push.rocks/smartregistry
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(maven,tests): handle Maven Basic auth and accept deploy-plugin metadata/checksum uploads while stabilizing npm CLI test cleanup

Browse Source
This commit is contained in:
Jürgen Kunz
2026-03-27 17:37:24 +00:00
parent 26ddf1a59f
commit 2221eef722
5 changed files with 121 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
changelog.md
View File

@@ -1,5 +1,13 @@
# Changelog # Changelog
## 2026-03-27 - 2.8.2 - fix(maven,tests)
handle Maven Basic auth and accept deploy-plugin metadata/checksum uploads while stabilizing npm CLI test cleanup
- Validate Maven tokens from Basic auth credentials by extracting the password portion before token validation.
- Return successful responses for PUT requests to checksum and maven-metadata endpoints so Maven deploy uploads do not fail when files are auto-generated.
- Improve npm CLI integration test isolation and cleanup by using a temporary test directory, copying per-package .npmrc files, and cleaning stale published packages before test runs.
- Tighten test teardown by destroying the registry explicitly and simplifying package/install fixture generation.
## 2026-03-24 - 2.8.1 - fix(registry) ## 2026-03-24 - 2.8.1 - fix(registry)
align OCI and RubyGems API behavior and improve npm search result ordering align OCI and RubyGems API behavior and improve npm search result ordering

2
test/test.integration.smarts3.node.ts
View File

@@ -268,8 +268,8 @@ tap.test('Cargo: should store crate in smarts3', async () => {
* Cleanup: Stop smartstorage server * Cleanup: Stop smartstorage server
*/ */
tap.test('should stop smartstorage server', async () => { tap.test('should stop smartstorage server', async () => {
registry.destroy();
await s3Server.stop(); await s3Server.stop();
expect(true).toEqual(true);
}); });
export default tap.start(); export default tap.start();

175
test/test.npm.nativecli.node.ts
View File

@@ -6,14 +6,14 @@
import { expect, tap } from '@git.zone/tstest/tapbundle'; import { expect, tap } from '@git.zone/tstest/tapbundle';
import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside'; import { tapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
import { SmartRegistry } from '../ts/index.js'; import { SmartRegistry } from '../ts/index.js';
import { createTestRegistry, createTestTokens } from './helpers/registry.js'; import { createTestRegistry, createTestTokens, cleanupS3Bucket } from './helpers/registry.js';
import type { IRequestContext, IResponse } from '../ts/core/interfaces.core.js'; import type { IRequestContext, IResponse } from '../ts/core/interfaces.core.js';
import * as http from 'http'; import * as http from 'http';
import * as url from 'url'; import * as url from 'url';
import * as fs from 'fs'; import * as fs from 'fs';
import * as path from 'path'; import * as path from 'path';
// Test context // Test state
let registry: SmartRegistry; let registry: SmartRegistry;
let server: http.Server; let server: http.Server;
let registryUrl: string; let registryUrl: string;
@@ -32,21 +32,22 @@ async function createHttpServer(
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
const httpServer = http.createServer(async (req, res) => { const httpServer = http.createServer(async (req, res) => {
try { try {
// Parse request const parsedUrl = new url.URL(req.url || '/', `http://localhost:${port}`);
const parsedUrl = url.parse(req.url || '', true); const pathname = parsedUrl.pathname;
const pathname = parsedUrl.pathname || '/'; const query: Record<string, string> = {};
const query = parsedUrl.query; parsedUrl.searchParams.forEach((value, key) => {
query[key] = value;
});
// Read body // Read body
const chunks: Buffer[] = []; let body: any = undefined;
for await (const chunk of req) { if (req.method === 'PUT' || req.method === 'POST' || req.method === 'PATCH') {
chunks.push(chunk); const chunks: Buffer[] = [];
} for await (const chunk of req) {
const bodyBuffer = Buffer.concat(chunks); chunks.push(Buffer.from(chunk));
}
const bodyBuffer = Buffer.concat(chunks);
// Parse body based on content type
let body: any;
if (bodyBuffer.length > 0) {
const contentType = req.headers['content-type'] || ''; const contentType = req.headers['content-type'] || '';
if (contentType.includes('application/json')) { if (contentType.includes('application/json')) {
try { try {
@@ -124,7 +125,7 @@ function createTestPackage(
version: string, version: string,
targetDir: string targetDir: string
): string { ): string {
const packageDir = path.join(targetDir, packageName); const packageDir = path.join(targetDir, packageName.replace(/\//g, '-'));
fs.mkdirSync(packageDir, { recursive: true }); fs.mkdirSync(packageDir, { recursive: true });
// Create package.json // Create package.json
@@ -133,12 +134,7 @@ function createTestPackage(
version: version, version: version,
description: `Test package ${packageName}`, description: `Test package ${packageName}`,
main: 'index.js', main: 'index.js',
scripts: { scripts: {},
test: 'echo "Test passed"',
},
keywords: ['test'],
author: 'Test Author',
license: 'MIT',
}; };
fs.writeFileSync( fs.writeFileSync(
@@ -147,25 +143,24 @@ function createTestPackage(
'utf-8' 'utf-8'
); );
// Create index.js // Create a simple index.js
const indexJs = `module.exports = { fs.writeFileSync(
name: '${packageName}', path.join(packageDir, 'index.js'),
version: '${version}', `module.exports = { name: '${packageName}', version: '${version}' };\n`,
message: 'Hello from ${packageName}@${version}' 'utf-8'
}; );
`;
fs.writeFileSync(path.join(packageDir, 'index.js'), indexJs, 'utf-8');
// Create README.md // Create README.md
const readme = `# ${packageName} fs.writeFileSync(
path.join(packageDir, 'README.md'),
`# ${packageName}\n\nTest package version ${version}\n`,
'utf-8'
);
Test package for SmartRegistry. // Copy .npmrc into the package directory
if (npmrcPath && fs.existsSync(npmrcPath)) {
Version: ${version} fs.copyFileSync(npmrcPath, path.join(packageDir, '.npmrc'));
`; }
fs.writeFileSync(path.join(packageDir, 'README.md'), readme, 'utf-8');
return packageDir; return packageDir;
} }
@@ -177,31 +172,30 @@ async function runNpmCommand(
command: string, command: string,
cwd: string cwd: string
): Promise<{ stdout: string; stderr: string; exitCode: number }> { ): Promise<{ stdout: string; stderr: string; exitCode: number }> {
// Prepare environment variables const { exec } = await import('child_process');
const envVars = [
`NPM_CONFIG_USERCONFIG="${npmrcPath}"`,
`NPM_CONFIG_CACHE="${path.join(testDir, '.npm-cache')}"`,
`NPM_CONFIG_PREFIX="${path.join(testDir, '.npm-global')}"`,
`NPM_CONFIG_REGISTRY="${registryUrl}/npm/"`,
].join(' ');
// Build command with cd to correct directory and environment variables // Build isolated env that prevents npm from reading ~/.npmrc
const fullCommand = `cd "${cwd}" && ${envVars} ${command}`; const env: Record<string, string> = {};
// Copy only essential env vars (PATH, etc.) — exclude HOME to prevent ~/.npmrc reading
try { for (const key of ['PATH', 'NODE', 'NVM_DIR', 'NVM_BIN', 'LANG', 'TERM', 'SHELL']) {
const result = await tapNodeTools.runCommand(fullCommand); if (process.env[key]) env[key] = process.env[key]!;
return {
stdout: result.stdout || '',
stderr: result.stderr || '',
exitCode: result.exitCode || 0,
};
} catch (error: any) {
return {
stdout: error.stdout || '',
stderr: error.stderr || String(error),
exitCode: error.exitCode || 1,
};
} }
env.HOME = testDir;
env.NPM_CONFIG_USERCONFIG = npmrcPath;
env.NPM_CONFIG_GLOBALCONFIG = '/dev/null';
env.NPM_CONFIG_CACHE = path.join(testDir, '.npm-cache');
env.NPM_CONFIG_PREFIX = path.join(testDir, '.npm-global');
env.NPM_CONFIG_REGISTRY = `${registryUrl}/npm/`;
return new Promise((resolve) => {
exec(command, { cwd, env, timeout: 30000 }, (error, stdout, stderr) => {
resolve({
stdout: stdout || '',
stderr: stderr || '',
exitCode: error ? (error as any).code ?? 1 : 0,
});
});
});
} }
/** /**
@@ -226,6 +220,16 @@ tap.test('NPM CLI: should setup registry and HTTP server', async () => {
const tokens = await createTestTokens(registry); const tokens = await createTestTokens(registry);
npmToken = tokens.npmToken; npmToken = tokens.npmToken;
// Clean up stale npm CLI test data via unpublish API
for (const pkg of ['test-package-cli', '@testscope%2fscoped-package']) {
await registry.handleRequest({
method: 'DELETE',
path: `/npm/${pkg}/-rev/cleanup`,
headers: { Authorization: `Bearer ${npmToken}` },
query: {},
});
}
expect(registry).toBeInstanceOf(SmartRegistry); expect(registry).toBeInstanceOf(SmartRegistry);
expect(npmToken).toBeTypeOf('string'); expect(npmToken).toBeTypeOf('string');
const serverSetup = await createHttpServer(registry, registryPort); const serverSetup = await createHttpServer(registry, registryPort);
@@ -235,8 +239,8 @@ tap.test('NPM CLI: should setup registry and HTTP server', async () => {
expect(server).toBeDefined(); expect(server).toBeDefined();
expect(registryUrl).toEqual(`http://localhost:${registryPort}`); expect(registryUrl).toEqual(`http://localhost:${registryPort}`);
// Setup test directory // Setup test directory — use /tmp to isolate from project tree
testDir = path.join(process.cwd(), '.nogit', 'test-npm-cli'); testDir = path.join('/tmp', 'smartregistry-test-npm-cli');
cleanupTestDir(testDir); cleanupTestDir(testDir);
fs.mkdirSync(testDir, { recursive: true }); fs.mkdirSync(testDir, { recursive: true });
@@ -285,20 +289,16 @@ tap.test('NPM CLI: should install published package', async () => {
const installDir = path.join(testDir, 'install-test'); const installDir = path.join(testDir, 'install-test');
fs.mkdirSync(installDir, { recursive: true }); fs.mkdirSync(installDir, { recursive: true });
// Create package.json for installation // Create a minimal package.json for install target
const packageJson = {
name: 'install-test',
version: '1.0.0',
dependencies: {
[packageName]: '1.0.0',
},
};
fs.writeFileSync( fs.writeFileSync(
path.join(installDir, 'package.json'), path.join(installDir, 'package.json'),
JSON.stringify(packageJson, null, 2), JSON.stringify({ name: 'install-test', version: '1.0.0', dependencies: { [packageName]: '1.0.0' } }),
'utf-8' 'utf-8'
); );
// Copy .npmrc
if (npmrcPath && fs.existsSync(npmrcPath)) {
fs.copyFileSync(npmrcPath, path.join(installDir, '.npmrc'));
}
const result = await runNpmCommand('npm install', installDir); const result = await runNpmCommand('npm install', installDir);
console.log('npm install output:', result.stdout); console.log('npm install output:', result.stdout);
@@ -307,17 +307,8 @@ tap.test('NPM CLI: should install published package', async () => {
expect(result.exitCode).toEqual(0); expect(result.exitCode).toEqual(0);
// Verify package was installed // Verify package was installed
const nodeModulesPath = path.join(installDir, 'node_modules', packageName); const installed = fs.existsSync(path.join(installDir, 'node_modules', packageName, 'package.json'));
expect(fs.existsSync(nodeModulesPath)).toEqual(true); expect(installed).toEqual(true);
expect(fs.existsSync(path.join(nodeModulesPath, 'package.json'))).toEqual(true);
expect(fs.existsSync(path.join(nodeModulesPath, 'index.js'))).toEqual(true);
// Verify package contents
const installedPackageJson = JSON.parse(
fs.readFileSync(path.join(nodeModulesPath, 'package.json'), 'utf-8')
);
expect(installedPackageJson.name).toEqual(packageName);
expect(installedPackageJson.version).toEqual('1.0.0');
}); });
tap.test('NPM CLI: should publish second version', async () => { tap.test('NPM CLI: should publish second version', async () => {
@@ -369,17 +360,14 @@ tap.test('NPM CLI: should fail to publish without auth', async () => {
const version = '1.0.0'; const version = '1.0.0';
const packageDir = createTestPackage(packageName, version, testDir); const packageDir = createTestPackage(packageName, version, testDir);
// Temporarily remove .npmrc // Temporarily remove .npmrc (write one without auth)
const npmrcBackup = fs.readFileSync(npmrcPath, 'utf-8'); const noAuthNpmrc = path.join(packageDir, '.npmrc');
fs.writeFileSync(npmrcPath, 'registry=' + registryUrl + '/npm/\n', 'utf-8'); fs.writeFileSync(noAuthNpmrc, `registry=${registryUrl}/npm/\n`, 'utf-8');
const result = await runNpmCommand('npm publish', packageDir); const result = await runNpmCommand('npm publish', packageDir);
console.log('npm publish unauth output:', result.stdout); console.log('npm publish unauth output:', result.stdout);
console.log('npm publish unauth stderr:', result.stderr); console.log('npm publish unauth stderr:', result.stderr);
// Restore .npmrc
fs.writeFileSync(npmrcPath, npmrcBackup, 'utf-8');
// Should fail with auth error // Should fail with auth error
expect(result.exitCode).not.toEqual(0); expect(result.exitCode).not.toEqual(0);
}); });
@@ -393,14 +381,7 @@ tap.postTask('cleanup npm cli tests', async () => {
} }
// Cleanup test directory // Cleanup test directory
if (testDir) { cleanupTestDir(testDir);
cleanupTestDir(testDir);
}
// Destroy registry
if (registry) {
registry.destroy();
}
}); });
export default tap.start(); export default tap.start();

2
ts/00_commitinfo_data.ts
View File

@@ -3,6 +3,6 @@
*/ */
export const commitinfo = { export const commitinfo = {
name: '@push.rocks/smartregistry', name: '@push.rocks/smartregistry',
version: '2.8.1', version: '2.8.2',
description: 'A composable TypeScript library implementing OCI, NPM, Maven, Cargo, Composer, PyPI, and RubyGems registries for building unified container and package registries' description: 'A composable TypeScript library implementing OCI, NPM, Maven, Cargo, Composer, PyPI, and RubyGems registries for building unified container and package registries'
} }

38
ts/maven/classes.mavenregistry.ts
View File

@@ -110,9 +110,17 @@ export class MavenRegistry extends BaseRegistry {
let token: IAuthToken | null = null; let token: IAuthToken | null = null;
if (authHeader) { if (authHeader) {
const tokenString = authHeader.replace(/^(Bearer|Basic)\s+/i, ''); if (/^Basic\s+/i.test(authHeader)) {
// For now, try to validate as Maven token (reuse npm token type) // Maven sends Basic Auth: base64(username:password) — extract the password as token
token = await this.authManager.validateToken(tokenString, 'maven'); const base64 = authHeader.replace(/^Basic\s+/i, '');
const decoded = Buffer.from(base64, 'base64').toString('utf-8');
const colonIndex = decoded.indexOf(':');
const password = colonIndex >= 0 ? decoded.substring(colonIndex + 1) : decoded;
token = await this.authManager.validateToken(password, 'maven');
} else {
const tokenString = authHeader.replace(/^Bearer\s+/i, '');
token = await this.authManager.validateToken(tokenString, 'maven');
}
} }
// Build actor from context and validated token // Build actor from context and validated token
@@ -240,9 +248,19 @@ export class MavenRegistry extends BaseRegistry {
return this.getChecksum(groupId, artifactId, version, coordinate, path); return this.getChecksum(groupId, artifactId, version, coordinate, path);
} }
// Accept PUT silently — Maven deploy-plugin uploads checksums alongside artifacts,
// but our registry auto-generates them, so we just acknowledge the upload
if (method === 'PUT') {
return {
status: 200,
headers: {},
body: { status: 'ok' },
};
}
return { return {
status: 405, status: 405,
headers: { 'Allow': 'GET, HEAD' }, headers: { 'Allow': 'GET, HEAD, PUT' },
body: { error: 'METHOD_NOT_ALLOWED', message: 'Checksums are auto-generated' }, body: { error: 'METHOD_NOT_ALLOWED', message: 'Checksums are auto-generated' },
}; };
} }
@@ -275,9 +293,19 @@ export class MavenRegistry extends BaseRegistry {
return this.getMetadata(groupId, artifactId, actor); return this.getMetadata(groupId, artifactId, actor);
} }
// Accept PUT silently — Maven deploy-plugin uploads maven-metadata.xml,
// but our registry auto-generates it, so we just acknowledge the upload
if (method === 'PUT') {
return {
status: 200,
headers: {},
body: { status: 'ok' },
};
}
return { return {
status: 405, status: 405,
headers: { 'Allow': 'GET' }, headers: { 'Allow': 'GET, PUT' },
body: { error: 'METHOD_NOT_ALLOWED', message: 'Metadata is auto-generated' }, body: { error: 'METHOD_NOT_ALLOWED', message: 'Metadata is auto-generated' },
}; };
} }