def run_step(self, data):
try:
nvm.exec_npm_command(data, 'install --package-lock-only')
except PipelineException as npm_ex:
self.handle_step_error(
'Exception when trying to install package.lock file', npm_ex)
self.log.debug('Created package lock file')
return data
def run_step(self, data):
try:
nvm.exec_npm_command(data, 'install')
except PipelineException as npm_ex:
self.handle_step_error('Exception when trying to run npm install',
npm_ex)
self.log.debug('Npm install completed successfully')
return data
def get_versions(self, data, name, major_minor):
'''
Gets the latest versionws for a specific major.minor version from npm registry as an array.
'''
result = []
try:
# npm view @babel/core@'7.9' version -json
#
# [
# "7.9.0",
# "7.9.6"
# ]
# Note! that if there is only on version matching the result will be a
# string not an array.
#
cli_result = nvm.exec_npm_command(
data, f'view {name}@"{major_minor}" version', '-json')
list_or_string = json.loads(cli_result)
if list_or_string:
if isinstance(list_or_string, list):
result = list_or_string
else:
result.append(list_or_string)
self.log.info(
"Published versions for npm view %s@'%s' version -json are %s",
name, major_minor, result)
except:
self.log.info("Found no previous versions for %s.", major_minor)
return result
def run_step(self, data):
# npm login doesn't support non-interactive login, so we'll do this
# through a docker image
cmd = (f'docker run '
f'-e NPM_USER="******" '
f'-e NPM_PASS="******" '
f'-e NPM_EMAIL="{environment.get_npm_email()}" '
f'{self.get_docker_image()} ')
try:
self.log.info('Logging into NPM to get an access token.')
npm_token = process.run_with_output(cmd, log_cmd=False)
file_util.overwite_absolute(self.get_output_file(), npm_token)
self.log.debug(f'NPM token written to {self.get_output_file()}')
except PipelineException as docker_ex:
self.handle_step_error(
'NPM login failed. Exception when trying to get auth token from npm via docker',
docker_ex)
try:
result = nvm.exec_npm_command(data, 'whoami')
self.log.info(f"Logged in to NPM as '{result}'.")
except PipelineException as npm_ex:
self.handle_step_error(
'Exception when trying to verify identify with npm whoami',
npm_ex)
self.step_ok()
return data
def run_step(self, data):
try:
result = nvm.exec_npm_command(data, 'audit --json')
audit_json = json.loads(result)
except PipelineException as npm_ex:
# npm audit returns a non-zero exit code on vulnerabilities
try:
# If the exception message is parsable as json
# it's probably the output from the audit. We'll
# check that it's ok later on
audit_json = json.loads(str(npm_ex))
except (ValueError, JSONDecodeError):
# The error wasn't json - so this is probably a true
# process error
msg = 'npm audit failed'
if 'Cannot audit a project without a lockfile' in str(npm_ex):
msg = (
'Package.lock is missing, which is a required file '
'for npm audit to work. Maybe package-lock=false is '
'set in .npmrc?')
self.handle_step_error(msg, npm_ex)
data = self.approve_audit(data, audit_json)
self.log.info('Audit result was "%s"', json.dumps(audit_json))
self.step_ok()
return data
def get_version(self, data, name, version):
'''
Gets major.minor.patch version. Returns None if no version matches in the npm registry.
'''
result = None
try:
result = str(nvm.exec_npm_command(data, f'view {name}@"{version}" version', '-json'))
except:
self.log.error("Faild to read find any version for %s %s. \n %s", name, version)
self.log.debug("Got version %s %s", name, version)
return result
def run_step(self, data):
# npm login doesn't support non-interactive login, so we'll do this
# through a docker image
cmd = (f'docker run '
f'-e NPM_USER="******" '
f'-e NPM_PASS="******" '
f'-e NPM_EMAIL="{environment.get_npm_email()}" '
f'{self.get_docker_image()} '
f'> {self.get_output_file()}')
try:
result = process.run_with_output(cmd, False)
except PipelineException as docker_ex:
self.handle_step_error(
'NPM login failed. Exception when trying to get auth token from npm via docker',
docker_ex)
self.log.debug('Output from npm login was: "%s"', result)
try:
result = nvm.exec_npm_command(data, 'whoami')
except PipelineException as npm_ex:
self.handle_step_error(
'Exception when trying to verify identify with npm whoami',
npm_ex)
self.log.debug('Output from npm whoami was: "%s"', result)
return data
def publish(self, data):
result = nvm.exec_npm_command(data, 'publish --access public',
environment.get_project_root())
self.log.debug('Result from npm publish was: "%s"', result)