Commit 870de1da authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

feat: support multiple auth methods 

Scoped registries now support both auth token and basic auth (base 64)
WARN: auth token should now be set as NODE_REGISTRY_<SCOPE>_AUTH_TOKEN
instead of NODE_REGISTRY_<SCOPE>_AUTH,
but backwards compatibility is maintained
parent 03819192

README.md

+6 −1
Original line number Diff line number Diff line
@@ -45,7 +45,12 @@ Therefore, GitLab's project-level npm packages registry can freely be used both 
You may configure additional [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) with the `$NODE_CONFIG_SCOPED_REGISTRIES` variable.

The value is expected as a (whitespace-separated) list of `@registry-scope:registry-url`.



The Node.js template also supports authentication tokens for each, simply by defining `NODE_REGISTRY_<SCOPE>_AUTH` (as project or group secret variables).

The Node.js template also supports authentication for each, simply by defining the appropriate variable (as project or group secret variables) 

depending on the desired authentication method:



* `NODE_REGISTRY_<SCOPE>_AUTH_TOKEN`: authentication token

* `NODE_REGISTRY_<SCOPE>_AUTH_BASIC`: base64 authentication string (`base64(username + ':' +  password)`)





:warning: The `<SCOPE>` part is the `registry-scope` transformed in [SCREAMING_SNAKE_CASE](https://en.wikipedia.org/wiki/Snake_case) (uppercase words separated by underscores).

templates/gitlab-ci-node.yml

+13 −4
Original line number Diff line number Diff line
@@ -312,12 +312,21 @@ stages: 
        # /!\ always use npm config, as yarn uses it...

        npm config set "${reg_scope}:registry" "${reg_url}"

        reg_scope_ssc=$(echo "$reg_scope" | tr '[:lower:]' '[:upper:]' | tr -d '@' | tr '[:punct:]' '_')

        reg_auth=$(eval echo "\$NODE_REGISTRY_${reg_scope_ssc}_AUTH")

        if [[ "${reg_auth}" ]]

        then

        reg_auth_token=$(eval echo "\$NODE_REGISTRY_${reg_scope_ssc}_AUTH_TOKEN")

        reg_auth_token_legacy=$(eval echo "\$NODE_REGISTRY_${reg_scope_ssc}_AUTH")

        reg_auth_basic=$(eval echo "\$NODE_REGISTRY_${reg_scope_ssc}_AUTH_BASIC")

        reg_url_no_proto=${reg_url#*:}

        if [[ "${reg_auth_token:-$reg_auth_token_legacy}" ]]

        then

          log_info "  ... set auth token for scope \\e[33;1m${reg_scope}\\e[0m registry"

          npm config set "${reg_url_no_proto%/}/:_authToken" "${reg_auth}"

          if [[ -z "$reg_auth_token" ]]; then

            log_warn "  ... auth token should be configured with \\e[33;1m\$NODE_REGISTRY_${reg_scope_ssc}_AUTH_TOKEN\\e[0m instead of \$NODE_REGISTRY_${reg_scope_ssc}_AUTH"

          fi

          npm config set "${reg_url_no_proto%/}/:_authToken" "${reg_auth_token:-$reg_auth_token_legacy}"

        elif [[ "${reg_auth_basic}" ]]

        then

          log_info "  ... set basic auth for scope \\e[33;1m${reg_scope}\\e[0m registry"

          npm config set "${reg_url_no_proto%/}/:_auth" "${reg_auth_basic}"

        fi

      done

    fi