def run_step(self, data): try: nvm.exec_npm_command(data, 'install --package-lock-only') except PipelineException as npm_ex: self.handle_step_error( 'Exception when trying to install package.lock file', npm_ex) self.log.debug('Created package lock file') return data
def run_step(self, data): try: nvm.exec_npm_command(data, 'install') except PipelineException as npm_ex: self.handle_step_error('Exception when trying to run npm install', npm_ex) self.log.debug('Npm install completed successfully') return data
def get_versions(self, data, name, major_minor): ''' Gets the latest versionws for a specific major.minor version from npm registry as an array. ''' result = [] try: # npm view @babel/core@'7.9' version -json # # [ # "7.9.0", # "7.9.6" # ] # Note! that if there is only on version matching the result will be a # string not an array. # cli_result = nvm.exec_npm_command( data, f'view {name}@"{major_minor}" version', '-json') list_or_string = json.loads(cli_result) if list_or_string: if isinstance(list_or_string, list): result = list_or_string else: result.append(list_or_string) self.log.info( "Published versions for npm view %s@'%s' version -json are %s", name, major_minor, result) except: self.log.info("Found no previous versions for %s.", major_minor) return result
def run_step(self, data): # npm login doesn't support non-interactive login, so we'll do this # through a docker image cmd = (f'docker run ' f'-e NPM_USER="******" ' f'-e NPM_PASS="******" ' f'-e NPM_EMAIL="{environment.get_npm_email()}" ' f'{self.get_docker_image()} ') try: self.log.info('Logging into NPM to get an access token.') npm_token = process.run_with_output(cmd, log_cmd=False) file_util.overwite_absolute(self.get_output_file(), npm_token) self.log.debug(f'NPM token written to {self.get_output_file()}') except PipelineException as docker_ex: self.handle_step_error( 'NPM login failed. Exception when trying to get auth token from npm via docker', docker_ex) try: result = nvm.exec_npm_command(data, 'whoami') self.log.info(f"Logged in to NPM as '{result}'.") except PipelineException as npm_ex: self.handle_step_error( 'Exception when trying to verify identify with npm whoami', npm_ex) self.step_ok() return data
def run_step(self, data): try: result = nvm.exec_npm_command(data, 'audit --json') audit_json = json.loads(result) except PipelineException as npm_ex: # npm audit returns a non-zero exit code on vulnerabilities try: # If the exception message is parsable as json # it's probably the output from the audit. We'll # check that it's ok later on audit_json = json.loads(str(npm_ex)) except (ValueError, JSONDecodeError): # The error wasn't json - so this is probably a true # process error msg = 'npm audit failed' if 'Cannot audit a project without a lockfile' in str(npm_ex): msg = ( 'Package.lock is missing, which is a required file ' 'for npm audit to work. Maybe package-lock=false is ' 'set in .npmrc?') self.handle_step_error(msg, npm_ex) data = self.approve_audit(data, audit_json) self.log.info('Audit result was "%s"', json.dumps(audit_json)) self.step_ok() return data
def get_version(self, data, name, version): ''' Gets major.minor.patch version. Returns None if no version matches in the npm registry. ''' result = None try: result = str(nvm.exec_npm_command(data, f'view {name}@"{version}" version', '-json')) except: self.log.error("Faild to read find any version for %s %s. \n %s", name, version) self.log.debug("Got version %s %s", name, version) return result
def run_step(self, data): # npm login doesn't support non-interactive login, so we'll do this # through a docker image cmd = (f'docker run ' f'-e NPM_USER="******" ' f'-e NPM_PASS="******" ' f'-e NPM_EMAIL="{environment.get_npm_email()}" ' f'{self.get_docker_image()} ' f'> {self.get_output_file()}') try: result = process.run_with_output(cmd, False) except PipelineException as docker_ex: self.handle_step_error( 'NPM login failed. Exception when trying to get auth token from npm via docker', docker_ex) self.log.debug('Output from npm login was: "%s"', result) try: result = nvm.exec_npm_command(data, 'whoami') except PipelineException as npm_ex: self.handle_step_error( 'Exception when trying to verify identify with npm whoami', npm_ex) self.log.debug('Output from npm whoami was: "%s"', result) return data
def publish(self, data): result = nvm.exec_npm_command(data, 'publish --access public', environment.get_project_root()) self.log.debug('Result from npm publish was: "%s"', result)