Draft: Package registry request forward 🏓 s

🔭 Context

This is a quick and rushed Proof of Concept for #379187.

It is meant to bring answers to the viability of that suggested change.

⚠ This was done in literally 20.minutes of my time.

⚠ This is not a production grade change. Don't ever use or merge this in production systems. ⚠

🔬 What does this MR do and why?

• Add a new packages_project_settings table.
• Update the NPM request forward feature to read the custom url from the packages_project_settings first.
  • if set, that will be the target of the forward.
  • if not, the actual implementation is followed: forward to npmjs.org

🍿 Demo

1. Create 3 projects: A, B, C
2. In a rails console, for project A:

   Project.find(<project A id>).create_packages_settings(npm_request_forward_to_url: 'http://gdk.test:8000/api/v4/projects/<project B id>/packages/npm/')

3. for project B:

   Project.find(<project B id>).create_packages_settings(npm_request_forward_to_url: 'http://gdk.test:8000/api/v4/projects/<project C id>/packages/npm/')

4. Push a @foobar/test npm package to Project B

In a folder, have an .npmrc file:

@babel:registry=http://gdk.test:8000/api/v4/projects/<project A id>/packages/npm/
@foobar:registry=http://gdk.test:8000/api/v4/projects/<project A id>/packages/npm/
//gdk.test:8000/api/v4/projects/<project A id>/packages/npm/:_authToken=<pat>
//gdk.test:8000/api/v4/projects/<project B id>/packages/npm/:_authToken=<pat>
//gdk.test:8000/api/v4/projects/<project C id>/packages/npm/:_authToken=<pat>

Now, with this configuration, let's pull @foobar/test:

$ npm install @foobar/bananas          

added 1 package in 2s

Here are the requests made:

• We can see the request made to project A and B.
• The package is fetched from project B 🎉

Let's pull @babel/parser:

npm install @babel/parser

added 1 package, and audited 2 packages in 1s

found 0 vulnerabilities

Here are the request made:

• We can see the 🏓 to Project A, B, C and finally npmjs.org
• The package is fetched from npmjs.org