cli: Post https://api.github.com/graphql: net/http: TLS handshake timeout

@mislav I have the same problem, it could be a proxy settings problem. I have set it in Git config. If possible make Github CLI to read the Git configuration by default. Personally, I do not want set global system proxy.

Thank you all for your patience! We just released a new version using Go 1.15 that ships a fix for the “TLS handshake timeout” that some macOS users have been experiencing: https://github.com/cli/cli/releases/tag/v0.12.0

@hantsy no need to set proxy in git config, a proxy() and a noproxy() function in your bash_rc or bash_profile would be easier if you’re a developer in china. most cli(eg. git,curl,wget,go,brew …) respects http_proxy, https_proxy, HTTP_PROXY, HTTPS_PROXY.

proxy ()
{
    export http_proxy="http://127.0.0.1:8118";
    export no_proxy="localhost,127.0.0.0/0,192.168.0.0/16,10.0.0.0/0,kubernetes.docker.internal";
    export NO_PROXY=$no_proxy;
    export HTTP_PROXY=$http_proxy https_proxy=$http_proxy HTTPS_PROXY=$http_proxy NO_PROXY=$no_proxy;
    echo "HTTP Proxy on";
    env | grep --color=auto -i proxy
}
noproxy ()
{
    unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY FTP_PROXY ftp_proxy ALL_PROXY all_proxy;
    env | grep --color=auto -i proxy;
    echo -e "Proxy environment variable removed."
}

Yeah，I am sure it is a general problem in China. If there are some issues to read git config, I think it is accepted to add the proxy config support to the gh config command. (or provide an option in gh config to users to decide if read git config )

The author of the patch is collecting feedback from macOS people affected. All you have to do (takes about a minute) is to run these steps:

GO111MODULE=on go get golang.org/dl/gotip@latest
"${GOPATH:-$HOME/go}"/bin/gotip download 
GODEBUG=x509roots=1 "${GOPATH:-$HOME/go}"/bin/gotip test crypto/x509 -v -run TestSystemRoots

For me this listed custom certificates from my Keychain and passed the test, but I was never affected by this issue either.

@exalted omg, turns out this was known to golang and seems to have been patched yesterday! https://github.com/golang/go/issues/19561#issuecomment-390786867

@exalted Thank you for trying! I’m puzzled about the 20 second-ish timeout when that build has a setting of 60s for TLS handshake timeout 😕 I would have expected that the command would block for at least 60s before it gives up. This is just more evidence that this isn’t network-related at all.

I get the timeout still from the 0.8.0-pre.0 build.

@exalted @ggilley Do you have https_proxy or no_proxy set in your environment?

env | grep -i proxy

I am yet to make it work once, so I’ve been pretty unlucky so far I guess…

Here’s the output of DEBUG=api gh issue list when I am inside the clone working directory of my personal dot files repository (https://github.com/exalted/dotfiles):

> GET /repos/cli/cli/releases/latest
[git remote -v]
> POST /graphql
{"query":"\n\tfragment repo on Repository {\n\t\tid\n\t\tname\n\t\towner { login }\n\t\tviewerPermission\n\t\tdefaultBranchRef {\n\t\t\tname\n\t\t\ttarget { oid }\n\t\t}\n\t\tisPrivate\n\t}\n\tquery {\n\t\tviewer { login }\n\t\t\n\t\trepo_000: repository(owner: \"exalted\", name: \"dotfiles\") {\n\t\t\t...repo\n\t\t\tparent {\n\t\t\t\t...repo\n\t\t\t}\n\t\t}\n\t\t\n\t}\n\t","variables":null}
Post https://api.github.com/graphql: net/http: TLS handshake timeout

Here’s the output of git remote -v, if helps:

git remote -v
origin	https://github.com/exalted/dotfiles.git (fetch)
origin	https://github.com/exalted/dotfiles.git (push)