Add flag allow-all-domains and skip matching AR domain if set (#75)

Author: yiyangw-g

src/config.js

@@ -13,9 +13,14 @@
 // limitations under the License.
 
 
-const registryRegex = /(@[a-zA-Z0-9-*~][a-zA-Z0-9-*._~]*:)?registry=https:(\/\/[a-zA-Z0-9-]+[-]npm[.]pkg[.]dev\/.*\/)/;
-const authTokenRegex = /(\/\/[a-zA-Z0-9-]+[-]npm[.]pkg[.]dev\/.*\/):_authToken=(.*)/;
-const passwordRegex = /(\/\/[a-zA-Z0-9-]+[-]npm[.]pkg[.]dev\/.*\/):_password=(.*)/;
+const registryARRegex = /(@[a-zA-Z0-9-*~][a-zA-Z0-9-*._~]*:)?registry=https:(\/\/[a-zA-Z0-9-]+[-]npm[.]pkg[.]dev\/.*\/)/;
+const authTokenARRegex = /(\/\/[a-zA-Z0-9-]+[-]npm[.]pkg[.]dev\/.*\/):_authToken=(.*)/;
+const passwordARRegex = /(\/\/[a-zA-Z0-9-]+[-]npm[.]pkg[.]dev\/.*\/):_password=(.*)/;
+
+const registryAllDomainRegex = /(@[a-zA-Z0-9-*~][a-zA-Z0-9-*._~]*:)?registry=https:(\/\/.*)/;
+const authTokenAllDomainRegex = /(\/\/.*\/):_authToken=(.*)/;
+const passwordAllDomainRegex = /(\/\/.*\/):_password=(.*)/;
+
 
 const configType = {
   Default: "Default",
@@ -24,7 +29,16 @@ const configType = {
   Password: "Password",
 }
 
-function parseConfig(text) {
+function parseConfig(text, allowAllDomains) {
+  registryRegex = registryARRegex;
+  authTokenRegex = authTokenARRegex;
+  passwordRegex = passwordARRegex;
+  if (allowAllDomains) {
+    registryRegex = registryAllDomainRegex;
+    authTokenRegex = authTokenAllDomainRegex;
+    passwordRegex = passwordAllDomainRegex;
+  }
+
   let m = text.match(registryRegex);
   if (m) {
     return {

src/main.js

@@ -80,6 +80,11 @@ async function main() {
         describe: 'If set, update the .npmrc file with this token rather than the token obtained from ADC or gcloud.',
         default: '',
       })
+      .option('allow-all-domains', {
+        type: 'boolean',
+        describe: 'If set, it allows all registry domains to attach the auth token to.',
+        default: false,
+      })
       .help()
       .argv;
 
@@ -94,7 +99,7 @@ async function main() {
           + 'in future versions. Run the plugin with `--repo-config` and `--credential-config`.');
       await update.updateConfigFile(configPath, creds);
     } else {
-      await update.updateConfigFiles(allArgs.repoConfig, allArgs.credentialConfig, creds);
+      await update.updateConfigFiles(allArgs.repoConfig, allArgs.credentialConfig, creds, allArgs.allowAllDomains);
     }
     console.log("Success!");
   } catch (err) {

src/update.js

@@ -24,9 +24,10 @@ const {logger} = require('./logger');
  * @param {string} fromConfigPath Path to the npmrc file to read scope registry configs from, should be the project npmrc file.
  * @param {string} toConfigPath Path to npmrc file to write authentication configs to, should be the user npmrc file.
  * @param {string} creds Encrypted credentials.
+ * @param {boolean} allowAllDomains Set if allow all domains.
  * @return {!Promise<undefined>}
  */
-async function updateConfigFiles(fromConfigPath, toConfigPath, creds) {
+async function updateConfigFiles(fromConfigPath, toConfigPath, creds, allowAllDomains) {
   fromConfigPath = path.resolve(fromConfigPath);
   toConfigPath = path.resolve(toConfigPath);
 
@@ -45,7 +46,7 @@ async function updateConfigFiles(fromConfigPath, toConfigPath, creds) {
   // - password config, print a warning and move it to the user npmrc file.
   // - everything else, keep it in the project npmrc file.
   for (const line of fromConfigLines.split('\n')) {
-    let config = c.parseConfig(line.trim());
+    let config = c.parseConfig(line.trim(), allowAllDomains);
     switch (config.type) {
       case c.configType.Registry:
         fromConfigs.push(config);
@@ -78,7 +79,7 @@ async function updateConfigFiles(fromConfigPath, toConfigPath, creds) {
       if (line == "") {
         continue;
       }
-      let config = c.parseConfig(line.trim());
+      let config = c.parseConfig(line.trim(), allowAllDomains);
       if (config.type == c.configType.AuthToken || config.type == c.configType.Password) {
         registryAuthConfigs.delete(config.registry);
       }

test/test.update.js

@@ -204,7 +204,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
       fs.writeFileSync(toConfigPath, ``);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -217,7 +217,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
       fs.writeFileSync(toConfigPath, ``);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -231,7 +231,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@my.scope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
       fs.writeFileSync(toConfigPath, ``);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -244,7 +244,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@~myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
       fs.writeFileSync(toConfigPath, ``);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -256,7 +256,7 @@ describe('#update', () => {
       fromConfigPath = getConfigPath(`${this.test.title}-from`);
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -269,7 +269,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
       fs.writeFileSync(toConfigPath, `//us-west1-npm.pkg.dev/my-project/my-repo/:_authToken=oldToken`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -282,7 +282,7 @@ describe('#update', () => {
       toConfigPath = fromConfigPath;
       fs.writeFileSync(fromConfigPath, `registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
       @cba:registry=https://asia-npm.pkg.dev/my-project/my-other-repo/`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const got = fs.readFileSync(fromConfigPath, 'utf8');
       assert.equal(got, `registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
@@ -296,7 +296,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/`);
       fs.writeFileSync(toConfigPath, `//us-west1-npm.pkg.dev/my-project/my-repo/:_password=mypassword`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -310,7 +310,7 @@ describe('#update', () => {
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
 //us-west1-npm.pkg.dev/my-project/my-repo/:_authToken=oldToken`);
       fs.writeFileSync(toConfigPath, `//us-west1-npm.pkg.dev/my-project/my-repo/:_authToken=oldToken`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -323,7 +323,7 @@ describe('#update', () => {
       toConfigPath = getConfigPath(`${this.test.title}-to`)
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
 //us-west1-npm.pkg.dev/my-project/my-repo/:_password=mypassword`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -337,7 +337,7 @@ describe('#update', () => {
       fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
 //us-west1-npm.pkg.dev/my-project/my-repo/:_password="YWJjZA=="
 //us-west1-npm.pkg.dev/my-project/my-repo/:username=oauth2accesstoken`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -352,7 +352,7 @@ describe('#update', () => {
 @anotherscope:registry=https://us-west1-npm.pkg.dev/another-proj/another-repo/
 myregistry.myproperty=myvalue`);
       fs.writeFileSync(toConfigPath, `myregistry.myproperty=myvalue`);
-      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
 
       const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
       const gotTo = fs.readFileSync(toConfigPath, 'utf8');
@@ -364,6 +364,44 @@ myregistry.myproperty=myvalue`);
 //us-west1-npm.pkg.dev/another-proj/another-repo/:_authToken=abcd`);
     });
 
+    it('only allow AR domain', async function(){
+      fromConfigPath = getConfigPath(`${this.test.title}-from`);
+      toConfigPath = getConfigPath(`${this.test.title}-to`)
+      fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
+@anotherscope:registry=https://random-npm.com/another-proj/another-repo/
+myregistry.myproperty=myvalue`);
+      fs.writeFileSync(toConfigPath, `myregistry.myproperty=myvalue`);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, false);
+      
+      const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
+      const gotTo = fs.readFileSync(toConfigPath, 'utf8');
+      assert.equal(gotFrom, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
+@anotherscope:registry=https://random-npm.com/another-proj/another-repo/
+myregistry.myproperty=myvalue`);
+      assert.equal(gotTo, `myregistry.myproperty=myvalue
+//us-west1-npm.pkg.dev/my-project/my-repo/:_authToken=abcd`);
+    });
+
+    it('allow all domains', async function(){
+      fromConfigPath = getConfigPath(`${this.test.title}-from`);
+      toConfigPath = getConfigPath(`${this.test.title}-to`)
+      fs.writeFileSync(fromConfigPath, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
+@anotherscope:registry=https://random-npm.com/another-proj/another-repo/
+myregistry.myproperty=myvalue`);
+      fs.writeFileSync(toConfigPath, `myregistry.myproperty=myvalue`);
+      await update.updateConfigFiles(fromConfigPath, toConfigPath, creds, true);
+      
+      const gotFrom = fs.readFileSync(fromConfigPath, 'utf8');
+      const gotTo = fs.readFileSync(toConfigPath, 'utf8');
+      assert.equal(gotFrom, `@myscope:registry=https://us-west1-npm.pkg.dev/my-project/my-repo/
+@anotherscope:registry=https://random-npm.com/another-proj/another-repo/
+myregistry.myproperty=myvalue`);
+      assert.equal(gotTo, `myregistry.myproperty=myvalue
+//us-west1-npm.pkg.dev/my-project/my-repo/:_authToken=abcd
+//random-npm.com/another-proj/another-repo/:_authToken=abcd`);
+    });
+
+
     it('rejects if input does not exist', async function() {
       fromConfigPath = getConfigPath(`${this.test.title}-from`);
       toConfigPath = getConfigPath(`${this.test.title}-to`)