Draft: Package registry request forward 🏓 s
🔭 Context
This is a quick and rushed Proof of Concept for #379187 (closed).
It is meant to bring answers to the viability of that suggested change.
20.minutes
of my time.
🔬 What does this MR do and why?
- Add a new
packages_project_settings
table. - Update the NPM request forward feature to read the custom url from the
packages_project_settings
first.- if set, that will be the target of the forward.
- if not, the actual implementation is followed: forward to
npmjs.org
🍿 Demo
- Create 3 projects: A, B, C
- In a rails console, for project A:
Project.find(<project A id>).create_packages_settings(npm_request_forward_to_url: 'http://gdk.test:8000/api/v4/projects/<project B id>/packages/npm/')
- for project B:
Project.find(<project B id>).create_packages_settings(npm_request_forward_to_url: 'http://gdk.test:8000/api/v4/projects/<project C id>/packages/npm/')
- Push a
@foobar/test
npm package to Project B
In a folder, have an .npmrc
file:
@babel:registry=http://gdk.test:8000/api/v4/projects/<project A id>/packages/npm/
@foobar:registry=http://gdk.test:8000/api/v4/projects/<project A id>/packages/npm/
//gdk.test:8000/api/v4/projects/<project A id>/packages/npm/:_authToken=<pat>
//gdk.test:8000/api/v4/projects/<project B id>/packages/npm/:_authToken=<pat>
//gdk.test:8000/api/v4/projects/<project C id>/packages/npm/:_authToken=<pat>
Now, with this configuration, let's pull @foobar/test
:
$ npm install @foobar/bananas
added 1 package in 2s
Here are the requests made:
- We can see the request made to project A and B.
- The package is fetched from project B
🎉
Let's pull @babel/parser
:
npm install @babel/parser
added 1 package, and audited 2 packages in 1s
found 0 vulnerabilities
Here are the request made:
- We can see the
🏓 to Project A, B, C and finallynpmjs.org
- The package is fetched from npmjs.org