diff --git a/lib/start-proxy-action.js b/lib/start-proxy-action.js index 6a2030ea9d..deb61dc07c 100644 --- a/lib/start-proxy-action.js +++ b/lib/start-proxy-action.js @@ -39,8 +39,8 @@ const core = __importStar(require("@actions/core")); const toolcache = __importStar(require("@actions/tool-cache")); const node_forge_1 = require("node-forge"); const actionsUtil = __importStar(require("./actions-util")); -const languages_1 = require("./languages"); const logging_1 = require("./logging"); +const start_proxy_1 = require("./start-proxy"); const util = __importStar(require("./util")); const UPDATEJOB_PROXY = "update-job-proxy"; const UPDATEJOB_PROXY_VERSION = "v2.0.20241023203727"; @@ -48,19 +48,6 @@ const UPDATEJOB_PROXY_URL_PREFIX = "https://github.com/github/codeql-action/rele const PROXY_USER = "proxy_user"; const KEY_SIZE = 2048; const KEY_EXPIRY_YEARS = 2; -const LANGUAGE_TO_REGISTRY_TYPE = { - java: "maven_repository", - csharp: "nuget_feed", - javascript: "npm_registry", - python: "python_index", - ruby: "rubygems_server", - rust: "cargo_registry", - // We do not have an established proxy type for these languages, thus leaving empty. - actions: "", - cpp: "", - go: "", - swift: "", -}; const CERT_SUBJECT = [ { name: "commonName", @@ -112,7 +99,7 @@ async function runWrapper() { const proxyLogFilePath = path.resolve(tempDir, "proxy.log"); core.saveState("proxy-log-file", proxyLogFilePath); // Get the configuration options - const credentials = getCredentials(logger); + const credentials = (0, start_proxy_1.getCredentials)(logger, actionsUtil.getOptionalInput("registry_secrets"), actionsUtil.getOptionalInput("registries_credentials"), actionsUtil.getOptionalInput("language")); logger.info(`Credentials loaded for the following registries:\n ${credentials .map((c) => credentialToStr(c)) .join("\n")}`); @@ -178,53 +165,6 @@ async function startProxy(binPath, config, logFilePath, logger) { core.setFailed(`start-proxy action failed: ${util.getErrorMessage(error)}`); } } -// getCredentials returns registry credentials from action inputs. -// It prefers `registries_credentials` over `registry_secrets`. -// If neither is set, it returns an empty array. -function getCredentials(logger) { - const registriesCredentials = actionsUtil.getOptionalInput("registries_credentials"); - const registrySecrets = actionsUtil.getOptionalInput("registry_secrets"); - const languageString = actionsUtil.getOptionalInput("language"); - const language = languageString ? (0, languages_1.parseLanguage)(languageString) : undefined; - const registryTypeForLanguage = language - ? LANGUAGE_TO_REGISTRY_TYPE[language] - : undefined; - let credentialsStr; - if (registriesCredentials !== undefined) { - logger.info(`Using registries_credentials input.`); - credentialsStr = Buffer.from(registriesCredentials, "base64").toString(); - } - else if (registrySecrets !== undefined) { - logger.info(`Using registry_secrets input.`); - credentialsStr = registrySecrets; - } - else { - logger.info(`No credentials defined.`); - return []; - } - // Parse and validate the credentials - const parsed = JSON.parse(credentialsStr); - const out = []; - for (const e of parsed) { - if (e.url === undefined && e.host === undefined) { - throw new Error("Invalid credentials - must specify host or url"); - } - // Filter credentials based on language if specified. `type` is the registry type. - // E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#. - if (e.type !== registryTypeForLanguage) { - continue; - } - out.push({ - type: e.type, - host: e.host, - url: e.url, - username: e.username, - password: e.password, - token: e.token, - }); - } - return out; -} // getProxyAuth returns the authentication information for the proxy itself. function getProxyAuth() { const proxy_password = actionsUtil.getOptionalInput("proxy_password"); diff --git a/lib/start-proxy-action.js.map b/lib/start-proxy-action.js.map index 5e4bbc8f79..c58df44d37 100644 --- a/lib/start-proxy-action.js.map +++ b/lib/start-proxy-action.js.map @@ -1 +1 @@ -{"version":3,"file":"start-proxy-action.js","sourceRoot":"","sources":["../src/start-proxy-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAoD;AACpD,2CAA6B;AAE7B,oDAAsC;AACtC,+DAAiD;AACjD,2CAAiC;AAEjC,4DAA8C;AAC9C,2CAAsD;AACtD,uCAAqD;AACrD,6CAA+B;AAE/B,MAAM,eAAe,GAAG,kBAAkB,CAAC;AAC3C,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AACtD,MAAM,0BAA0B,GAC9B,kFAAkF,CAAC;AACrF,MAAM,UAAU,GAAG,YAAY,CAAC;AAChC,MAAM,QAAQ,GAAG,IAAI,CAAC;AACtB,MAAM,gBAAgB,GAAG,CAAC,CAAC;AAE3B,MAAM,yBAAyB,GAA6B;IAC1D,IAAI,EAAE,kBAAkB;IACxB,MAAM,EAAE,YAAY;IACpB,UAAU,EAAE,cAAc;IAC1B,MAAM,EAAE,cAAc;IACtB,IAAI,EAAE,iBAAiB;IACvB,IAAI,EAAE,gBAAgB;IACtB,oFAAoF;IACpF,OAAO,EAAE,EAAE;IACX,GAAG,EAAE,EAAE;IACP,EAAE,EAAE,EAAE;IACN,KAAK,EAAE,EAAE;CACD,CAAC;AA2BX,MAAM,YAAY,GAAG;IACnB;QACE,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE,wBAAwB;KAChC;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,KAAK,EAAE,aAAa;KACrB;IACD;QACE,SAAS,EAAE,IAAI;QACf,KAAK,EAAE,YAAY;KACpB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,KAAK,EAAE,IAAI;KACZ;IACD;QACE,SAAS,EAAE,IAAI;QACf,KAAK,EAAE,YAAY;KACpB;IACD;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,eAAe;KACvB;CACF,CAAC;AAEF,SAAS,4BAA4B;IACnC,MAAM,IAAI,GAAG,gBAAG,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,gBAAG,CAAC,iBAAiB,EAAE,CAAC;IACrC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IAChC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;IACzB,IAAI,CAAC,QAAQ,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IACrC,IAAI,CAAC,QAAQ,CAAC,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC;IACpC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAChC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,gBAAgB,CACzD,CAAC;IAEF,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAC9B,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IAC7B,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7D,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAE3B,MAAM,GAAG,GAAG,gBAAG,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,gBAAG,CAAC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAC5B,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,6CAA6C;IAC7C,WAAW,CAAC,aAAa,EAAE,CAAC;IAE5B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,8BAA8B;IAC9B,MAAM,OAAO,GAAG,WAAW,CAAC,qBAAqB,EAAE,CAAC;IACpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAC5D,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;IAEnD,gCAAgC;IAChC,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,CAAC,IAAI,CACT,sDAAsD,WAAW;SAC9D,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;SAC9B,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;IAEF,MAAM,EAAE,GAAG,4BAA4B,EAAE,CAAC;IAC1C,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IAEjC,MAAM,WAAW,GAAgB;QAC/B,eAAe,EAAE,WAAW;QAC5B,EAAE;QACF,UAAU,EAAE,SAAS;KACtB,CAAC;IAEF,kBAAkB;IAClB,MAAM,QAAQ,GAAG,MAAM,kBAAkB,EAAE,CAAC;IAC5C,MAAM,UAAU,CAAC,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,CAAC,CAAC;AACpE,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,OAAe,EACf,MAAmB,EACnB,WAAmB,EACnB,MAAc;IAEd,MAAM,IAAI,GAAG,WAAW,CAAC;IACzB,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,CAAC;QACH,IAAI,UAAU,GAA6B,SAAS,CAAC;QACrD,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,eAAe,GAAsB,SAAS,CAAC;QACnD,OAAO,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,eAAe,EAAE,CAAC;YACtD,UAAU,GAAG,IAAA,qBAAK,EAChB,OAAO,EACP,CAAC,OAAO,EAAE,GAAG,IAAI,IAAI,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,CAAC,EACrE;gBACE,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;aACpC,CACF,CAAC;YACF,UAAU,CAAC,KAAK,EAAE,CAAC;YACnB,IAAI,UAAU,CAAC,GAAG,EAAE,CAAC;gBACnB,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3D,CAAC;YACD,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBAC/B,eAAe,GAAG,KAAK,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC7B,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,6FAA6F;oBAC7F,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC;oBAC3D,UAAU,GAAG,SAAS,CAAC;gBACzB,CAAC;YACH,CAAC,CAAC,CAAC;YACH,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAChD,UAAU,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC;YACxB,4CAA4C;YAC5C,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACzB,CAAC;QACD,IAAI,eAAe,EAAE,CAAC;YACpB,+DAA+D;YAC/D,MAAM,eAAe,CAAC;QACxB,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QACnC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC9C,IAAI,CAAC,SAAS,CAAC,sBAAsB,EAAE,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAEvD,MAAM,aAAa,GAAG,MAAM,CAAC,eAAe;aACzC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,KAAK,SAAS,CAAC;aACpD,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;YACpB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,GAAG,EAAE,UAAU,CAAC,GAAG;SACpB,CAAC,CAAC,CAAC;QACN,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IAC9D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,SAAS,CAAC,8BAA8B,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC9E,CAAC;AACH,CAAC;AAED,kEAAkE;AAClE,+DAA+D;AAC/D,gDAAgD;AAChD,SAAS,cAAc,CAAC,MAAc;IACpC,MAAM,qBAAqB,GAAG,WAAW,CAAC,gBAAgB,CACxD,wBAAwB,CACzB,CAAC;IACF,MAAM,eAAe,GAAG,WAAW,CAAC,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;IACzE,MAAM,cAAc,GAAG,WAAW,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAChE,MAAM,QAAQ,GAAG,cAAc,CAAC,CAAC,CAAC,IAAA,yBAAa,EAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5E,MAAM,uBAAuB,GAAG,QAAQ;QACtC,CAAC,CAAC,yBAAyB,CAAC,QAAQ,CAAC;QACrC,CAAC,CAAC,SAAS,CAAC;IAEd,IAAI,cAAsB,CAAC;IAC3B,IAAI,qBAAqB,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;QACnD,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC3E,CAAC;SAAM,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC7C,cAAc,GAAG,eAAe,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,qCAAqC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAiB,CAAC;IAC1D,MAAM,GAAG,GAAiB,EAAE,CAAC;IAC7B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpE,CAAC;QAED,kFAAkF;QAClF,iEAAiE;QACjE,IAAI,CAAC,CAAC,IAAI,KAAK,uBAAuB,EAAE,CAAC;YACvC,SAAS;QACX,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,4EAA4E;AAC5E,SAAS,YAAY;IACnB,MAAM,cAAc,GAAG,WAAW,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;IACtE,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,cAAc;SACzB,CAAC;IACJ,CAAC;IACD,OAAO;AACT,CAAC;AAED,KAAK,UAAU,kBAAkB;IAC/B,MAAM,aAAa,GACjB,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,eAAe,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC;IAC5E,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,OAAO;QAC1B,CAAC,CAAC,OAAO;QACT,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAC7B,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,SAAS,CAAC;IAClB,MAAM,YAAY,GAAG,GAAG,eAAe,IAAI,QAAQ,SAAS,CAAC;IAC7D,MAAM,QAAQ,GAAG,GAAG,0BAA0B,GAAG,YAAY,EAAE,CAAC;IAEhE,IAAI,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,uBAAuB,CAAC,CAAC;IACtE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACnD,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CACjC,SAAS,EACT,aAAa,EACb,uBAAuB,CACxB,CAAC;IACJ,CAAC;IACD,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IAC9C,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,eAAe,CAAC,CAAa;IACpC,OAAO,SAAS,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,GAAG,cACpD,CAAC,CAAC,QACJ,eAAe,CAAC,CAAC,QAAQ,KAAK,SAAS,YAAY,CAAC,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;AAC7E,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"} \ No newline at end of file +{"version":3,"file":"start-proxy-action.js","sourceRoot":"","sources":["../src/start-proxy-action.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAoD;AACpD,2CAA6B;AAE7B,oDAAsC;AACtC,+DAAiD;AACjD,2CAAiC;AAEjC,4DAA8C;AAC9C,uCAAqD;AACrD,+CAA2D;AAC3D,6CAA+B;AAE/B,MAAM,eAAe,GAAG,kBAAkB,CAAC;AAC3C,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AACtD,MAAM,0BAA0B,GAC9B,kFAAkF,CAAC;AACrF,MAAM,UAAU,GAAG,YAAY,CAAC;AAChC,MAAM,QAAQ,GAAG,IAAI,CAAC;AACtB,MAAM,gBAAgB,GAAG,CAAC,CAAC;AAkB3B,MAAM,YAAY,GAAG;IACnB;QACE,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE,wBAAwB;KAChC;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,KAAK,EAAE,aAAa;KACrB;IACD;QACE,SAAS,EAAE,IAAI;QACf,KAAK,EAAE,YAAY;KACpB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,KAAK,EAAE,IAAI;KACZ;IACD;QACE,SAAS,EAAE,IAAI;QACf,KAAK,EAAE,YAAY;KACpB;IACD;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,eAAe;KACvB;CACF,CAAC;AAEF,SAAS,4BAA4B;IACnC,MAAM,IAAI,GAAG,gBAAG,CAAC,GAAG,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,gBAAG,CAAC,iBAAiB,EAAE,CAAC;IACrC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IAChC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;IACzB,IAAI,CAAC,QAAQ,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IACrC,IAAI,CAAC,QAAQ,CAAC,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC;IACpC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAChC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,GAAG,gBAAgB,CACzD,CAAC;IAEF,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IAC9B,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IAC7B,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC7D,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAE3B,MAAM,GAAG,GAAG,gBAAG,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,gBAAG,CAAC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAC5B,CAAC;AAED,KAAK,UAAU,UAAU;IACvB,6CAA6C;IAC7C,WAAW,CAAC,aAAa,EAAE,CAAC;IAE5B,MAAM,MAAM,GAAG,IAAA,0BAAgB,GAAE,CAAC;IAElC,8BAA8B;IAC9B,MAAM,OAAO,GAAG,WAAW,CAAC,qBAAqB,EAAE,CAAC;IACpD,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAC5D,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;IAEnD,gCAAgC;IAChC,MAAM,WAAW,GAAG,IAAA,4BAAc,EAChC,MAAM,EACN,WAAW,CAAC,gBAAgB,CAAC,kBAAkB,CAAC,EAChD,WAAW,CAAC,gBAAgB,CAAC,wBAAwB,CAAC,EACtD,WAAW,CAAC,gBAAgB,CAAC,UAAU,CAAC,CACzC,CAAC;IACF,MAAM,CAAC,IAAI,CACT,sDAAsD,WAAW;SAC9D,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;SAC9B,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;IAEF,MAAM,EAAE,GAAG,4BAA4B,EAAE,CAAC;IAC1C,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IAEjC,MAAM,WAAW,GAAgB;QAC/B,eAAe,EAAE,WAAW;QAC5B,EAAE;QACF,UAAU,EAAE,SAAS;KACtB,CAAC;IAEF,kBAAkB;IAClB,MAAM,QAAQ,GAAG,MAAM,kBAAkB,EAAE,CAAC;IAC5C,MAAM,UAAU,CAAC,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,CAAC,CAAC;AACpE,CAAC;AAED,KAAK,UAAU,UAAU,CACvB,OAAe,EACf,MAAmB,EACnB,WAAmB,EACnB,MAAc;IAEd,MAAM,IAAI,GAAG,WAAW,CAAC;IACzB,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,IAAI,CAAC;QACH,IAAI,UAAU,GAA6B,SAAS,CAAC;QACrD,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,eAAe,GAAsB,SAAS,CAAC;QACnD,OAAO,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,eAAe,EAAE,CAAC;YACtD,UAAU,GAAG,IAAA,qBAAK,EAChB,OAAO,EACP,CAAC,OAAO,EAAE,GAAG,IAAI,IAAI,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,CAAC,EACrE;gBACE,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,CAAC;aACpC,CACF,CAAC;YACF,UAAU,CAAC,KAAK,EAAE,CAAC;YACnB,IAAI,UAAU,CAAC,GAAG,EAAE,CAAC;gBACnB,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3D,CAAC;YACD,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBAC/B,eAAe,GAAG,KAAK,CAAC;YAC1B,CAAC,CAAC,CAAC;YACH,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC7B,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBACf,6FAA6F;oBAC7F,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,GAAG,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC;oBAC3D,UAAU,GAAG,SAAS,CAAC;gBACzB,CAAC;YACH,CAAC,CAAC,CAAC;YACH,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAChD,UAAU,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC;YACxB,4CAA4C;YAC5C,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACzB,CAAC;QACD,IAAI,eAAe,EAAE,CAAC;YACpB,+DAA+D;YAC/D,MAAM,eAAe,CAAC;QACxB,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,oBAAoB,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QACnC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC9C,IAAI,CAAC,SAAS,CAAC,sBAAsB,EAAE,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAEvD,MAAM,aAAa,GAAG,MAAM,CAAC,eAAe;aACzC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,KAAK,SAAS,CAAC;aACpD,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;YACpB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,GAAG,EAAE,UAAU,CAAC,GAAG;SACpB,CAAC,CAAC,CAAC;QACN,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC;IAC9D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,SAAS,CAAC,8BAA8B,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC9E,CAAC;AACH,CAAC;AAED,4EAA4E;AAC5E,SAAS,YAAY;IACnB,MAAM,cAAc,GAAG,WAAW,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;IACtE,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,cAAc;SACzB,CAAC;IACJ,CAAC;IACD,OAAO;AACT,CAAC;AAED,KAAK,UAAU,kBAAkB;IAC/B,MAAM,aAAa,GACjB,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,eAAe,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC;IAC5E,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,OAAO;QAC1B,CAAC,CAAC,OAAO;QACT,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ;YAC7B,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,SAAS,CAAC;IAClB,MAAM,YAAY,GAAG,GAAG,eAAe,IAAI,QAAQ,SAAS,CAAC;IAC7D,MAAM,QAAQ,GAAG,GAAG,0BAA0B,GAAG,YAAY,EAAE,CAAC;IAEhE,IAAI,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,uBAAuB,CAAC,CAAC;IACtE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACnD,QAAQ,GAAG,MAAM,SAAS,CAAC,QAAQ,CACjC,SAAS,EACT,aAAa,EACb,uBAAuB,CACxB,CAAC;IACJ,CAAC;IACD,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IAC9C,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,eAAe,CAAC,CAAa;IACpC,OAAO,SAAS,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,IAAI,UAAU,CAAC,CAAC,GAAG,cACpD,CAAC,CAAC,QACJ,eAAe,CAAC,CAAC,QAAQ,KAAK,SAAS,YAAY,CAAC,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;AAC7E,CAAC;AAED,KAAK,UAAU,EAAE,CAAC"} \ No newline at end of file diff --git a/lib/start-proxy.js b/lib/start-proxy.js new file mode 100644 index 0000000000..9bbcaeba9c --- /dev/null +++ b/lib/start-proxy.js @@ -0,0 +1,83 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.getCredentials = getCredentials; +const languages_1 = require("./languages"); +const util_1 = require("./util"); +const LANGUAGE_TO_REGISTRY_TYPE = { + java: "maven_repository", + csharp: "nuget_feed", + javascript: "npm_registry", + python: "python_index", + ruby: "rubygems_server", + rust: "cargo_registry", + // We do not have an established proxy type for these languages, thus leaving empty. + actions: "", + cpp: "", + go: "", + swift: "", +}; +// getCredentials returns registry credentials from action inputs. +// It prefers `registries_credentials` over `registry_secrets`. +// If neither is set, it returns an empty array. +function getCredentials(logger, registrySecrets, registriesCredentials, languageString) { + const language = languageString ? (0, languages_1.parseLanguage)(languageString) : undefined; + const registryTypeForLanguage = language + ? LANGUAGE_TO_REGISTRY_TYPE[language] + : undefined; + let credentialsStr; + if (registriesCredentials !== undefined) { + logger.info(`Using registries_credentials input.`); + credentialsStr = Buffer.from(registriesCredentials, "base64").toString(); + } + else if (registrySecrets !== undefined) { + logger.info(`Using registry_secrets input.`); + credentialsStr = registrySecrets; + } + else { + logger.info(`No credentials defined.`); + return []; + } + // Parse and validate the credentials + let parsed; + try { + parsed = JSON.parse(credentialsStr); + } + catch { + // Don't log the error since it might contain sensitive information. + logger.error("Failed to parse the credentials data."); + throw new util_1.ConfigurationError("Invalid credentials format."); + } + const out = []; + for (const e of parsed) { + if (e.url === undefined && e.host === undefined) { + // The proxy needs one of these to work. If both are defined, the url has the precedence. + throw new util_1.ConfigurationError("Invalid credentials - must specify host or url"); + } + // Filter credentials based on language if specified. `type` is the registry type. + // E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#. + if (registryTypeForLanguage && e.type !== registryTypeForLanguage) { + continue; + } + const isPrintable = (str) => { + return str ? /^[\x20-\x7E]*$/.test(str) : true; + }; + if (!isPrintable(e.type) || + !isPrintable(e.host) || + !isPrintable(e.url) || + !isPrintable(e.username) || + !isPrintable(e.password) || + !isPrintable(e.token)) { + throw new util_1.ConfigurationError("Invalid credentials - fields must contain only printable characters"); + } + out.push({ + type: e.type, + host: e.host, + url: e.url, + username: e.username, + password: e.password, + token: e.token, + }); + } + return out; +} +//# sourceMappingURL=start-proxy.js.map \ No newline at end of file diff --git a/lib/start-proxy.js.map b/lib/start-proxy.js.map new file mode 100644 index 0000000000..031deff1ab --- /dev/null +++ b/lib/start-proxy.js.map @@ -0,0 +1 @@ +{"version":3,"file":"start-proxy.js","sourceRoot":"","sources":["../src/start-proxy.ts"],"names":[],"mappings":";;AA8BA,wCA2EC;AAzGD,2CAAsD;AAEtD,iCAA4C;AAW5C,MAAM,yBAAyB,GAA6B;IAC1D,IAAI,EAAE,kBAAkB;IACxB,MAAM,EAAE,YAAY;IACpB,UAAU,EAAE,cAAc;IAC1B,MAAM,EAAE,cAAc;IACtB,IAAI,EAAE,iBAAiB;IACvB,IAAI,EAAE,gBAAgB;IACtB,oFAAoF;IACpF,OAAO,EAAE,EAAE;IACX,GAAG,EAAE,EAAE;IACP,EAAE,EAAE,EAAE;IACN,KAAK,EAAE,EAAE;CACD,CAAC;AAEX,kEAAkE;AAClE,+DAA+D;AAC/D,gDAAgD;AAChD,SAAgB,cAAc,CAC5B,MAAc,EACd,eAAmC,EACnC,qBAAyC,EACzC,cAAkC;IAElC,MAAM,QAAQ,GAAG,cAAc,CAAC,CAAC,CAAC,IAAA,yBAAa,EAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5E,MAAM,uBAAuB,GAAG,QAAQ;QACtC,CAAC,CAAC,yBAAyB,CAAC,QAAQ,CAAC;QACrC,CAAC,CAAC,SAAS,CAAC;IAEd,IAAI,cAAsB,CAAC;IAC3B,IAAI,qBAAqB,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;QACnD,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC3E,CAAC;SAAM,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC7C,cAAc,GAAG,eAAe,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,qCAAqC;IACrC,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAiB,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,oEAAoE;QACpE,MAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;QACtD,MAAM,IAAI,yBAAkB,CAAC,6BAA6B,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,GAAG,GAAiB,EAAE,CAAC;IAC7B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAChD,yFAAyF;YACzF,MAAM,IAAI,yBAAkB,CAC1B,gDAAgD,CACjD,CAAC;QACJ,CAAC;QAED,kFAAkF;QAClF,iEAAiE;QACjE,IAAI,uBAAuB,IAAI,CAAC,CAAC,IAAI,KAAK,uBAAuB,EAAE,CAAC;YAClE,SAAS;QACX,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,GAAuB,EAAW,EAAE;YACvD,OAAO,GAAG,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACjD,CAAC,CAAC;QAEF,IACE,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC;YACpB,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC;YACpB,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC;YACnB,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;YACxB,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;YACxB,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,EACrB,CAAC;YACD,MAAM,IAAI,yBAAkB,CAC1B,qEAAqE,CACtE,CAAC;QACJ,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"} \ No newline at end of file diff --git a/lib/start-proxy.test.js b/lib/start-proxy.test.js new file mode 100644 index 0000000000..b4d53aad87 --- /dev/null +++ b/lib/start-proxy.test.js @@ -0,0 +1,99 @@ +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || (function () { + var ownKeys = function(o) { + ownKeys = Object.getOwnPropertyNames || function (o) { + var ar = []; + for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; + return ar; + }; + return ownKeys(o); + }; + return function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); + __setModuleDefault(result, mod); + return result; + }; +})(); +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +const ava_1 = __importDefault(require("ava")); +const logging_1 = require("./logging"); +const startProxyExports = __importStar(require("./start-proxy")); +const testing_utils_1 = require("./testing-utils"); +(0, testing_utils_1.setupTests)(ava_1.default); +(0, ava_1.default)("getCredentials prefers registriesCredentials over registrySecrets", async (t) => { + const registryCredentials = Buffer.from(JSON.stringify([ + { type: "npm_registry", host: "npm.pkg.github.com", token: "abc" }, + ])).toString("base64"); + const registrySecrets = JSON.stringify([ + { type: "npm_registry", host: "registry.npmjs.org", token: "def" }, + ]); + const credentials = startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), registrySecrets, registryCredentials, undefined); + t.is(credentials.length, 1); + t.is(credentials[0].host, "npm.pkg.github.com"); +}); +(0, ava_1.default)("getCredentials throws error when credential missing host and url", async (t) => { + const registryCredentials = Buffer.from(JSON.stringify([{ type: "npm_registry", token: "abc" }])).toString("base64"); + t.throws(() => startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), undefined, registryCredentials, undefined), { + message: "Invalid credentials - must specify host or url", + }); +}); +(0, ava_1.default)("getCredentials filters by language when specified", async (t) => { + const mixedCredentials = [ + { type: "npm_registry", host: "npm.pkg.github.com", token: "abc" }, + { type: "maven_repository", host: "maven.pkg.github.com", token: "def" }, + { type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" }, + ]; + const credentials = startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), undefined, Buffer.from(JSON.stringify(mixedCredentials)).toString("base64"), "java"); + t.is(credentials.length, 1); + t.is(credentials[0].type, "maven_repository"); +}); +(0, ava_1.default)("getCredentials returns all credentials when no language specified", async (t) => { + const mixedCredentials = [ + { type: "npm_registry", host: "npm.pkg.github.com", token: "abc" }, + { type: "maven_repository", host: "maven.pkg.github.com", token: "def" }, + { type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" }, + ]; + const credentialsInput = Buffer.from(JSON.stringify(mixedCredentials)).toString("base64"); + const credentials = startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), undefined, credentialsInput, undefined); + t.is(credentials.length, 3); +}); +(0, ava_1.default)("getCredentials throws an error when non-printable characters are used", async (t) => { + const invalidCredentials = [ + { type: "nuget_feed", host: "1nuget.pkg.github.com", token: "abc\u0000" }, // Non-printable character in token + { type: "nuget_feed", host: "2nuget.pkg.github.com\u0001" }, // Non-printable character in host + { + type: "nuget_feed", + host: "3nuget.pkg.github.com", + password: "ghi\u0002", + }, // Non-printable character in password + { type: "nuget_feed", host: "4nuget.pkg.github.com", password: "ghi\x00" }, // Non-printable character in password + ]; + for (const invalidCredential of invalidCredentials) { + const credentialsInput = Buffer.from(JSON.stringify([invalidCredential])).toString("base64"); + t.throws(() => startProxyExports.getCredentials((0, logging_1.getRunnerLogger)(true), undefined, credentialsInput, undefined), { + message: "Invalid credentials - fields must contain only printable characters", + }); + } +}); +//# sourceMappingURL=start-proxy.test.js.map \ No newline at end of file diff --git a/lib/start-proxy.test.js.map b/lib/start-proxy.test.js.map new file mode 100644 index 0000000000..c9ca771a5c --- /dev/null +++ b/lib/start-proxy.test.js.map @@ -0,0 +1 @@ +{"version":3,"file":"start-proxy.test.js","sourceRoot":"","sources":["../src/start-proxy.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8CAAuB;AAEvB,uCAA4C;AAC5C,iEAAmD;AACnD,mDAA6C;AAE7C,IAAA,0BAAU,EAAC,aAAI,CAAC,CAAC;AAEjB,IAAA,aAAI,EAAC,mEAAmE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACpF,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CACrC,IAAI,CAAC,SAAS,CAAC;QACb,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,KAAK,EAAE;KACnE,CAAC,CACH,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrB,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC;QACrC,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,KAAK,EAAE;KACnE,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,iBAAiB,CAAC,cAAc,CAClD,IAAA,yBAAe,EAAC,IAAI,CAAC,EACrB,eAAe,EACf,mBAAmB,EACnB,SAAS,CACV,CAAC;IACF,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC5B,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;AAClD,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,kEAAkE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACnF,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CACrC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,CACzD,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAErB,CAAC,CAAC,MAAM,CACN,GAAG,EAAE,CACH,iBAAiB,CAAC,cAAc,CAC9B,IAAA,yBAAe,EAAC,IAAI,CAAC,EACrB,SAAS,EACT,mBAAmB,EACnB,SAAS,CACV,EACH;QACE,OAAO,EAAE,gDAAgD;KAC1D,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,mDAAmD,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACpE,MAAM,gBAAgB,GAAG;QACvB,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,KAAK,EAAE;QAClE,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,KAAK,EAAE;QACxE,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,KAAK,EAAE;KACnE,CAAC;IAEF,MAAM,WAAW,GAAG,iBAAiB,CAAC,cAAc,CAClD,IAAA,yBAAe,EAAC,IAAI,CAAC,EACrB,SAAS,EACT,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAChE,MAAM,CACP,CAAC;IACF,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC5B,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;AAChD,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,mEAAmE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACpF,MAAM,gBAAgB,GAAG;QACvB,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,KAAK,EAAE;QAClE,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,KAAK,EAAE;QACxE,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,KAAK,EAAE;KACnE,CAAC;IACF,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,CACjC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAErB,MAAM,WAAW,GAAG,iBAAiB,CAAC,cAAc,CAClD,IAAA,yBAAe,EAAC,IAAI,CAAC,EACrB,SAAS,EACT,gBAAgB,EAChB,SAAS,CACV,CAAC;IACF,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC,CAAC,CAAC;AAEH,IAAA,aAAI,EAAC,uEAAuE,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;IACxF,MAAM,kBAAkB,GAAG;QACzB,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,mCAAmC;QAC9G,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,6BAA6B,EAAE,EAAE,kCAAkC;QAC/F;YACE,IAAI,EAAE,YAAY;YAClB,IAAI,EAAE,uBAAuB;YAC7B,QAAQ,EAAE,WAAW;SACtB,EAAE,sCAAsC;QACzC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,sCAAsC;KACnH,CAAC;IAEF,KAAK,MAAM,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;QACnD,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAClC,IAAI,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC,CAAC,CACpC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAErB,CAAC,CAAC,MAAM,CACN,GAAG,EAAE,CACH,iBAAiB,CAAC,cAAc,CAC9B,IAAA,yBAAe,EAAC,IAAI,CAAC,EACrB,SAAS,EACT,gBAAgB,EAChB,SAAS,CACV,EACH;YACE,OAAO,EACL,qEAAqE;SACxE,CACF,CAAC;IACJ,CAAC;AACH,CAAC,CAAC,CAAC"} \ No newline at end of file diff --git a/src/start-proxy-action.ts b/src/start-proxy-action.ts index 0cbfcf7173..013b237bad 100644 --- a/src/start-proxy-action.ts +++ b/src/start-proxy-action.ts @@ -6,8 +6,8 @@ import * as toolcache from "@actions/tool-cache"; import { pki } from "node-forge"; import * as actionsUtil from "./actions-util"; -import { Language, parseLanguage } from "./languages"; import { getActionsLogger, Logger } from "./logging"; +import { Credential, getCredentials } from "./start-proxy"; import * as util from "./util"; const UPDATEJOB_PROXY = "update-job-proxy"; @@ -18,34 +18,11 @@ const PROXY_USER = "proxy_user"; const KEY_SIZE = 2048; const KEY_EXPIRY_YEARS = 2; -const LANGUAGE_TO_REGISTRY_TYPE: Record = { - java: "maven_repository", - csharp: "nuget_feed", - javascript: "npm_registry", - python: "python_index", - ruby: "rubygems_server", - rust: "cargo_registry", - // We do not have an established proxy type for these languages, thus leaving empty. - actions: "", - cpp: "", - go: "", - swift: "", -} as const; - type CertificateAuthority = { cert: string; key: string; }; -type Credential = { - type: string; - host?: string; - url?: string; - username?: string; - password?: string; - token?: string; -}; - type BasicAuthCredentials = { username: string; password: string; @@ -117,7 +94,12 @@ async function runWrapper() { core.saveState("proxy-log-file", proxyLogFilePath); // Get the configuration options - const credentials = getCredentials(logger); + const credentials = getCredentials( + logger, + actionsUtil.getOptionalInput("registry_secrets"), + actionsUtil.getOptionalInput("registries_credentials"), + actionsUtil.getOptionalInput("language"), + ); logger.info( `Credentials loaded for the following registries:\n ${credentials .map((c) => credentialToStr(c)) @@ -199,58 +181,6 @@ async function startProxy( } } -// getCredentials returns registry credentials from action inputs. -// It prefers `registries_credentials` over `registry_secrets`. -// If neither is set, it returns an empty array. -function getCredentials(logger: Logger): Credential[] { - const registriesCredentials = actionsUtil.getOptionalInput( - "registries_credentials", - ); - const registrySecrets = actionsUtil.getOptionalInput("registry_secrets"); - const languageString = actionsUtil.getOptionalInput("language"); - const language = languageString ? parseLanguage(languageString) : undefined; - const registryTypeForLanguage = language - ? LANGUAGE_TO_REGISTRY_TYPE[language] - : undefined; - - let credentialsStr: string; - if (registriesCredentials !== undefined) { - logger.info(`Using registries_credentials input.`); - credentialsStr = Buffer.from(registriesCredentials, "base64").toString(); - } else if (registrySecrets !== undefined) { - logger.info(`Using registry_secrets input.`); - credentialsStr = registrySecrets; - } else { - logger.info(`No credentials defined.`); - return []; - } - - // Parse and validate the credentials - const parsed = JSON.parse(credentialsStr) as Credential[]; - const out: Credential[] = []; - for (const e of parsed) { - if (e.url === undefined && e.host === undefined) { - throw new Error("Invalid credentials - must specify host or url"); - } - - // Filter credentials based on language if specified. `type` is the registry type. - // E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#. - if (e.type !== registryTypeForLanguage) { - continue; - } - - out.push({ - type: e.type, - host: e.host, - url: e.url, - username: e.username, - password: e.password, - token: e.token, - }); - } - return out; -} - // getProxyAuth returns the authentication information for the proxy itself. function getProxyAuth(): BasicAuthCredentials | undefined { const proxy_password = actionsUtil.getOptionalInput("proxy_password"); diff --git a/src/start-proxy.test.ts b/src/start-proxy.test.ts new file mode 100644 index 0000000000..cb84833cc6 --- /dev/null +++ b/src/start-proxy.test.ts @@ -0,0 +1,115 @@ +import test from "ava"; + +import { getRunnerLogger } from "./logging"; +import * as startProxyExports from "./start-proxy"; +import { setupTests } from "./testing-utils"; + +setupTests(test); + +test("getCredentials prefers registriesCredentials over registrySecrets", async (t) => { + const registryCredentials = Buffer.from( + JSON.stringify([ + { type: "npm_registry", host: "npm.pkg.github.com", token: "abc" }, + ]), + ).toString("base64"); + const registrySecrets = JSON.stringify([ + { type: "npm_registry", host: "registry.npmjs.org", token: "def" }, + ]); + + const credentials = startProxyExports.getCredentials( + getRunnerLogger(true), + registrySecrets, + registryCredentials, + undefined, + ); + t.is(credentials.length, 1); + t.is(credentials[0].host, "npm.pkg.github.com"); +}); + +test("getCredentials throws error when credential missing host and url", async (t) => { + const registryCredentials = Buffer.from( + JSON.stringify([{ type: "npm_registry", token: "abc" }]), + ).toString("base64"); + + t.throws( + () => + startProxyExports.getCredentials( + getRunnerLogger(true), + undefined, + registryCredentials, + undefined, + ), + { + message: "Invalid credentials - must specify host or url", + }, + ); +}); + +test("getCredentials filters by language when specified", async (t) => { + const mixedCredentials = [ + { type: "npm_registry", host: "npm.pkg.github.com", token: "abc" }, + { type: "maven_repository", host: "maven.pkg.github.com", token: "def" }, + { type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" }, + ]; + + const credentials = startProxyExports.getCredentials( + getRunnerLogger(true), + undefined, + Buffer.from(JSON.stringify(mixedCredentials)).toString("base64"), + "java", + ); + t.is(credentials.length, 1); + t.is(credentials[0].type, "maven_repository"); +}); + +test("getCredentials returns all credentials when no language specified", async (t) => { + const mixedCredentials = [ + { type: "npm_registry", host: "npm.pkg.github.com", token: "abc" }, + { type: "maven_repository", host: "maven.pkg.github.com", token: "def" }, + { type: "nuget_feed", host: "nuget.pkg.github.com", token: "ghi" }, + ]; + const credentialsInput = Buffer.from( + JSON.stringify(mixedCredentials), + ).toString("base64"); + + const credentials = startProxyExports.getCredentials( + getRunnerLogger(true), + undefined, + credentialsInput, + undefined, + ); + t.is(credentials.length, 3); +}); + +test("getCredentials throws an error when non-printable characters are used", async (t) => { + const invalidCredentials = [ + { type: "nuget_feed", host: "1nuget.pkg.github.com", token: "abc\u0000" }, // Non-printable character in token + { type: "nuget_feed", host: "2nuget.pkg.github.com\u0001" }, // Non-printable character in host + { + type: "nuget_feed", + host: "3nuget.pkg.github.com", + password: "ghi\u0002", + }, // Non-printable character in password + { type: "nuget_feed", host: "4nuget.pkg.github.com", password: "ghi\x00" }, // Non-printable character in password + ]; + + for (const invalidCredential of invalidCredentials) { + const credentialsInput = Buffer.from( + JSON.stringify([invalidCredential]), + ).toString("base64"); + + t.throws( + () => + startProxyExports.getCredentials( + getRunnerLogger(true), + undefined, + credentialsInput, + undefined, + ), + { + message: + "Invalid credentials - fields must contain only printable characters", + }, + ); + } +}); diff --git a/src/start-proxy.ts b/src/start-proxy.ts new file mode 100644 index 0000000000..51c6f2fc07 --- /dev/null +++ b/src/start-proxy.ts @@ -0,0 +1,106 @@ +import { parseLanguage, Language } from "./languages"; +import { Logger } from "./logging"; +import { ConfigurationError } from "./util"; + +export type Credential = { + type: string; + host?: string; + url?: string; + username?: string; + password?: string; + token?: string; +}; + +const LANGUAGE_TO_REGISTRY_TYPE: Record = { + java: "maven_repository", + csharp: "nuget_feed", + javascript: "npm_registry", + python: "python_index", + ruby: "rubygems_server", + rust: "cargo_registry", + // We do not have an established proxy type for these languages, thus leaving empty. + actions: "", + cpp: "", + go: "", + swift: "", +} as const; + +// getCredentials returns registry credentials from action inputs. +// It prefers `registries_credentials` over `registry_secrets`. +// If neither is set, it returns an empty array. +export function getCredentials( + logger: Logger, + registrySecrets: string | undefined, + registriesCredentials: string | undefined, + languageString: string | undefined, +): Credential[] { + const language = languageString ? parseLanguage(languageString) : undefined; + const registryTypeForLanguage = language + ? LANGUAGE_TO_REGISTRY_TYPE[language] + : undefined; + + let credentialsStr: string; + if (registriesCredentials !== undefined) { + logger.info(`Using registries_credentials input.`); + credentialsStr = Buffer.from(registriesCredentials, "base64").toString(); + } else if (registrySecrets !== undefined) { + logger.info(`Using registry_secrets input.`); + credentialsStr = registrySecrets; + } else { + logger.info(`No credentials defined.`); + return []; + } + + // Parse and validate the credentials + let parsed: Credential[]; + try { + parsed = JSON.parse(credentialsStr) as Credential[]; + } catch { + // Don't log the error since it might contain sensitive information. + logger.error("Failed to parse the credentials data."); + throw new ConfigurationError("Invalid credentials format."); + } + + const out: Credential[] = []; + for (const e of parsed) { + if (e.url === undefined && e.host === undefined) { + // The proxy needs one of these to work. If both are defined, the url has the precedence. + throw new ConfigurationError( + "Invalid credentials - must specify host or url", + ); + } + + // Filter credentials based on language if specified. `type` is the registry type. + // E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#. + if (registryTypeForLanguage && e.type !== registryTypeForLanguage) { + continue; + } + + const isPrintable = (str: string | undefined): boolean => { + return str ? /^[\x20-\x7E]*$/.test(str) : true; + }; + + if ( + !isPrintable(e.type) || + !isPrintable(e.host) || + !isPrintable(e.url) || + !isPrintable(e.username) || + !isPrintable(e.password) || + !isPrintable(e.token) + ) { + throw new ConfigurationError( + "Invalid credentials - fields must contain only printable characters", + ); + } + + out.push({ + type: e.type, + host: e.host, + url: e.url, + username: e.username, + password: e.password, + token: e.token, + }); + } + return out; +} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy