ryansonshine / semantic-release-codeartifact Goto Github PK

Current Behavior

yarn add --dev semantic-release-codeartifact

semantic-release-codeartifact@npm:2.0.3 doesn't provide @aws-sdk/node-http-handler (p163cd), requested by aws-sdk-v3-proxy
➤ YN0002: │ semantic-release-codeartifact@npm:2.0.3 doesn't provide @aws-sdk/protocol-http (pe111e), requested by aws-sdk-v3-proxy
➤ YN0000: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements for details, where is the six-letter p-prefixed code

Expected Behavior

the package should be installed

Steps to Reproduce the Problem

1. install yarn 2 or more (https://yarnpkg.com/getting-started/install)
2. try install semantic-release-codeartifact (yarn add --dev semantic-release-codeartifact)

Environment

• Version:2.0.3
• Platform: Mac/Linux
• Node.js Version: lts (v16.13.2)

Fix

• npm install --save @aws-sdk/node-http-handler
• npm install --save @aws-sdk/protocol-http

Current Behavior

If you have a .npmrc url with an environment variable (in our case the account id) the release will fail when trying to verify the config

[2:02:22 PM] [semantic-release] › ✖  ENPMRCCONFIGMISMATCH Mismatch on CodeArtifact repository and npmrc registry
The registry set in the .npmrc of your project root does not match the CodeArtifact endpoint.

The .npmrc registry is 'https://my-private-${AWS_ACCOUNT_ID}.d.codeartifact.us-east-1.amazonaws.com/npm/my-private/.'
The CodeArtifact endpoint is 'https://my-private-***.d.codeartifact.us-east-1.amazonaws.com/npm/my-private/'.

AggregateError: 
    SemanticReleaseError: Mismatch on CodeArtifact repository and npmrc registry
        at Object.getError (/home/runner/work/design-system/design-system/node_modules/semantic-release-codeartifact/lib/src/get-error.js:11:12)
        at /home/runner/work/design-system/design-system/node_modules/semantic-release-codeartifact/lib/src/verify-npm.js:52:41
        at Generator.next (<anonymous>)
        at fulfilled (/home/runner/work/design-system/design-system/node_modules/semantic-release-codeartifact/lib/src/verify-npm.js:5:58)
    at /home/runner/work/design-system/design-system/node_modules/semantic-release/lib/plugins/pipeline.js:54:11
    at async Object.pluginsConf.<computed> [as verifyConditions] (/home/runner/work/design-system/design-system/node_modules/semantic-release/lib/plugins/index.js:80:11)
    at async run (/home/runner/work/design-system/design-system/node_modules/semantic-release/index.js:103:3)
    at async module.exports (/home/runner/work/design-system/design-system/node_modules/semantic-release/index.js:268:22)
    at async module.exports (/home/runner/work/design-system/design-system/node_modules/semantic-release/cli.js:[55](https://github.com/morpheus-med/design-system/runs/6371374317?check_suite_focus=true#step:9:55):5)

Expected Behavior

Should not fail here

Steps to Reproduce the Problem

1. Edit the .npmrc fixture to contain an environment variable in the unittests

    jared@SleepyGary:~/projects/semantic-release-codeartifact$ git diff
    diff --git a/test/fixtures/files/.npmrc b/test/fixtures/files/.npmrc
    index a95360a..57d7c96 100644
    --- a/test/fixtures/files/.npmrc
    +++ b/test/fixtures/files/.npmrc
    @@ -1,2 +1,2 @@
    -registry=https://my-domain-000000000.d.codeartifact.us-east-1.amazonaws.com/npm/my-repo/
    -//my-domain-000000000.d.codeartifact.us-east-1.amazonaws.com/npm/my-repo/:always-auth=true
    +registry=https://my-domain-${AWS_ACCOUNT_ID}.d.codeartifact.us-east-1.amazonaws.com/npm/my-repo/
    +//my-domain-${AWS_ACCOUNT_ID}.d.codeartifact.us-east-1.amazonaws.com/npm/my-repo/:always-auth=true
   

2. run AWS_ACCOUNT_ID=000000000 npm test

It's obviously because this is more or less a straight string equality check and I'm not sure what the proper fix should be.

Environment

• Version: 0.0.0-development
• Platform: Linux
• Node.js Version: v16.14.2

AWS SDK should utilize HTTP_PROXY if present on process.env

Feature Request

Is your feature request related to a problem? Please describe.

Our code artifact is only configured for certain prefixes. (ie: @foo/package). AWS Codeartifact calls them namespaces.

When running the aws configuration command from the cli, it does handle this with the --namespace option.

Describe the solution you'd like
Add another option called namespace (to match the codeartifact name), which will setup the .npmrc with the correct prefix. The entry in the .npmrc will just need to be prefixed with the namespace. @namespace:.

Describe alternatives you've considered
Just not using the plugin and manually running the aws codeartifact manually in the pipeline.

Are you willing to resolve this issue by submitting a Pull Request?

Sure, I'll throw something together.

Feature Request

Is your feature request related to a problem? Please describe.
Currently, this plugin requires AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY from the IAM user that we have to create and give this user access to Codeartifact but in my company, they use aws Codeartifact login command to authenticate by session only,

Describe the solution you'd like
can we have a flag withSession for example to choose which way I need to authenticate in this case, if this flag is false then AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY will be mandatory if the flag is true then the authentication will be by login session

• Yes, I have the time, and I know how to start.
• Yes, I have the time, but I don't know how to start. I would need guidance.
• No, I don't have the time, although I believe I could do it if I had the time...
• No, I don't have the time and I wouldn't even know how to start.

These should have been done beforehand, but alas, here we are.

When using a specific tool (ie: npm) we currently check if the @semantic-release/npm plugin is included in the configuration. If it's not; we throw an error and abort.

If users would like to use a plugin of their own for handling the related tool, we should give them an option to skip the plugin checks.