Skip to content

Commit

Permalink
Fix auth in publish to npm
Browse files Browse the repository at this point in the history
  • Loading branch information
sbrunner committed Nov 20, 2024
1 parent 614497e commit 1d33e70
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 27 deletions.
56 changes: 34 additions & 22 deletions tag_publish/cli.py
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,22 @@ def _handle_node_publish(
success = True
node_config = config.get("node", {})
if node_config:
if version_type == "version_branch":
last_tag = (
subprocess.run(
["git", "describe", "--abbrev=0", "--tags"], check=True, stdout=subprocess.PIPE
)
.stdout.strip()
.decode()
)
commits_number = subprocess.run(
["git", "rev-list", "--count", f"{last_tag}..HEAD"],
check=True,
stdout=subprocess.PIPE,
)

version = f"{last_tag}.{commits_number}"

for package in node_config.get("packages", []):
if package.get("group", tag_publish.configuration.NODE_PACKAGE_GROUP_DEFAULT) == group:
publish = version_type in node_config.get(
Expand Down Expand Up @@ -290,6 +306,8 @@ def _handle_docker_publish(
success = True
docker_config = config.get("docker", {})
if docker_config:
sys.stdout.flush()
sys.stderr.flush()
if docker_config.get("auto_login", tag_publish.configuration.DOCKER_AUTO_LOGIN_DEFAULT):
subprocess.run(
[
Expand Down Expand Up @@ -504,9 +522,7 @@ def _handle_helm_publish(
) -> bool:
success = True
helm_config = config.get("helm", {})
if helm_config.get("folders") and version_type in helm_config.get(
"versions", tag_publish.configuration.HELM_VERSIONS_DEFAULT
):
if helm_config.get("packages"):
tag_publish.download_application("helm/chart-releaser")

owner = github.repo.owner.login
Expand All @@ -524,35 +540,31 @@ def _handle_helm_publish(
.stdout.strip()
.decode()
)
expression = re.compile(r"^[0-9]+\.[0-9]+\.[0-9]+$")
while expression.match(last_tag) is None:
last_tag = (
subprocess.run(
["git", "describe", "--abbrev=0", "--tags", f"{last_tag}^"],
check=True,
stdout=subprocess.PIPE,
)
.stdout.strip()
.decode()
)
commits_number = subprocess.run(
["git", "rev-list", "--count", f"{last_tag}..HEAD"],
check=True,
stdout=subprocess.PIPE,
)

versions = last_tag.split(".")
versions[-1] = str(int(versions[-1]) + 1)
version = ".".join(versions)
version = f"{last_tag}.{commits_number}"

for package in helm_config["packages"]:
if package.get("group", tag_publish.configuration.PIP_PACKAGE_GROUP_DEFAULT) == group:
publish = version_type in helm_config.get(
"versions", tag_publish.configuration.PYPI_VERSIONS_DEFAULT
)
if package.get("group", tag_publish.configuration.HELM_PACKAGE_GROUP_DEFAULT) == group:
versions_type = helm_config.get("versions", tag_publish.configuration.HELM_VERSIONS_DEFAULT)
publish = version_type in versions_type
folder = package.get("folder", tag_publish.configuration.HELM_PACKAGE_FOLDER_DEFAULT)
if publish:
folder = package.get("folder", tag_publish.configuration.HELM_PACKAGE_FOLDER_DEFAULT)
if dry_run:
print(f"Publishing '{folder}' to helm, skipping (dry run)")
else:
token = os.environ["GITHUB_TOKEN"]
success &= tag_publish.publish.helm(folder, version, owner, repo, commit_sha, token)
published_payload.append({"type": "helm", "folder": folder})
else:
print(
f"::notice::The folder '{folder}' will be published as helm on version types: "
f"{', '.join(versions_type)}"
)
return success


Expand Down
2 changes: 1 addition & 1 deletion tag_publish/lib/oidc.py
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ def pypi_login() -> None:
pypirc_filename = os.path.expanduser("~/.pypirc")

if os.path.exists(pypirc_filename):
print(f"::info::{pypirc_filename} already exists; consider as already logged in.") # noqa: E702
print(f"::notice::{pypirc_filename} already exists; consider as already logged in.") # noqa: E702
return

if "ACTIONS_ID_TOKEN_REQUEST_TOKEN" not in os.environ:
Expand Down
7 changes: 3 additions & 4 deletions tag_publish/publish.py
Original file line number Diff line number Diff line change
Expand Up @@ -142,18 +142,17 @@ def node(
is_github = repo_config["server"] == "npm.pkg.github.com"
old_npmrc = None
npmrc_filename = os.path.expanduser("~/.npmrc")
env = {**os.environ}
if is_github:
old_npmrc = None
if os.path.exists(npmrc_filename):
with open(npmrc_filename, encoding="utf-8") as open_file:
old_npmrc = open_file.read()
with open(npmrc_filename, "w", encoding="utf-8") as open_file:
open_file.write(f"//npm.pkg.github.com/:_authToken={os.environ['GITHUB_TOKEN']}\n")
open_file.write(f"registry=https://{repo_config['server']}\n")
open_file.write("always-auth=true\n")
env["NODE_AUTH_TOKEN"] = os.environ["GITHUB_TOKEN"]

subprocess.run(["npm", "publish", *([] if publish else ["--dry-run"])], cwd=cwd, check=True, env=env)
subprocess.run(["npm", "publish", *([] if publish else ["--dry-run"])], cwd=cwd, check=True)

if is_github:
if old_npmrc is None:
Expand Down Expand Up @@ -201,7 +200,7 @@ def docker(
"""
print(
f"::group::Publishing {image_config['name']} to the server {name} "
f"::group::Publishing {image_config['name']} to the {name} registry "
f"using the tags {', '.join(dst_tags)}"
)
sys.stdout.flush()
Expand Down

0 comments on commit 1d33e70

Please sign in to comment.