actions
/
setup-dotnet
mirror of https://github.com/actions/setup-dotnet.git
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #336 from e-korolevskii/refactor-nuget-cfg-parse 

Refactor nuget cfg parse
This commit is contained in:
Marko Zivic 2022-10-24 09:42:37 +02:00 committed by GitHub
parent 4d4a70f4a5 b827fcce4d
commit 501b34e8f6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 3390 additions and 8049 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
.licenses/npm/fast-xml-parser.dep.yml generated
View File

@ -1,27 +1,11 @@
---
name: fast-xml-parser
version: 3.17.4
version: 4.0.10
type: npm
summary: Validate XML or Parse XML to JS/JSON very fast without C/C++ based libraries
summary: Validate XML, Parse XML to JS Object, or Build XML from JS Object without C/C++ based libraries and no callback.
homepage: https://github.com/NaturalIntelligence/fast-xml-parser#readme
license: mit
licenses:
- sources: LICENSE
text: "MIT License\n\nCopyright (c) 2017 Amit Kumar Gupta\n\nPermission is hereby
granted, free of charge, to any person obtaining a copy\nof this software and
associated documentation files (the \"Software\"), to deal\nin the Software without
restriction, including without limitation the rights\nto use, copy, modify, merge,
publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit
persons to whom the Software is\nfurnished to do so, subject to the following
conditions:\n\nIf you use this library in a public repository then you give us
the right to mention your company name and logo in user's list without further
permission required, but you can request them to be taken down within 30 days.
\n\nThe above copyright notice and this permission notice shall be included in
all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED
\"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT
LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE
AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE
FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR
THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n"
text: "MIT License\n\nCopyright (c) 2017 Amit Kumar Gupta\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE."
notices: []

11
.licenses/npm/strnum.dep.yml generated Normal file
View File

@ -0,0 +1,11 @@
---
name: strnum
version: 1.0.5
type: npm
summary: Parse string into Number based on configuration
homepage: https://github.com/NaturalIntelligence/strnum
license: mit
licenses:
- sources: LICENSE
text: "MIT License\n\nCopyright (c) 2021 Natural Intelligence\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE."
notices: []

24
.licenses/npm/xmlbuilder.dep.yml generated
View File

@ -1,24 +0,0 @@
---
name: xmlbuilder
version: 13.0.2
type: npm
summary: An XML builder for node.js
homepage: http://github.com/oozcitak/xmlbuilder-js
license: mit
licenses:
- sources: LICENSE
text: "The MIT License (MIT)\r\n\r\nCopyright (c) 2013 Ozgur Ozcitak\r\n\r\nPermission
is hereby granted, free of charge, to any person obtaining a copy\r\nof this software
and associated documentation files (the \"Software\"), to deal\r\nin the Software
without restriction, including without limitation the rights\r\nto use, copy,
modify, merge, publish, distribute, sublicense, and/or sell\r\ncopies of the Software,
and to permit persons to whom the Software is\r\nfurnished to do so, subject to
the following conditions:\r\n\r\nThe above copyright notice and this permission
notice shall be included in\r\nall copies or substantial portions of the Software.\r\n\r\nTHE
SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\r\nIMPLIED,
INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\r\nFITNESS FOR
A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\r\nAUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\r\nLIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\r\nOUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\r\nTHE SOFTWARE.\r\n"
notices: []

11168
dist/index.js vendored
View File

File diff suppressed because it is too large Load Diff

49
package-lock.json generated
View File

@ -14,9 +14,8 @@
"@actions/github": "^1.1.0",
"@actions/http-client": "^2.0.1",
"@actions/io": "^1.0.2",
"fast-xml-parser": "^3.15.1",
"semver": "^6.3.0",
"xmlbuilder": "^13.0.2"
"fast-xml-parser": "^4.0.10",
"semver": "^6.3.0"
},
"devDependencies": {
"@types/jest": "^27.0.2",
@ -1992,12 +1991,14 @@
"dev": true
},
"node_modules/fast-xml-parser": {
"version": "3.17.4",
"resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.4.tgz",
"integrity": "sha512-qudnQuyYBgnvzf5Lj/yxMcf4L9NcVWihXJg7CiU1L+oUCq8MUnFEfH2/nXR/W5uq+yvUN1h7z6s7vs2v1WkL1A==",
"hasInstallScript": true,
"version": "4.0.10",
"resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.0.10.tgz",
"integrity": "sha512-mYMMIk7Ho1QOiedyvafdyPamn1Vlda+5n95lcn0g79UiCQoLQ2xfPQ8m3pcxBMpVaftYXtoIE2wrNTjmLQnnkg==",
"dependencies": {
"strnum": "^1.0.5"
},
"bin": {
"xml2js": "cli.js"
"fxparser": "src/cli/cli.js"
},
"funding": {
"type": "paypal",
@ -4207,6 +4208,11 @@
"node": ">=6"
}
},
"node_modules/strnum": {
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz",
"integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA=="
},
"node_modules/supports-color": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz",
@ -4669,14 +4675,6 @@
"integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==",
"dev": true
},
"node_modules/xmlbuilder": {
"version": "13.0.2",
"resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-13.0.2.tgz",
"integrity": "sha512-Eux0i2QdDYKbdbA6AM6xE4m6ZTZr4G4xF9kahI2ukSEMCzwce2eX9WlTI5J3s+NU7hpasFsr8hWIONae7LluAQ==",
"engines": {
"node": ">=6.0"
}
},
"node_modules/xmlchars": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz",
@ -6296,9 +6294,12 @@
"dev": true
},
"fast-xml-parser": {
"version": "3.17.4",
"resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.17.4.tgz",
"integrity": "sha512-qudnQuyYBgnvzf5Lj/yxMcf4L9NcVWihXJg7CiU1L+oUCq8MUnFEfH2/nXR/W5uq+yvUN1h7z6s7vs2v1WkL1A=="
"version": "4.0.10",
"resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.0.10.tgz",
"integrity": "sha512-mYMMIk7Ho1QOiedyvafdyPamn1Vlda+5n95lcn0g79UiCQoLQ2xfPQ8m3pcxBMpVaftYXtoIE2wrNTjmLQnnkg==",
"requires": {
"strnum": "^1.0.5"
}
},
"fb-watchman": {
"version": "2.0.1",
@ -7970,6 +7971,11 @@
"integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==",
"dev": true
},
"strnum": {
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.5.tgz",
"integrity": "sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA=="
},
"supports-color": {
"version": "7.1.0",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz",
@ -8301,11 +8307,6 @@
"integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==",
"dev": true
},
"xmlbuilder": {
"version": "13.0.2",
"resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-13.0.2.tgz",
"integrity": "sha512-Eux0i2QdDYKbdbA6AM6xE4m6ZTZr4G4xF9kahI2ukSEMCzwce2eX9WlTI5J3s+NU7hpasFsr8hWIONae7LluAQ=="
},
"xmlchars": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz",

5
package.json
View File

@ -29,9 +29,8 @@
"@actions/github": "^1.1.0",
"@actions/http-client": "^2.0.1",
"@actions/io": "^1.0.2",
"fast-xml-parser": "^3.15.1",
"semver": "^6.3.0",
"xmlbuilder": "^13.0.2"
"fast-xml-parser": "^4.0.10",
"semver": "^6.3.0"
},
"devDependencies": {
"@types/jest": "^27.0.2",

160
src/authutil.ts
View File

@ -2,8 +2,7 @@ import * as fs from 'fs';
import * as path from 'path';
import * as core from '@actions/core';
import * as github from '@actions/github';
import * as xmlbuilder from 'xmlbuilder';
import * as xmlParser from 'fast-xml-parser';
import {XMLParser, XMLBuilder} from 'fast-xml-parser';
export function configAuthentication(
feedUrl: string,
@ -49,7 +48,6 @@ function writeFeedToFile(
core.info(
`dotnet-auth: Finding any source references in ${existingFileLocation}, writing a new temporary configuration file with credentials to ${tempFileLocation}`
);
let xml: xmlbuilder.XMLElement;
let sourceKeys: string[] = [];
let owner: string = core.getInput('owner');
let sourceUrl: string = feedUrl;
@ -66,64 +64,90 @@ function writeFeedToFile(
if (fs.existsSync(existingFileLocation)) {
// get key from existing NuGet.config so NuGet/dotnet can match credentials
const curContents: string = fs.readFileSync(existingFileLocation, 'utf8');
const json = xmlParser.parse(curContents, {ignoreAttributes: false});
const parserOptions = {
ignoreAttributes: false
};
const parser = new XMLParser(parserOptions);
const json = parser.parse(curContents);
if (typeof json.configuration === 'undefined') {
throw new Error(`The provided NuGet.config seems invalid.`);
}
if (typeof json.configuration.packageSources != 'undefined') {
if (typeof json.configuration.packageSources.add != 'undefined') {
// file has at least one <add>
if (typeof json.configuration.packageSources.add[0] === 'undefined') {
// file has only one <add>
if (
json.configuration.packageSources.add['@_value']
.toLowerCase()
.includes(feedUrl.toLowerCase())
) {
const key = json.configuration.packageSources.add['@_key'];
if (json.configuration?.packageSources?.add) {
const packageSources = json.configuration.packageSources.add;
if (Array.isArray(packageSources)) {
packageSources.forEach(source => {
const value = source['@_value'];
core.debug(`source '${value}'`);
if (value.toLowerCase().includes(feedUrl.toLowerCase())) {
const key = source['@_key'];
sourceKeys.push(key);
core.debug(`Found a URL with key ${key}`);
}
} else {
// file has 2+ <add>
for (
let i = 0;
i < json.configuration.packageSources.add.length;
i++
) {
const source = json.configuration.packageSources.add[i];
const value = source['@_value'];
core.debug(`source '${value}'`);
if (value.toLowerCase().includes(feedUrl.toLowerCase())) {
const key = source['@_key'];
sourceKeys.push(key);
core.debug(`Found a URL with key ${key}`);
}
}
});
} else {
if (
packageSources['@_value']
.toLowerCase()
.includes(feedUrl.toLowerCase())
) {
const key = packageSources['@_key'];
sourceKeys.push(key);
core.debug(`Found a URL with key ${key}`);
}
}
}
}
xml = xmlbuilder
.create('configuration')
.ele('config')
.ele('add', {key: 'defaultPushSource', value: sourceUrl})
.up()
.up();
const xmlSource: any[] = [
{
'?xml': [
{
'#text': ''
}
],
':@': {
'@_version': '1.0'
}
},
{
configuration: [
{
config: [
{
add: [],
':@': {
'@_key': 'defaultPushSource',
'@_value': sourceUrl
}
}
]
}
]
}
];
if (!sourceKeys.length) {
let keystring = 'Source';
xml = xml
.ele('packageSources')
.ele('add', {key: keystring, value: sourceUrl})
.up()
.up();
xmlSource[1].configuration.push({
packageSources: [
{
add: [],
':@': {
'@_key': keystring,
'@_value': sourceUrl
}
}
]
});
sourceKeys.push(keystring);
}
xml = xml.ele('packageSourceCredentials');
const packageSourceCredentials: any[] = [];
sourceKeys.forEach(key => {
if (!isValidKey(key)) {
throw new Error(
@ -131,24 +155,42 @@ function writeFeedToFile(
);
}
xml = xml
.ele(key)
.ele('add', {key: 'Username', value: owner})
.up()
.ele('add', {
key: 'ClearTextPassword',
value: process.env.NUGET_AUTH_TOKEN
})
.up()
.up();
packageSourceCredentials.push({
[key]: [
{
add: [],
':@': {
'@_key': 'Username',
'@_value': owner
}
},
{
add: [],
':@': {
'@_key': 'ClearTextPassword',
'@_value': process.env.NUGET_AUTH_TOKEN
}
}
]
});
});
// If NuGet fixes itself such that on Linux it can look for environment variables in the config file (it doesn't seem to work today),
// use this for the value above
// process.platform == 'win32'
// ? '%NUGET_AUTH_TOKEN%'
// : '$NUGET_AUTH_TOKEN'
xmlSource[1].configuration.push({
packageSourceCredentials
});
const xmlBuilderOptions = {
format: true,
ignoreAttributes: false,
preserveOrder: true,
allowBooleanAttributes: true,
suppressBooleanAttributes: true,
suppressEmptyNode: true
};
const builder = new XMLBuilder(xmlBuilderOptions);
const output = builder.build(xmlSource).trim();
const output = xml.end({pretty: true});
fs.writeFileSync(tempFileLocation, output);
}