npm - @backstage/integration - Versions diffs - 1.4.5-next.0 → 1.5.0-next.0 - Mend

@backstage/integration 1.4.5-next.0 → 1.5.0-next.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -182,7 +182,46 @@ type AzureIntegrationConfig = {
      * If no token is specified, anonymous access is used.
      */
     token?: string;
+    /**
+     * The credential to use for requests.
+     *
+     * If no credential is specified anonymous access is used.
+     */
+    credential?: AzureCredential;
+};
+/**
+ * Authenticate using a client secret that was generated for an App Registration.
+ * @public
+ */
+type ClientSecret = {
+    /**
+     * The Azure Active Directory tenant
+     */
+    tenantId: string;
+    /**
+     * The client id
+     */
+    clientId: string;
+    /**
+     * The client secret
+     */
+    clientSecret: string;
 };
+/**
+ * Authenticate using a managed identity available at the deployment environment.
+ * @public
+ */
+type ManagedIdentity = {
+    /**
+     * The clientId
+     */
+    clientId: string;
+};
+/**
+ * Credential used to authenticate to Azure Active Directory.
+ * @public
+ */
+type AzureCredential = ClientSecret | ManagedIdentity;
 /**
  * Reads a single Azure integration config.
  *
@@ -252,11 +291,12 @@ declare function getAzureCommitsUrl(url: string): string;
  * Gets the request options necessary to make requests to a given provider.
  *
  * @param config - The relevant provider config
+ * @param additionalHeaders - Additional headers for the request
  * @public
  */
-declare function getAzureRequestOptions(config: AzureIntegrationConfig, additionalHeaders?: Record<string, string>): {
+declare function getAzureRequestOptions(config: AzureIntegrationConfig, additionalHeaders?: Record<string, string>): Promise<{
     headers: Record<string, string>;
-};
+}>;
 /**
  * The configuration parameters for a single Bitbucket API provider.
@@ -1317,6 +1357,38 @@ declare function getGitLabRequestOptions(config: GitLabIntegrationConfig): {
     headers: Record<string, string>;
 };
+/**
+ * @public
+ */
+type GitlabCredentials = {
+    headers?: {
+        [name: string]: string;
+    };
+    token?: string;
+};
+/**
+ * @public
+ */
+interface GitlabCredentialsProvider {
+    getCredentials(opts: {
+        url: string;
+    }): Promise<GitlabCredentials>;
+}
+/**
+ * Handles the creation and caching of credentials for GitLab integrations.
+ *
+ * @public
+ */
+declare class DefaultGitlabCredentialsProvider implements GitlabCredentialsProvider {
+    private readonly providers;
+    static fromIntegrations(integrations: ScmIntegrationRegistry): DefaultGitlabCredentialsProvider;
+    private constructor();
+    getCredentials(opts: {
+        url: string;
+    }): Promise<GitlabCredentials>;
+}
 /**
  * The configuration parameters for a single Google Cloud Storage provider.
  *
@@ -1403,4 +1475,4 @@ declare class ScmIntegrations implements ScmIntegrationRegistry {
     resolveEditUrl(url: string): string;
 }
-export { AwsS3Integration, AwsS3IntegrationConfig, AzureIntegration, AzureIntegrationConfig, BitbucketCloudIntegration, BitbucketCloudIntegrationConfig, BitbucketIntegration, BitbucketIntegrationConfig, BitbucketServerIntegration, BitbucketServerIntegrationConfig, DefaultGithubCredentialsProvider, GerritIntegration, GerritIntegrationConfig, GitHubIntegration, GitHubIntegrationConfig, GitLabIntegration, GitLabIntegrationConfig, GiteaIntegration, GiteaIntegrationConfig, GithubAppConfig, GithubAppCredentialsMux, GithubCredentialType, GithubCredentials, GithubCredentialsProvider, GithubIntegration, GithubIntegrationConfig, GoogleGcsIntegrationConfig, IntegrationsByType, ScmIntegration, ScmIntegrationRegistry, ScmIntegrations, ScmIntegrationsFactory, ScmIntegrationsGroup, SingleInstanceGithubCredentialsProvider, defaultScmResolveUrl, getAzureCommitsUrl, getAzureDownloadUrl, getAzureFileFetchUrl, getAzureRequestOptions, getBitbucketCloudDefaultBranch, getBitbucketCloudDownloadUrl, getBitbucketCloudFileFetchUrl, getBitbucketCloudRequestOptions, getBitbucketDefaultBranch, getBitbucketDownloadUrl, getBitbucketFileFetchUrl, getBitbucketRequestOptions, getBitbucketServerDefaultBranch, getBitbucketServerDownloadUrl, getBitbucketServerFileFetchUrl, getBitbucketServerRequestOptions, getGerritBranchApiUrl, getGerritCloneRepoUrl, getGerritFileContentsApiUrl, getGerritProjectsApiUrl, getGerritRequestOptions, getGitHubFileFetchUrl, getGitHubRequestOptions, getGitLabFileFetchUrl, getGitLabIntegrationRelativePath, getGitLabRequestOptions, getGiteaFileContentsUrl, getGiteaRequestOptions, getGithubFileFetchUrl, parseGerritGitilesUrl, parseGerritJsonResponse, readAwsS3IntegrationConfig, readAwsS3IntegrationConfigs, readAzureIntegrationConfig, readAzureIntegrationConfigs, readBitbucketCloudIntegrationConfig, readBitbucketCloudIntegrationConfigs, readBitbucketIntegrationConfig, readBitbucketIntegrationConfigs, readBitbucketServerIntegrationConfig, readBitbucketServerIntegrationConfigs, readGerritIntegrationConfig, readGerritIntegrationConfigs, readGitHubIntegrationConfig, readGitHubIntegrationConfigs, readGitLabIntegrationConfig, readGitLabIntegrationConfigs, readGiteaConfig, readGithubIntegrationConfig, readGithubIntegrationConfigs, readGoogleGcsIntegrationConfig, replaceGitHubUrlType, replaceGitLabUrlType, replaceGithubUrlType };
+export { AwsS3Integration, AwsS3IntegrationConfig, AzureCredential, AzureIntegration, AzureIntegrationConfig, BitbucketCloudIntegration, BitbucketCloudIntegrationConfig, BitbucketIntegration, BitbucketIntegrationConfig, BitbucketServerIntegration, BitbucketServerIntegrationConfig, ClientSecret, DefaultGithubCredentialsProvider, DefaultGitlabCredentialsProvider, GerritIntegration, GerritIntegrationConfig, GitHubIntegration, GitHubIntegrationConfig, GitLabIntegration, GitLabIntegrationConfig, GiteaIntegration, GiteaIntegrationConfig, GithubAppConfig, GithubAppCredentialsMux, GithubCredentialType, GithubCredentials, GithubCredentialsProvider, GithubIntegration, GithubIntegrationConfig, GitlabCredentials, GitlabCredentialsProvider, GoogleGcsIntegrationConfig, IntegrationsByType, ManagedIdentity, ScmIntegration, ScmIntegrationRegistry, ScmIntegrations, ScmIntegrationsFactory, ScmIntegrationsGroup, SingleInstanceGithubCredentialsProvider, defaultScmResolveUrl, getAzureCommitsUrl, getAzureDownloadUrl, getAzureFileFetchUrl, getAzureRequestOptions, getBitbucketCloudDefaultBranch, getBitbucketCloudDownloadUrl, getBitbucketCloudFileFetchUrl, getBitbucketCloudRequestOptions, getBitbucketDefaultBranch, getBitbucketDownloadUrl, getBitbucketFileFetchUrl, getBitbucketRequestOptions, getBitbucketServerDefaultBranch, getBitbucketServerDownloadUrl, getBitbucketServerFileFetchUrl, getBitbucketServerRequestOptions, getGerritBranchApiUrl, getGerritCloneRepoUrl, getGerritFileContentsApiUrl, getGerritProjectsApiUrl, getGerritRequestOptions, getGitHubFileFetchUrl, getGitHubRequestOptions, getGitLabFileFetchUrl, getGitLabIntegrationRelativePath, getGitLabRequestOptions, getGiteaFileContentsUrl, getGiteaRequestOptions, getGithubFileFetchUrl, parseGerritGitilesUrl, parseGerritJsonResponse, readAwsS3IntegrationConfig, readAwsS3IntegrationConfigs, readAzureIntegrationConfig, readAzureIntegrationConfigs, readBitbucketCloudIntegrationConfig, readBitbucketCloudIntegrationConfigs, readBitbucketIntegrationConfig, readBitbucketIntegrationConfigs, readBitbucketServerIntegrationConfig, readBitbucketServerIntegrationConfigs, readGerritIntegrationConfig, readGerritIntegrationConfigs, readGitHubIntegrationConfig, readGitHubIntegrationConfigs, readGitLabIntegrationConfig, readGitLabIntegrationConfigs, readGiteaConfig, readGithubIntegrationConfig, readGithubIntegrationConfigs, readGoogleGcsIntegrationConfig, replaceGitHubUrlType, replaceGitLabUrlType, replaceGithubUrlType };

package/dist/index.esm.js CHANGED Viewed

@@ -1,5 +1,6 @@
 import parseGitUrl from 'git-url-parse';
 import { trimEnd, trimStart } from 'lodash';
+import { ClientSecretCredential, ManagedIdentityCredential } from '@azure/identity';
 import fetch from 'cross-fetch';
 import { createAppAuth } from '@octokit/auth-app';
 import { Octokit } from '@octokit/rest';
@@ -334,16 +335,43 @@ _ref = new WeakMap();
 _baseUrl = new WeakMap();
 const AZURE_HOST = "dev.azure.com";
+const isServicePrincipal = (credential) => {
+  const clientSecretCredential = credential;
+  return Object.keys(credential).length === 3 && clientSecretCredential.clientId !== void 0 && clientSecretCredential.clientSecret !== void 0 && clientSecretCredential.tenantId !== void 0;
+};
+const isManagedIdentity = (credential) => {
+  return Object.keys(credential).length === 1 && credential.clientId !== void 0;
+};
 function readAzureIntegrationConfig(config) {
   var _a;
   const host = (_a = config.getOptionalString("host")) != null ? _a : AZURE_HOST;
   const token = config.getOptionalString("token");
+  const credential = config.getOptional("credential") ? {
+    tenantId: config.getOptionalString("credential.tenantId"),
+    clientId: config.getOptionalString("credential.clientId"),
+    clientSecret: config.getOptionalString("credential.clientSecret")
+  } : void 0;
   if (!isValidHost(host)) {
     throw new Error(
       `Invalid Azure integration config, '${host}' is not a valid host`
     );
   }
-  return { host, token };
+  if (credential && !isServicePrincipal(credential) && !isManagedIdentity(credential)) {
+    throw new Error(
+      `Invalid Azure integration config, credential is not valid`
+    );
+  }
+  if (credential && host !== AZURE_HOST) {
+    throw new Error(
+      `Invalid Azure integration config, credential can only be used with ${AZURE_HOST}`
+    );
+  }
+  if (credential && token) {
+    throw new Error(
+      `Invalid Azure integration config, specify either a token or a credential but not both`
+    );
+  }
+  return { host, token, credential };
 }
 function readAzureIntegrationConfigs(configs) {
   const result = configs.map(readAzureIntegrationConfig);
@@ -419,9 +447,27 @@ function getAzureDownloadUrl(url) {
 function getAzureCommitsUrl(url) {
   return AzureUrl.fromRepoUrl(url).toCommitsUrl();
 }
-function getAzureRequestOptions(config, additionalHeaders) {
+async function getAzureRequestOptions(config, additionalHeaders) {
+  const azureDevOpsScope = "499b84ac-1321-427f-aa17-267ca6975798/.default";
   const headers = additionalHeaders ? { ...additionalHeaders } : {};
-  if (config.token) {
+  const { token, credential } = config;
+  if (credential) {
+    if (isServicePrincipal(credential)) {
+      const servicePrincipal = new ClientSecretCredential(
+        credential.tenantId,
+        credential.clientId,
+        credential.clientSecret
+      );
+      const accessToken = await servicePrincipal.getToken(azureDevOpsScope);
+      headers.Authorization = `Bearer ${accessToken.token}`;
+    } else if (isManagedIdentity(credential)) {
+      const managedIdentity = new ManagedIdentityCredential(
+        credential.clientId
+      );
+      const accessToken = await managedIdentity.getToken(azureDevOpsScope);
+      headers.Authorization = `Bearer ${accessToken.token}`;
+    }
+  } else if (token) {
     const buffer = Buffer.from(`:${config.token}`, "utf8");
     headers.Authorization = `Basic ${buffer.toString("base64")}`;
   }
@@ -1304,8 +1350,8 @@ class GithubAppManager {
     const allInstallations = await this.getInstallations();
     const installation = allInstallations.find(
       (inst) => {
-        var _a, _b;
-        return ((_b = (_a = inst.account) == null ? void 0 : _a.login) == null ? void 0 : _b.toLocaleLowerCase("en-US")) === owner.toLocaleLowerCase("en-US");
+        var _a;
+        return inst.account && "login" in inst.account && ((_a = inst.account.login) == null ? void 0 : _a.toLocaleLowerCase("en-US")) === owner.toLocaleLowerCase("en-US");
       }
     );
     if (installation) {
@@ -1666,6 +1712,51 @@ function replaceGitLabUrlType(url, type) {
   return url.replace(/\/\-\/(blob|tree|edit)\//, `/-/${type}/`);
 }
+const _SingleInstanceGitlabCredentialsProvider = class {
+  constructor(token) {
+    this.token = token;
+  }
+  async getCredentials(_opts) {
+    if (!this.token) {
+      return {};
+    }
+    return {
+      headers: {
+        Authorization: `Bearer ${this.token}`
+      },
+      token: this.token
+    };
+  }
+};
+let SingleInstanceGitlabCredentialsProvider = _SingleInstanceGitlabCredentialsProvider;
+SingleInstanceGitlabCredentialsProvider.create = (config) => {
+  return new _SingleInstanceGitlabCredentialsProvider(config.token);
+};
+class DefaultGitlabCredentialsProvider {
+  constructor(providers) {
+    this.providers = providers;
+  }
+  static fromIntegrations(integrations) {
+    const credentialsProviders = /* @__PURE__ */ new Map();
+    integrations.gitlab.list().forEach((integration) => {
+      const credentialsProvider = SingleInstanceGitlabCredentialsProvider.create(integration.config);
+      credentialsProviders.set(integration.config.host, credentialsProvider);
+    });
+    return new DefaultGitlabCredentialsProvider(credentialsProviders);
+  }
+  async getCredentials(opts) {
+    const parsed = new URL(opts.url);
+    const provider = this.providers.get(parsed.host);
+    if (!provider) {
+      throw new Error(
+        `There is no GitLab integration that matches ${opts.url}. Please add a configuration for an integration.`
+      );
+    }
+    return provider.getCredentials(opts);
+  }
+}
 function readGoogleGcsIntegrationConfig(config) {
   if (!config) {
     return {};
@@ -1761,5 +1852,5 @@ class ScmIntegrations {
   }
 }
-export { AwsS3Integration, AzureIntegration, BitbucketCloudIntegration, BitbucketIntegration, BitbucketServerIntegration, DefaultGithubCredentialsProvider, GerritIntegration, GitHubIntegration, GitLabIntegration, GiteaIntegration, GithubAppCredentialsMux, GithubIntegration, ScmIntegrations, SingleInstanceGithubCredentialsProvider, defaultScmResolveUrl, getAzureCommitsUrl, getAzureDownloadUrl, getAzureFileFetchUrl, getAzureRequestOptions, getBitbucketCloudDefaultBranch, getBitbucketCloudDownloadUrl, getBitbucketCloudFileFetchUrl, getBitbucketCloudRequestOptions, getBitbucketDefaultBranch, getBitbucketDownloadUrl, getBitbucketFileFetchUrl, getBitbucketRequestOptions, getBitbucketServerDefaultBranch, getBitbucketServerDownloadUrl, getBitbucketServerFileFetchUrl, getBitbucketServerRequestOptions, getGerritBranchApiUrl, getGerritCloneRepoUrl, getGerritFileContentsApiUrl, getGerritProjectsApiUrl, getGerritRequestOptions, getGitHubFileFetchUrl, getGitHubRequestOptions, getGitLabFileFetchUrl, getGitLabIntegrationRelativePath, getGitLabRequestOptions, getGiteaFileContentsUrl, getGiteaRequestOptions, getGithubFileFetchUrl, parseGerritGitilesUrl, parseGerritJsonResponse, readAwsS3IntegrationConfig, readAwsS3IntegrationConfigs, readAzureIntegrationConfig, readAzureIntegrationConfigs, readBitbucketCloudIntegrationConfig, readBitbucketCloudIntegrationConfigs, readBitbucketIntegrationConfig, readBitbucketIntegrationConfigs, readBitbucketServerIntegrationConfig, readBitbucketServerIntegrationConfigs, readGerritIntegrationConfig, readGerritIntegrationConfigs, readGitHubIntegrationConfig, readGitHubIntegrationConfigs, readGitLabIntegrationConfig, readGitLabIntegrationConfigs, readGiteaConfig, readGithubIntegrationConfig, readGithubIntegrationConfigs, readGoogleGcsIntegrationConfig, replaceGitHubUrlType, replaceGitLabUrlType, replaceGithubUrlType };
+export { AwsS3Integration, AzureIntegration, BitbucketCloudIntegration, BitbucketIntegration, BitbucketServerIntegration, DefaultGithubCredentialsProvider, DefaultGitlabCredentialsProvider, GerritIntegration, GitHubIntegration, GitLabIntegration, GiteaIntegration, GithubAppCredentialsMux, GithubIntegration, ScmIntegrations, SingleInstanceGithubCredentialsProvider, defaultScmResolveUrl, getAzureCommitsUrl, getAzureDownloadUrl, getAzureFileFetchUrl, getAzureRequestOptions, getBitbucketCloudDefaultBranch, getBitbucketCloudDownloadUrl, getBitbucketCloudFileFetchUrl, getBitbucketCloudRequestOptions, getBitbucketDefaultBranch, getBitbucketDownloadUrl, getBitbucketFileFetchUrl, getBitbucketRequestOptions, getBitbucketServerDefaultBranch, getBitbucketServerDownloadUrl, getBitbucketServerFileFetchUrl, getBitbucketServerRequestOptions, getGerritBranchApiUrl, getGerritCloneRepoUrl, getGerritFileContentsApiUrl, getGerritProjectsApiUrl, getGerritRequestOptions, getGitHubFileFetchUrl, getGitHubRequestOptions, getGitLabFileFetchUrl, getGitLabIntegrationRelativePath, getGitLabRequestOptions, getGiteaFileContentsUrl, getGiteaRequestOptions, getGithubFileFetchUrl, parseGerritGitilesUrl, parseGerritJsonResponse, readAwsS3IntegrationConfig, readAwsS3IntegrationConfigs, readAzureIntegrationConfig, readAzureIntegrationConfigs, readBitbucketCloudIntegrationConfig, readBitbucketCloudIntegrationConfigs, readBitbucketIntegrationConfig, readBitbucketIntegrationConfigs, readBitbucketServerIntegrationConfig, readBitbucketServerIntegrationConfigs, readGerritIntegrationConfig, readGerritIntegrationConfigs, readGitHubIntegrationConfig, readGitHubIntegrationConfigs, readGitLabIntegrationConfig, readGitLabIntegrationConfigs, readGiteaConfig, readGithubIntegrationConfig, readGithubIntegrationConfigs, readGoogleGcsIntegrationConfig, replaceGitHubUrlType, replaceGitLabUrlType, replaceGithubUrlType };
 //# sourceMappingURL=index.esm.js.map