UPDATEJOB_PROXY_VERSION,
   };
 }
+
+/**
+ * Pretty-prints a `Credential` value to a string, but hides the actual password or token values.
+ *
+ * @param c The credential to convert to a string.
+ */
+export function credentialToStr(c: Credential): string {
+  return `Type: ${c.type}; Host: ${c.host}; Url: ${c.url} Username: ${
+    c.username
+  }; Password: ${c.password !== undefined}; Token: ${c.token !== undefined}`;
+}
+
+/**
+ * Attempts to download a file from `url` into the toolcache.
+ *
+ * @param logger The logger to use.
+ * @param url The URL to download the proxy binary from.
+ * @param authorization The authorization information to use.
+ * @returns If successful, the path to the downloaded file.
+ */
+export async function downloadProxy(
+  logger: Logger,
+  url: string,
+  authorization: string | undefined,
+) {
+  try {
+    // Download the proxy archive from `url`. We let `downloadTool` choose where
+    // to store it. The path to the downloaded file will be returned if successful.
+    return toolcache.downloadTool(url, /* dest: */ undefined, authorization, {
+      accept: "application/octet-stream",
+    });
+  } catch (error) {
+    logger.error(
+      `Failed to download proxy archive from ${url}: ${getErrorMessage(error)}`,
+    );
+    throw new StartProxyError(StartProxyErrorType.DownloadFailed);
+  }
+}
+
+/**
+ * Attempts to extract the proxy binary from the `archive`.
+ *
+ * @param logger The logger to use.
+ * @param archive The archive to extract.
+ * @returns The path to the extracted file(s).
+ */
+export async function extractProxy(logger: Logger, archive: string) {
+  try {
+    return await toolcache.extractTar(archive);
+  } catch (error) {
+    logger.error(
+      `Failed to extract proxy archive from ${archive}: ${getErrorMessage(error)}`,
+    );
+    throw new StartProxyError(StartProxyErrorType.ExtractionFailed);
+  }
+}
+
+/**
+ * Attempts to store the proxy in the toolcache.
+ *
+ * @param logger The logger to use.
+ * @param source The source path to add to the toolcache.
+ * @param filename The filename of the proxy binary.
+ * @param version The version of the proxy.
+ * @returns The path to the directory in the toolcache.
+ */
+export async function cacheProxy(
+  logger: Logger,
+  source: string,
+  filename: string,
+  version: string,
+) {
+  try {
+    return await toolcache.cacheDir(source, filename, version);
+  } catch (error) {
+    logger.error(
+      `Failed to add proxy archive from ${source} to toolcache: ${getErrorMessage(error)}`,
+    );
+    throw new StartProxyError(StartProxyErrorType.CacheFailed);
+  }
+}
+
+/**
+ * Returns the platform-specific filename of the proxy binary.
+ */
+export function getProxyFilename() {
+  return process.platform === "win32"
+    ? `${UPDATEJOB_PROXY}.exe`
+    : UPDATEJOB_PROXY;
+}
+
+/**
+ * Gets a path to the proxy binary. If possible, this function will find the proxy in the
+ * runner's tool cache. Otherwise, it downloads and extracts the proxy binary,
+ * and stores it in the tool cache.
+ *
+ * @param logger The logger to use.
+ * @returns The path to the proxy binary.
+ */
+export async function getProxyBinaryPath(logger: Logger): Promise<string> {
+  const proxyFileName = getProxyFilename();
+  const proxyInfo = await getDownloadUrl(logger);
+
+  let proxyBin = toolcache.find(proxyFileName, proxyInfo.version);
+  if (!proxyBin) {
+    const apiDetails = getApiDetails();
+    const authorization = getAuthorizationHeaderFor(
+      logger,
+      apiDetails,
+      proxyInfo.url,
+    );
+    const temp = await downloadProxy(logger, proxyInfo.url, authorization);
+    const extracted = await extractProxy(logger, temp);
+    proxyBin = await cacheProxy(
+      logger,
+      extracted,
+      proxyFileName,
+      proxyInfo.version,
+    );
+  }
+  return path.join(proxyBin, proxyFileName);
+}

src/testing-utils.ts

@@ -208,6 +208,23 @@ export function checkExpectedLogMessages(
   }
 }
 
+/**
+ * Initialises a recording logger and calls `body` with it.
+ *
+ * @param body The test that requires a recording logger.
+ * @returns The logged messages.
+ */
+export async function withRecordingLoggerAsync(
+  body: (logger: Logger) => Promise<void>,
+): Promise<LoggedMessage[]> {
+  const messages = [];
+  const logger = getRecordingLogger(messages);
+
+  await body(logger);
+
+  return messages;
+}
+
 /** Mock the HTTP request to the feature flags enablement API endpoint. */
 export function mockFeatureFlagApiEndpoint(
   responseStatusCode: number,