npm - @rushstack/rush-http-build-cache-plugin - Versions diffs - 5.167.0 → 5.169.0 - Mend

@rushstack/rush-http-build-cache-plugin 5.167.0 → 5.169.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/lib-esm/HttpBuildCacheProvider.js ADDED Viewed

@@ -0,0 +1,295 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
+// See LICENSE in the project root for license information.
+import { CredentialCache } from '@rushstack/credential-cache';
+import { Executable, Async } from '@rushstack/node-core-library';
+import { EnvironmentConfiguration } from '@rushstack/rush-sdk';
+import { WebClient } from '@rushstack/rush-sdk/lib/utilities/WebClient';
+var CredentialsOptions;
+(function (CredentialsOptions) {
+    CredentialsOptions[CredentialsOptions["Optional"] = 0] = "Optional";
+    CredentialsOptions[CredentialsOptions["Required"] = 1] = "Required";
+    CredentialsOptions[CredentialsOptions["Omit"] = 2] = "Omit";
+})(CredentialsOptions || (CredentialsOptions = {}));
+var FailureType;
+(function (FailureType) {
+    FailureType[FailureType["None"] = 0] = "None";
+    FailureType[FailureType["Informational"] = 1] = "Informational";
+    FailureType[FailureType["Warning"] = 2] = "Warning";
+    FailureType[FailureType["Error"] = 3] = "Error";
+    FailureType[FailureType["Authentication"] = 4] = "Authentication";
+})(FailureType || (FailureType = {}));
+const MAX_HTTP_CACHE_ATTEMPTS = 3;
+const DEFAULT_MIN_HTTP_RETRY_DELAY_MS = 2500;
+export class HttpBuildCacheProvider {
+    get isCacheWriteAllowed() {
+        var _a;
+        return (_a = EnvironmentConfiguration.buildCacheWriteAllowed) !== null && _a !== void 0 ? _a : this._isCacheWriteAllowedByConfiguration;
+    }
+    constructor(options, rushSession) {
+        var _a, _b, _c, _d;
+        this._pluginName = options.pluginName;
+        this._rushProjectRoot = options.rushJsonFolder;
+        this._environmentCredential = EnvironmentConfiguration.buildCacheCredential;
+        this._isCacheWriteAllowedByConfiguration = options.isCacheWriteAllowed;
+        this._url = new URL(options.url.endsWith('/') ? options.url : options.url + '/');
+        this._uploadMethod = (_a = options.uploadMethod) !== null && _a !== void 0 ? _a : 'PUT';
+        this._headers = (_b = options.headers) !== null && _b !== void 0 ? _b : {};
+        this._tokenHandler = options.tokenHandler;
+        this._cacheKeyPrefix = (_c = options.cacheKeyPrefix) !== null && _c !== void 0 ? _c : '';
+        this._minHttpRetryDelayMs = (_d = options.minHttpRetryDelayMs) !== null && _d !== void 0 ? _d : DEFAULT_MIN_HTTP_RETRY_DELAY_MS;
+    }
+    async tryGetCacheEntryBufferByIdAsync(terminal, cacheId) {
+        try {
+            const result = await this._makeHttpRequestAsync({
+                terminal: terminal,
+                relUrl: `${this._cacheKeyPrefix}${cacheId}`,
+                method: 'GET',
+                body: undefined,
+                warningText: 'Could not get cache entry',
+                readBody: true,
+                maxAttempts: MAX_HTTP_CACHE_ATTEMPTS
+            });
+            return Buffer.isBuffer(result) ? result : undefined;
+        }
+        catch (e) {
+            terminal.writeWarningLine(`Error getting cache entry: ${e}`);
+            return undefined;
+        }
+    }
+    async trySetCacheEntryBufferAsync(terminal, cacheId, objectBuffer) {
+        if (!this.isCacheWriteAllowed) {
+            terminal.writeErrorLine('Writing to cache is not allowed in the current configuration.');
+            return false;
+        }
+        terminal.writeDebugLine('Uploading object with cacheId: ', cacheId);
+        try {
+            const result = await this._makeHttpRequestAsync({
+                terminal: terminal,
+                relUrl: `${this._cacheKeyPrefix}${cacheId}`,
+                method: this._uploadMethod,
+                body: objectBuffer,
+                warningText: 'Could not write cache entry',
+                readBody: false,
+                maxAttempts: MAX_HTTP_CACHE_ATTEMPTS
+            });
+            return result !== false;
+        }
+        catch (e) {
+            terminal.writeWarningLine(`Error uploading cache entry: ${e}`);
+            return false;
+        }
+    }
+    async updateCachedCredentialAsync(terminal, credential) {
+        await CredentialCache.usingAsync({
+            supportEditing: true
+        }, async (credentialsCache) => {
+            credentialsCache.setCacheEntry(this._credentialCacheId, {
+                credential: credential
+            });
+            await credentialsCache.saveIfModifiedAsync();
+        });
+    }
+    async updateCachedCredentialInteractiveAsync(terminal) {
+        if (!this._tokenHandler) {
+            throw new Error(`The interactive cloud credentials flow is not configured.\n` +
+                `Set the 'tokenHandler' setting in 'common/config/rush-plugins/${this._pluginName}.json' to a command that writes your credentials to standard output and exits with code 0 ` +
+                `or provide your credentials to rush using the --credential flag instead. Credentials must be the ` +
+                `'Authorization' header expected by ${this._url.href}`);
+        }
+        const cmd = `${this._tokenHandler.exec} ${(this._tokenHandler.args || []).join(' ')}`;
+        terminal.writeVerboseLine(`Running '${cmd}' to get credentials`);
+        const result = Executable.spawnSync(this._tokenHandler.exec, this._tokenHandler.args || [], {
+            currentWorkingDirectory: this._rushProjectRoot
+        });
+        terminal.writeErrorLine(result.stderr);
+        if (result.error) {
+            throw new Error(`Could not obtain credentials. The command '${cmd}' failed.`);
+        }
+        const credential = result.stdout.trim();
+        terminal.writeVerboseLine('Got credentials');
+        await this.updateCachedCredentialAsync(terminal, credential);
+        terminal.writeLine('Updated credentials cache');
+    }
+    async deleteCachedCredentialsAsync(terminal) {
+        await CredentialCache.usingAsync({
+            supportEditing: true
+        }, async (credentialsCache) => {
+            credentialsCache.deleteCacheEntry(this._credentialCacheId);
+            await credentialsCache.saveIfModifiedAsync();
+        });
+    }
+    get _credentialCacheId() {
+        if (!this.__credentialCacheId) {
+            const cacheIdParts = [this._url.href];
+            if (this._isCacheWriteAllowedByConfiguration) {
+                cacheIdParts.push('cacheWriteAllowed');
+            }
+            this.__credentialCacheId = cacheIdParts.join('|');
+        }
+        return this.__credentialCacheId;
+    }
+    async _makeHttpRequestAsync(options) {
+        const { terminal, relUrl, method, body, warningText, readBody, credentialOptions } = options;
+        const safeCredentialOptions = credentialOptions !== null && credentialOptions !== void 0 ? credentialOptions : CredentialsOptions.Optional;
+        const credentials = await this._tryGetCredentialsAsync(safeCredentialOptions);
+        const url = new URL(relUrl, this._url).href;
+        const headers = {};
+        if (typeof credentials === 'string') {
+            headers.Authorization = credentials;
+        }
+        for (const [key, value] of Object.entries(this._headers)) {
+            if (typeof value === 'string') {
+                headers[key] = value;
+            }
+        }
+        const bodyLength = (body === null || body === void 0 ? void 0 : body.length) || 'unknown';
+        terminal.writeDebugLine(`[http-build-cache] request: ${method} ${url} ${bodyLength} bytes`);
+        const webClient = new WebClient();
+        const response = await webClient.fetchAsync(url, {
+            verb: method,
+            headers: headers,
+            body: body,
+            redirect: 'follow',
+            timeoutMs: 0 // Use the default timeout
+        });
+        if (!response.ok) {
+            const isNonCredentialResponse = response.status >= 500 && response.status < 600;
+            if (!isNonCredentialResponse &&
+                typeof credentials !== 'string' &&
+                safeCredentialOptions === CredentialsOptions.Optional) {
+                // If we don't already have credentials yet, and we got a response from the server
+                // that is a "normal" failure (4xx), then we assume that credentials are probably
+                // required. Re-attempt the request, requiring credentials this time.
+                //
+                // This counts as part of the "first attempt", so it is not included in the max attempts
+                return await this._makeHttpRequestAsync({
+                    ...options,
+                    credentialOptions: CredentialsOptions.Required
+                });
+            }
+            if (options.maxAttempts > 1) {
+                // Pause a bit before retrying in case the server is busy
+                // Add some random jitter to the retry so we can spread out load on the remote service
+                // A proper solution might add exponential back off in case the retry count is high (10 or more)
+                const factor = 1.0 + Math.random(); // A random number between 1.0 and 2.0
+                const retryDelay = Math.floor(factor * this._minHttpRetryDelayMs);
+                await Async.sleepAsync(retryDelay);
+                return await this._makeHttpRequestAsync({ ...options, maxAttempts: options.maxAttempts - 1 });
+            }
+            this._reportFailure(terminal, method, response, false, warningText);
+            return false;
+        }
+        const result = readBody ? await response.getBufferAsync() : true;
+        terminal.writeDebugLine(`[http-build-cache] actual response: ${response.status} ${url} ${result === true ? 'true' : result.length} bytes`);
+        return result;
+    }
+    async _tryGetCredentialsAsync(options) {
+        if (options === CredentialsOptions.Omit) {
+            return;
+        }
+        let credentials = this._environmentCredential;
+        if (credentials === undefined) {
+            credentials = await this._tryGetCredentialsFromCacheAsync();
+        }
+        if (typeof credentials !== 'string' && options === CredentialsOptions.Required) {
+            throw new Error([
+                `Credentials for ${this._url.href} have not been provided.`,
+                `In CI, verify that RUSH_BUILD_CACHE_CREDENTIAL contains a valid Authorization header value.`,
+                ``,
+                `For local developers, run:`,
+                ``,
+                `    rush update-cloud-credentials --interactive`,
+                ``
+            ].join('\n'));
+        }
+        return credentials;
+    }
+    async _tryGetCredentialsFromCacheAsync() {
+        var _a;
+        let cacheEntry;
+        await CredentialCache.usingAsync({
+            supportEditing: false
+        }, (credentialsCache) => {
+            cacheEntry = credentialsCache.tryGetCacheEntry(this._credentialCacheId);
+        });
+        if (cacheEntry) {
+            const expirationTime = (_a = cacheEntry.expires) === null || _a === void 0 ? void 0 : _a.getTime();
+            if (!expirationTime || expirationTime >= Date.now()) {
+                return cacheEntry.credential;
+            }
+        }
+    }
+    _getFailureType(requestMethod, response, isRedirect) {
+        if (response.ok) {
+            return FailureType.None;
+        }
+        switch (response.status) {
+            case 503: {
+                // We select 503 specifically because this represents "service unavailable" and
+                // "rate limit throttle" errors, which are transient issues.
+                //
+                // There are other 5xx errors, such as 501, that can occur if the request is
+                // malformed, so as a general rule we want to let through other 5xx errors
+                // so the user can troubleshoot.
+                // Don't fail production builds with warnings for transient issues
+                return FailureType.Informational;
+            }
+            case 401:
+            case 403:
+            case 407: {
+                if (requestMethod === 'GET' && (isRedirect || response.redirected)) {
+                    // Cache misses for GET requests are not errors
+                    // This is a workaround behavior where a server can issue a redirect and we fail to authenticate at the new location.
+                    // We do not want to signal this as an authentication failure because the authorization header is not passed on to redirects.
+                    // i.e The authentication header was accepted for the first request and therefore subsequent failures
+                    // where it was not present should not be attributed to the header.
+                    // This scenario usually comes up with services that redirect to pre-signed URLS that don't actually exist.
+                    // Those services then usually treat the 404 as a 403 to prevent leaking information.
+                    return FailureType.None;
+                }
+                return FailureType.Authentication;
+            }
+            case 404: {
+                if (requestMethod === 'GET') {
+                    // Cache misses for GET requests are not errors
+                    return FailureType.None;
+                }
+            }
+        }
+        // Let dev builds succeed, let Prod builds fail
+        return FailureType.Warning;
+    }
+    _reportFailure(terminal, requestMethod, response, isRedirect, message) {
+        switch (this._getFailureType(requestMethod, response, isRedirect)) {
+            default: {
+                terminal.writeErrorLine(`${message}: HTTP ${response.status}: ${response.statusText}`);
+                break;
+            }
+            case FailureType.Warning: {
+                terminal.writeWarningLine(`${message}: HTTP ${response.status}: ${response.statusText}`);
+                break;
+            }
+            case FailureType.Informational: {
+                terminal.writeLine(`${message}: HTTP ${response.status}: ${response.statusText}`);
+                break;
+            }
+            case FailureType.None: {
+                terminal.writeDebugLine(`${message}: HTTP ${response.status}: ${response.statusText}`);
+                break;
+            }
+            case FailureType.Authentication: {
+                throw new Error([
+                    `${this._url.href} responded with ${response.status}: ${response.statusText}.`,
+                    `Credentials may be misconfigured or have expired.`,
+                    `In CI, verify that RUSH_BUILD_CACHE_CREDENTIAL contains a valid Authorization header value.`,
+                    ``,
+                    `For local developers, run:`,
+                    ``,
+                    `    rush update-cloud-credentials --interactive`,
+                    ``
+                ].join('\n'));
+            }
+        }
+    }
+}
+//# sourceMappingURL=HttpBuildCacheProvider.js.map

package/lib-esm/HttpBuildCacheProvider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"HttpBuildCacheProvider.js","sourceRoot":"","sources":["../src/HttpBuildCacheProvider.ts"],"names":[],"mappings":"AAAA,4FAA4F;AAC5F,2DAA2D;AAI3D,OAAO,EAA8B,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC1F,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,8BAA8B,CAAC;AAEjE,OAAO,EAGL,wBAAwB,EACzB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,SAAS,EAA2B,MAAM,6CAA6C,CAAC;AAEjG,IAAK,kBAIJ;AAJD,WAAK,kBAAkB;IACrB,mEAAQ,CAAA;IACR,mEAAQ,CAAA;IACR,2DAAI,CAAA;AACN,CAAC,EAJI,kBAAkB,KAAlB,kBAAkB,QAItB;AAED,IAAK,WAMJ;AAND,WAAK,WAAW;IACd,6CAAI,CAAA;IACJ,+DAAa,CAAA;IACb,mDAAO,CAAA;IACP,+CAAK,CAAA;IACL,iEAAc,CAAA;AAChB,CAAC,EANI,WAAW,KAAX,WAAW,QAMf;AA2BD,MAAM,uBAAuB,GAAW,CAAC,CAAC;AAC1C,MAAM,+BAA+B,GAAW,IAAI,CAAC;AAErD,MAAM,OAAO,sBAAsB;IAajC,IAAW,mBAAmB;;QAC5B,OAAO,MAAA,wBAAwB,CAAC,sBAAsB,mCAAI,IAAI,CAAC,mCAAmC,CAAC;IACrG,CAAC;IAED,YAAmB,OAAuC,EAAE,WAAwB;;QAClF,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;QACtC,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,cAAc,CAAC;QAE/C,IAAI,CAAC,sBAAsB,GAAG,wBAAwB,CAAC,oBAAoB,CAAC;QAC5E,IAAI,CAAC,mCAAmC,GAAG,OAAO,CAAC,mBAAmB,CAAC;QACvE,IAAI,CAAC,IAAI,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC;QACjF,IAAI,CAAC,aAAa,GAAG,MAAA,OAAO,CAAC,YAAY,mCAAI,KAAK,CAAC;QACnD,IAAI,CAAC,QAAQ,GAAG,MAAA,OAAO,CAAC,OAAO,mCAAI,EAAE,CAAC;QACtC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;QAC1C,IAAI,CAAC,eAAe,GAAG,MAAA,OAAO,CAAC,cAAc,mCAAI,EAAE,CAAC;QACpD,IAAI,CAAC,oBAAoB,GAAG,MAAA,OAAO,CAAC,mBAAmB,mCAAI,+BAA+B,CAAC;IAC7F,CAAC;IAEM,KAAK,CAAC,+BAA+B,CAC1C,QAAmB,EACnB,OAAe;QAEf,IAAI,CAAC;YACH,MAAM,MAAM,GAAqB,MAAM,IAAI,CAAC,qBAAqB,CAAC;gBAChE,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,GAAG,IAAI,CAAC,eAAe,GAAG,OAAO,EAAE;gBAC3C,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE,2BAA2B;gBACxC,QAAQ,EAAE,IAAI;gBACd,WAAW,EAAE,uBAAuB;aACrC,CAAC,CAAC;YAEH,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;QACtD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,QAAQ,CAAC,gBAAgB,CAAC,8BAA8B,CAAC,EAAE,CAAC,CAAC;YAC7D,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,2BAA2B,CACtC,QAAmB,EACnB,OAAe,EACf,YAAoB;QAEpB,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,QAAQ,CAAC,cAAc,CAAC,+DAA+D,CAAC,CAAC;YACzF,OAAO,KAAK,CAAC;QACf,CAAC;QAED,QAAQ,CAAC,cAAc,CAAC,iCAAiC,EAAE,OAAO,CAAC,CAAC;QAEpE,IAAI,CAAC;YACH,MAAM,MAAM,GAAqB,MAAM,IAAI,CAAC,qBAAqB,CAAC;gBAChE,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,GAAG,IAAI,CAAC,eAAe,GAAG,OAAO,EAAE;gBAC3C,MAAM,EAAE,IAAI,CAAC,aAAa;gBAC1B,IAAI,EAAE,YAAY;gBAClB,WAAW,EAAE,6BAA6B;gBAC1C,QAAQ,EAAE,KAAK;gBACf,WAAW,EAAE,uBAAuB;aACrC,CAAC,CAAC;YAEH,OAAO,MAAM,KAAK,KAAK,CAAC;QAC1B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,QAAQ,CAAC,gBAAgB,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;YAC/D,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,2BAA2B,CAAC,QAAmB,EAAE,UAAkB;QAC9E,MAAM,eAAe,CAAC,UAAU,CAC9B;YACE,cAAc,EAAE,IAAI;SACrB,EACD,KAAK,EAAE,gBAAiC,EAAE,EAAE;YAC1C,gBAAgB,CAAC,aAAa,CAAC,IAAI,CAAC,kBAAkB,EAAE;gBACtD,UAAU,EAAE,UAAU;aACvB,CAAC,CAAC;YACH,MAAM,gBAAgB,CAAC,mBAAmB,EAAE,CAAC;QAC/C,CAAC,CACF,CAAC;IACJ,CAAC;IAEM,KAAK,CAAC,sCAAsC,CAAC,QAAmB;QACrE,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,6DAA6D;gBAC3D,iEAAiE,IAAI,CAAC,WAAW,4FAA4F;gBAC7K,mGAAmG;gBACnG,sCAAsC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CACzD,CAAC;QACJ,CAAC;QAED,MAAM,GAAG,GAAW,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9F,QAAQ,CAAC,gBAAgB,CAAC,YAAY,GAAG,sBAAsB,CAAC,CAAC;QACjE,MAAM,MAAM,GAA6B,UAAU,CAAC,SAAS,CAC3D,IAAI,CAAC,aAAa,CAAC,IAAI,EACvB,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,EAAE,EAC7B;YACE,uBAAuB,EAAE,IAAI,CAAC,gBAAgB;SAC/C,CACF,CAAC;QAEF,QAAQ,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAEvC,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,8CAA8C,GAAG,WAAW,CAAC,CAAC;QAChF,CAAC;QAED,MAAM,UAAU,GAAW,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAChD,QAAQ,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;QAE7C,MAAM,IAAI,CAAC,2BAA2B,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAE7D,QAAQ,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;IAClD,CAAC;IAEM,KAAK,CAAC,4BAA4B,CAAC,QAAmB;QAC3D,MAAM,eAAe,CAAC,UAAU,CAC9B;YACE,cAAc,EAAE,IAAI;SACrB,EACD,KAAK,EAAE,gBAAiC,EAAE,EAAE;YAC1C,gBAAgB,CAAC,gBAAgB,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAC3D,MAAM,gBAAgB,CAAC,mBAAmB,EAAE,CAAC;QAC/C,CAAC,CACF,CAAC;IACJ,CAAC;IAED,IAAY,kBAAkB;QAC5B,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,MAAM,YAAY,GAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAEhD,IAAI,IAAI,CAAC,mCAAmC,EAAE,CAAC;gBAC7C,YAAY,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACzC,CAAC;YAED,IAAI,CAAC,mBAAmB,GAAG,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACpD,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC;IAClC,CAAC;IAEO,KAAK,CAAC,qBAAqB,CAAC,OASnC;QACC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAAG,OAAO,CAAC;QAC7F,MAAM,qBAAqB,GAAuB,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,kBAAkB,CAAC,QAAQ,CAAC;QACnG,MAAM,WAAW,GAAuB,MAAM,IAAI,CAAC,uBAAuB,CAAC,qBAAqB,CAAC,CAAC;QAClG,MAAM,GAAG,GAAW,IAAI,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAEpD,MAAM,OAAO,GAA2B,EAAE,CAAC;QAC3C,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO,CAAC,aAAa,GAAG,WAAW,CAAC;QACtC,CAAC;QAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACvB,CAAC;QACH,CAAC;QAED,MAAM,UAAU,GAAuB,CAAC,IAA2B,aAA3B,IAAI,uBAAJ,IAAI,CAAyB,MAAM,KAAI,SAAS,CAAC;QAEzF,QAAQ,CAAC,cAAc,CAAC,+BAA+B,MAAM,IAAI,GAAG,IAAI,UAAU,QAAQ,CAAC,CAAC;QAE5F,MAAM,SAAS,GAAc,IAAI,SAAS,EAAE,CAAC;QAC7C,MAAM,QAAQ,GAAuB,MAAM,SAAS,CAAC,UAAU,CAAC,GAAG,EAAE;YACnE,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,OAAO;YAChB,IAAI,EAAE,IAAI;YACV,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,CAAC,CAAC,0BAA0B;SACxC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,uBAAuB,GAAY,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,CAAC;YAEzF,IACE,CAAC,uBAAuB;gBACxB,OAAO,WAAW,KAAK,QAAQ;gBAC/B,qBAAqB,KAAK,kBAAkB,CAAC,QAAQ,EACrD,CAAC;gBACD,kFAAkF;gBAClF,iFAAiF;gBACjF,qEAAqE;gBACrE,EAAE;gBACF,wFAAwF;gBACxF,OAAO,MAAM,IAAI,CAAC,qBAAqB,CAAC;oBACtC,GAAG,OAAO;oBACV,iBAAiB,EAAE,kBAAkB,CAAC,QAAQ;iBAC/C,CAAC,CAAC;YACL,CAAC;YAED,IAAI,OAAO,CAAC,WAAW,GAAG,CAAC,EAAE,CAAC;gBAC5B,yDAAyD;gBACzD,sFAAsF;gBACtF,gGAAgG;gBAChG,MAAM,MAAM,GAAW,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,sCAAsC;gBAClF,MAAM,UAAU,GAAW,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBAE1E,MAAM,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;gBAEnC,OAAO,MAAM,IAAI,CAAC,qBAAqB,CAAC,EAAE,GAAG,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,GAAG,CAAC,EAAE,CAAC,CAAC;YAChG,CAAC;YAED,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;YACpE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,MAAM,GAAqB,QAAQ,CAAC,CAAC,CAAC,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAEnF,QAAQ,CAAC,cAAc,CACrB,uCAAuC,QAAQ,CAAC,MAAM,IAAI,GAAG,IAC3D,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MACpC,QAAQ,CACT,CAAC;QAEF,OAAO,MAAM,CAAC;IAChB,CAAC;IAMO,KAAK,CAAC,uBAAuB,CAAC,OAA2B;QAC/D,IAAI,OAAO,KAAK,kBAAkB,CAAC,IAAI,EAAE,CAAC;YACxC,OAAO;QACT,CAAC;QAED,IAAI,WAAW,GAAuB,IAAI,CAAC,sBAAsB,CAAC;QAElE,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,WAAW,GAAG,MAAM,IAAI,CAAC,gCAAgC,EAAE,CAAC;QAC9D,CAAC;QAED,IAAI,OAAO,WAAW,KAAK,QAAQ,IAAI,OAAO,KAAK,kBAAkB,CAAC,QAAQ,EAAE,CAAC;YAC/E,MAAM,IAAI,KAAK,CACb;gBACE,mBAAmB,IAAI,CAAC,IAAI,CAAC,IAAI,0BAA0B;gBAC3D,6FAA6F;gBAC7F,EAAE;gBACF,4BAA4B;gBAC5B,EAAE;gBACF,iDAAiD;gBACjD,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;QACJ,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,gCAAgC;;QAC5C,IAAI,UAA6C,CAAC;QAElD,MAAM,eAAe,CAAC,UAAU,CAC9B;YACE,cAAc,EAAE,KAAK;SACtB,EACD,CAAC,gBAAiC,EAAE,EAAE;YACpC,UAAU,GAAG,gBAAgB,CAAC,gBAAgB,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC1E,CAAC,CACF,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,cAAc,GAAuB,MAAA,UAAU,CAAC,OAAO,0CAAE,OAAO,EAAE,CAAC;YACzE,IAAI,CAAC,cAAc,IAAI,cAAc,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;gBACpD,OAAO,UAAU,CAAC,UAAU,CAAC;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IAEO,eAAe,CACrB,aAAqB,EACrB,QAA4B,EAC5B,UAAmB;QAEnB,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO,WAAW,CAAC,IAAI,CAAC;QAC1B,CAAC;QAED,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;YACxB,KAAK,GAAG,CAAC,CAAC,CAAC;gBACT,+EAA+E;gBAC/E,4DAA4D;gBAC5D,EAAE;gBACF,4EAA4E;gBAC5E,0EAA0E;gBAC1E,gCAAgC;gBAEhC,kEAAkE;gBAClE,OAAO,WAAW,CAAC,aAAa,CAAC;YACnC,CAAC;YAED,KAAK,GAAG,CAAC;YACT,KAAK,GAAG,CAAC;YACT,KAAK,GAAG,CAAC,CAAC,CAAC;gBACT,IAAI,aAAa,KAAK,KAAK,IAAI,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBACnE,+CAA+C;oBAC/C,qHAAqH;oBACrH,6HAA6H;oBAC7H,qGAAqG;oBACrG,mEAAmE;oBACnE,2GAA2G;oBAC3G,qFAAqF;oBACrF,OAAO,WAAW,CAAC,IAAI,CAAC;gBAC1B,CAAC;gBAED,OAAO,WAAW,CAAC,cAAc,CAAC;YACpC,CAAC;YAED,KAAK,GAAG,CAAC,CAAC,CAAC;gBACT,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;oBAC5B,+CAA+C;oBAC/C,OAAO,WAAW,CAAC,IAAI,CAAC;gBAC1B,CAAC;YACH,CAAC;QACH,CAAC;QAED,+CAA+C;QAC/C,OAAO,WAAW,CAAC,OAAO,CAAC;IAC7B,CAAC;IAEO,cAAc,CACpB,QAAmB,EACnB,aAAqB,EACrB,QAA4B,EAC5B,UAAmB,EACnB,OAAe;QAEf,QAAQ,IAAI,CAAC,eAAe,CAAC,aAAa,EAAE,QAAQ,EAAE,UAAU,CAAC,EAAE,CAAC;YAClE,OAAO,CAAC,CAAC,CAAC;gBACR,QAAQ,CAAC,cAAc,CAAC,GAAG,OAAO,UAAU,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBACvF,MAAM;YACR,CAAC;YAED,KAAK,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC;gBACzB,QAAQ,CAAC,gBAAgB,CAAC,GAAG,OAAO,UAAU,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBACzF,MAAM;YACR,CAAC;YAED,KAAK,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC;gBAC/B,QAAQ,CAAC,SAAS,CAAC,GAAG,OAAO,UAAU,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBAClF,MAAM;YACR,CAAC;YAED,KAAK,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;gBACtB,QAAQ,CAAC,cAAc,CAAC,GAAG,OAAO,UAAU,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;gBACvF,MAAM;YACR,CAAC;YAED,KAAK,WAAW,CAAC,cAAc,CAAC,CAAC,CAAC;gBAChC,MAAM,IAAI,KAAK,CACb;oBACE,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,mBAAmB,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,GAAG;oBAC9E,mDAAmD;oBACnD,6FAA6F;oBAC7F,EAAE;oBACF,4BAA4B;oBAC5B,EAAE;oBACF,iDAAiD;oBACjD,EAAE;iBACH,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.\n// See LICENSE in the project root for license information.\n\nimport type { SpawnSyncReturns } from 'node:child_process';\n\nimport { type ICredentialCacheEntry, CredentialCache } from '@rushstack/credential-cache';\nimport { Executable, Async } from '@rushstack/node-core-library';\nimport type { ITerminal } from '@rushstack/terminal';\nimport {\n type ICloudBuildCacheProvider,\n type RushSession,\n EnvironmentConfiguration\n} from '@rushstack/rush-sdk';\nimport { WebClient, type IWebClientResponse } from '@rushstack/rush-sdk/lib/utilities/WebClient';\n\nenum CredentialsOptions {\n Optional,\n Required,\n Omit\n}\n\nenum FailureType {\n None,\n Informational,\n Warning,\n Error,\n Authentication\n}\n\nexport interface IHttpBuildCacheTokenHandler {\n exec: string;\n args?: string[];\n}\n\n/**\n * @public\n */\nexport type UploadMethod = 'PUT' | 'POST' | 'PATCH';\n\n/**\n * @public\n */\nexport interface IHttpBuildCacheProviderOptions {\n url: string;\n tokenHandler?: IHttpBuildCacheTokenHandler;\n uploadMethod?: UploadMethod;\n minHttpRetryDelayMs?: number;\n headers?: Record<string, string>;\n cacheKeyPrefix?: string;\n isCacheWriteAllowed: boolean;\n pluginName: string;\n rushJsonFolder: string;\n}\n\nconst MAX_HTTP_CACHE_ATTEMPTS: number = 3;\nconst DEFAULT_MIN_HTTP_RETRY_DELAY_MS: number = 2500;\n\nexport class HttpBuildCacheProvider implements ICloudBuildCacheProvider {\n private readonly _pluginName: string;\n private readonly _rushProjectRoot: string;\n private readonly _environmentCredential: string | undefined;\n private readonly _isCacheWriteAllowedByConfiguration: boolean;\n private readonly _url: URL;\n private readonly _uploadMethod: UploadMethod;\n private readonly _headers: Record<string, string>;\n private readonly _cacheKeyPrefix: string;\n private readonly _tokenHandler: IHttpBuildCacheTokenHandler | undefined;\n private readonly _minHttpRetryDelayMs: number;\n private __credentialCacheId: string | undefined;\n\n public get isCacheWriteAllowed(): boolean {\n return EnvironmentConfiguration.buildCacheWriteAllowed ?? this._isCacheWriteAllowedByConfiguration;\n }\n\n public constructor(options: IHttpBuildCacheProviderOptions, rushSession: RushSession) {\n this._pluginName = options.pluginName;\n this._rushProjectRoot = options.rushJsonFolder;\n\n this._environmentCredential = EnvironmentConfiguration.buildCacheCredential;\n this._isCacheWriteAllowedByConfiguration = options.isCacheWriteAllowed;\n this._url = new URL(options.url.endsWith('/') ? options.url : options.url + '/');\n this._uploadMethod = options.uploadMethod ?? 'PUT';\n this._headers = options.headers ?? {};\n this._tokenHandler = options.tokenHandler;\n this._cacheKeyPrefix = options.cacheKeyPrefix ?? '';\n this._minHttpRetryDelayMs = options.minHttpRetryDelayMs ?? DEFAULT_MIN_HTTP_RETRY_DELAY_MS;\n }\n\n public async tryGetCacheEntryBufferByIdAsync(\n terminal: ITerminal,\n cacheId: string\n ): Promise<Buffer | undefined> {\n try {\n const result: boolean | Buffer = await this._makeHttpRequestAsync({\n terminal: terminal,\n relUrl: `${this._cacheKeyPrefix}${cacheId}`,\n method: 'GET',\n body: undefined,\n warningText: 'Could not get cache entry',\n readBody: true,\n maxAttempts: MAX_HTTP_CACHE_ATTEMPTS\n });\n\n return Buffer.isBuffer(result) ? result : undefined;\n } catch (e) {\n terminal.writeWarningLine(`Error getting cache entry: ${e}`);\n return undefined;\n }\n }\n\n public async trySetCacheEntryBufferAsync(\n terminal: ITerminal,\n cacheId: string,\n objectBuffer: Buffer\n ): Promise<boolean> {\n if (!this.isCacheWriteAllowed) {\n terminal.writeErrorLine('Writing to cache is not allowed in the current configuration.');\n return false;\n }\n\n terminal.writeDebugLine('Uploading object with cacheId: ', cacheId);\n\n try {\n const result: boolean | Buffer = await this._makeHttpRequestAsync({\n terminal: terminal,\n relUrl: `${this._cacheKeyPrefix}${cacheId}`,\n method: this._uploadMethod,\n body: objectBuffer,\n warningText: 'Could not write cache entry',\n readBody: false,\n maxAttempts: MAX_HTTP_CACHE_ATTEMPTS\n });\n\n return result !== false;\n } catch (e) {\n terminal.writeWarningLine(`Error uploading cache entry: ${e}`);\n return false;\n }\n }\n\n public async updateCachedCredentialAsync(terminal: ITerminal, credential: string): Promise<void> {\n await CredentialCache.usingAsync(\n {\n supportEditing: true\n },\n async (credentialsCache: CredentialCache) => {\n credentialsCache.setCacheEntry(this._credentialCacheId, {\n credential: credential\n });\n await credentialsCache.saveIfModifiedAsync();\n }\n );\n }\n\n public async updateCachedCredentialInteractiveAsync(terminal: ITerminal): Promise<void> {\n if (!this._tokenHandler) {\n throw new Error(\n `The interactive cloud credentials flow is not configured.\\n` +\n `Set the 'tokenHandler' setting in 'common/config/rush-plugins/${this._pluginName}.json' to a command that writes your credentials to standard output and exits with code 0 ` +\n `or provide your credentials to rush using the --credential flag instead. Credentials must be the ` +\n `'Authorization' header expected by ${this._url.href}`\n );\n }\n\n const cmd: string = `${this._tokenHandler.exec} ${(this._tokenHandler.args || []).join(' ')}`;\n terminal.writeVerboseLine(`Running '${cmd}' to get credentials`);\n const result: SpawnSyncReturns<string> = Executable.spawnSync(\n this._tokenHandler.exec,\n this._tokenHandler.args || [],\n {\n currentWorkingDirectory: this._rushProjectRoot\n }\n );\n\n terminal.writeErrorLine(result.stderr);\n\n if (result.error) {\n throw new Error(`Could not obtain credentials. The command '${cmd}' failed.`);\n }\n\n const credential: string = result.stdout.trim();\n terminal.writeVerboseLine('Got credentials');\n\n await this.updateCachedCredentialAsync(terminal, credential);\n\n terminal.writeLine('Updated credentials cache');\n }\n\n public async deleteCachedCredentialsAsync(terminal: ITerminal): Promise<void> {\n await CredentialCache.usingAsync(\n {\n supportEditing: true\n },\n async (credentialsCache: CredentialCache) => {\n credentialsCache.deleteCacheEntry(this._credentialCacheId);\n await credentialsCache.saveIfModifiedAsync();\n }\n );\n }\n\n private get _credentialCacheId(): string {\n if (!this.__credentialCacheId) {\n const cacheIdParts: string[] = [this._url.href];\n\n if (this._isCacheWriteAllowedByConfiguration) {\n cacheIdParts.push('cacheWriteAllowed');\n }\n\n this.__credentialCacheId = cacheIdParts.join('|');\n }\n\n return this.__credentialCacheId;\n }\n\n private async _makeHttpRequestAsync(options: {\n terminal: ITerminal;\n relUrl: string;\n method: 'GET' | UploadMethod;\n body: Buffer | undefined;\n warningText: string;\n readBody: boolean;\n maxAttempts: number;\n credentialOptions?: CredentialsOptions;\n }): Promise<Buffer | boolean> {\n const { terminal, relUrl, method, body, warningText, readBody, credentialOptions } = options;\n const safeCredentialOptions: CredentialsOptions = credentialOptions ?? CredentialsOptions.Optional;\n const credentials: string | undefined = await this._tryGetCredentialsAsync(safeCredentialOptions);\n const url: string = new URL(relUrl, this._url).href;\n\n const headers: Record<string, string> = {};\n if (typeof credentials === 'string') {\n headers.Authorization = credentials;\n }\n\n for (const [key, value] of Object.entries(this._headers)) {\n if (typeof value === 'string') {\n headers[key] = value;\n }\n }\n\n const bodyLength: number | 'unknown' = (body as { length: number })?.length || 'unknown';\n\n terminal.writeDebugLine(`[http-build-cache] request: ${method} ${url} ${bodyLength} bytes`);\n\n const webClient: WebClient = new WebClient();\n const response: IWebClientResponse = await webClient.fetchAsync(url, {\n verb: method,\n headers: headers,\n body: body,\n redirect: 'follow',\n timeoutMs: 0 // Use the default timeout\n });\n\n if (!response.ok) {\n const isNonCredentialResponse: boolean = response.status >= 500 && response.status < 600;\n\n if (\n !isNonCredentialResponse &&\n typeof credentials !== 'string' &&\n safeCredentialOptions === CredentialsOptions.Optional\n ) {\n // If we don't already have credentials yet, and we got a response from the server\n // that is a \"normal\" failure (4xx), then we assume that credentials are probably\n // required. Re-attempt the request, requiring credentials this time.\n //\n // This counts as part of the \"first attempt\", so it is not included in the max attempts\n return await this._makeHttpRequestAsync({\n ...options,\n credentialOptions: CredentialsOptions.Required\n });\n }\n\n if (options.maxAttempts > 1) {\n // Pause a bit before retrying in case the server is busy\n // Add some random jitter to the retry so we can spread out load on the remote service\n // A proper solution might add exponential back off in case the retry count is high (10 or more)\n const factor: number = 1.0 + Math.random(); // A random number between 1.0 and 2.0\n const retryDelay: number = Math.floor(factor * this._minHttpRetryDelayMs);\n\n await Async.sleepAsync(retryDelay);\n\n return await this._makeHttpRequestAsync({ ...options, maxAttempts: options.maxAttempts - 1 });\n }\n\n this._reportFailure(terminal, method, response, false, warningText);\n return false;\n }\n\n const result: Buffer | boolean = readBody ? await response.getBufferAsync() : true;\n\n terminal.writeDebugLine(\n `[http-build-cache] actual response: ${response.status} ${url} ${\n result === true ? 'true' : result.length\n } bytes`\n );\n\n return result;\n }\n\n private async _tryGetCredentialsAsync(options: CredentialsOptions.Required): Promise<string>;\n private async _tryGetCredentialsAsync(options: CredentialsOptions.Optional): Promise<string | undefined>;\n private async _tryGetCredentialsAsync(options: CredentialsOptions.Omit): Promise<undefined>;\n private async _tryGetCredentialsAsync(options: CredentialsOptions): Promise<string | undefined>;\n private async _tryGetCredentialsAsync(options: CredentialsOptions): Promise<string | undefined> {\n if (options === CredentialsOptions.Omit) {\n return;\n }\n\n let credentials: string | undefined = this._environmentCredential;\n\n if (credentials === undefined) {\n credentials = await this._tryGetCredentialsFromCacheAsync();\n }\n\n if (typeof credentials !== 'string' && options === CredentialsOptions.Required) {\n throw new Error(\n [\n `Credentials for ${this._url.href} have not been provided.`,\n `In CI, verify that RUSH_BUILD_CACHE_CREDENTIAL contains a valid Authorization header value.`,\n ``,\n `For local developers, run:`,\n ``,\n ` rush update-cloud-credentials --interactive`,\n ``\n ].join('\\n')\n );\n }\n\n return credentials;\n }\n\n private async _tryGetCredentialsFromCacheAsync(): Promise<string | undefined> {\n let cacheEntry: ICredentialCacheEntry | undefined;\n\n await CredentialCache.usingAsync(\n {\n supportEditing: false\n },\n (credentialsCache: CredentialCache) => {\n cacheEntry = credentialsCache.tryGetCacheEntry(this._credentialCacheId);\n }\n );\n\n if (cacheEntry) {\n const expirationTime: number | undefined = cacheEntry.expires?.getTime();\n if (!expirationTime || expirationTime >= Date.now()) {\n return cacheEntry.credential;\n }\n }\n }\n\n private _getFailureType(\n requestMethod: string,\n response: IWebClientResponse,\n isRedirect: boolean\n ): FailureType {\n if (response.ok) {\n return FailureType.None;\n }\n\n switch (response.status) {\n case 503: {\n // We select 503 specifically because this represents \"service unavailable\" and\n // \"rate limit throttle\" errors, which are transient issues.\n //\n // There are other 5xx errors, such as 501, that can occur if the request is\n // malformed, so as a general rule we want to let through other 5xx errors\n // so the user can troubleshoot.\n\n // Don't fail production builds with warnings for transient issues\n return FailureType.Informational;\n }\n\n case 401:\n case 403:\n case 407: {\n if (requestMethod === 'GET' && (isRedirect || response.redirected)) {\n // Cache misses for GET requests are not errors\n // This is a workaround behavior where a server can issue a redirect and we fail to authenticate at the new location.\n // We do not want to signal this as an authentication failure because the authorization header is not passed on to redirects.\n // i.e The authentication header was accepted for the first request and therefore subsequent failures\n // where it was not present should not be attributed to the header.\n // This scenario usually comes up with services that redirect to pre-signed URLS that don't actually exist.\n // Those services then usually treat the 404 as a 403 to prevent leaking information.\n return FailureType.None;\n }\n\n return FailureType.Authentication;\n }\n\n case 404: {\n if (requestMethod === 'GET') {\n // Cache misses for GET requests are not errors\n return FailureType.None;\n }\n }\n }\n\n // Let dev builds succeed, let Prod builds fail\n return FailureType.Warning;\n }\n\n private _reportFailure(\n terminal: ITerminal,\n requestMethod: string,\n response: IWebClientResponse,\n isRedirect: boolean,\n message: string\n ): void {\n switch (this._getFailureType(requestMethod, response, isRedirect)) {\n default: {\n terminal.writeErrorLine(`${message}: HTTP ${response.status}: ${response.statusText}`);\n break;\n }\n\n case FailureType.Warning: {\n terminal.writeWarningLine(`${message}: HTTP ${response.status}: ${response.statusText}`);\n break;\n }\n\n case FailureType.Informational: {\n terminal.writeLine(`${message}: HTTP ${response.status}: ${response.statusText}`);\n break;\n }\n\n case FailureType.None: {\n terminal.writeDebugLine(`${message}: HTTP ${response.status}: ${response.statusText}`);\n break;\n }\n\n case FailureType.Authentication: {\n throw new Error(\n [\n `${this._url.href} responded with ${response.status}: ${response.statusText}.`,\n `Credentials may be misconfigured or have expired.`,\n `In CI, verify that RUSH_BUILD_CACHE_CREDENTIAL contains a valid Authorization header value.`,\n ``,\n `For local developers, run:`,\n ``,\n ` rush update-cloud-credentials --interactive`,\n ``\n ].join('\\n')\n );\n }\n }\n }\n}\n"]}

package/lib-esm/RushHttpBuildCachePlugin.js ADDED Viewed

@@ -0,0 +1,32 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
+// See LICENSE in the project root for license information.
+const PLUGIN_NAME = 'HttpBuildCachePlugin';
+/**
+ * @public
+ */
+export class RushHttpBuildCachePlugin {
+    constructor() {
+        this.pluginName = PLUGIN_NAME;
+    }
+    apply(rushSession, rushConfig) {
+        rushSession.hooks.initialize.tap(this.pluginName, () => {
+            rushSession.registerCloudBuildCacheProviderFactory('http', async (buildCacheConfig) => {
+                const config = buildCacheConfig.httpConfiguration;
+                const { url, uploadMethod, headers, tokenHandler, cacheKeyPrefix, isCacheWriteAllowed } = config;
+                const options = {
+                    pluginName: this.pluginName,
+                    rushJsonFolder: rushConfig.rushJsonFolder,
+                    url: url,
+                    uploadMethod: uploadMethod,
+                    headers: headers,
+                    tokenHandler: tokenHandler,
+                    cacheKeyPrefix: cacheKeyPrefix,
+                    isCacheWriteAllowed: !!isCacheWriteAllowed
+                };
+                const { HttpBuildCacheProvider } = await import('./HttpBuildCacheProvider');
+                return new HttpBuildCacheProvider(options, rushSession);
+            });
+        });
+    }
+}
+//# sourceMappingURL=RushHttpBuildCachePlugin.js.map

package/lib-esm/RushHttpBuildCachePlugin.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"RushHttpBuildCachePlugin.js","sourceRoot":"","sources":["../src/RushHttpBuildCachePlugin.ts"],"names":[],"mappings":"AAAA,4FAA4F;AAC5F,2DAA2D;AAM3D,MAAM,WAAW,GAAW,sBAAsB,CAAC;AAyCnD;;GAEG;AACH,MAAM,OAAO,wBAAwB;IAArC;QACkB,eAAU,GAAW,WAAW,CAAC;IA6BnD,CAAC;IA3BQ,KAAK,CAAC,WAAwB,EAAE,UAA6B;QAClE,WAAW,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,EAAE;YACrD,WAAW,CAAC,sCAAsC,CAAC,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE;gBACpF,MAAM,MAAM,GACV,gBAGD,CAAC,iBAAiB,CAAC;gBAEpB,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,mBAAmB,EAAE,GAAG,MAAM,CAAC;gBAEjG,MAAM,OAAO,GAAmC;oBAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,cAAc,EAAE,UAAU,CAAC,cAAc;oBACzC,GAAG,EAAE,GAAG;oBACR,YAAY,EAAE,YAAY;oBAC1B,OAAO,EAAE,OAAO;oBAChB,YAAY,EAAE,YAAY;oBAC1B,cAAc,EAAE,cAAc;oBAC9B,mBAAmB,EAAE,CAAC,CAAC,mBAAmB;iBAC3C,CAAC;gBAEF,MAAM,EAAE,sBAAsB,EAAE,GAAG,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;gBAC5E,OAAO,IAAI,sBAAsB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAC1D,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.\n// See LICENSE in the project root for license information.\n\nimport type { IRushPlugin, RushSession, RushConfiguration } from '@rushstack/rush-sdk';\n\nimport type { IHttpBuildCacheProviderOptions, UploadMethod } from './HttpBuildCacheProvider';\n\nconst PLUGIN_NAME: string = 'HttpBuildCachePlugin';\n\n/**\n * @public\n */\nexport interface IRushHttpBuildCachePluginConfig {\n /**\n * The URL of the server that stores the caches (e.g. \"https://build-caches.example.com\").\n */\n url: string;\n\n /**\n * The HTTP method to use when writing to the cache (defaults to PUT).\n */\n uploadMethod?: UploadMethod;\n\n /**\n * An optional set of HTTP headers to pass to the cache server.\n */\n headers?: Record<string, string>;\n\n /**\n * An optional command that prints the endpoint's credentials to stdout. Provide the\n * command or script to execute and, optionally, any arguments to pass to the script.\n */\n tokenHandler?: {\n exec: string;\n args?: string[];\n };\n\n /**\n * Prefix for cache keys.\n */\n cacheKeyPrefix?: string;\n\n /**\n * If set to true, allow writing to the cache. Defaults to false.\n */\n isCacheWriteAllowed?: boolean;\n}\n\n/**\n * @public\n */\nexport class RushHttpBuildCachePlugin implements IRushPlugin {\n public readonly pluginName: string = PLUGIN_NAME;\n\n public apply(rushSession: RushSession, rushConfig: RushConfiguration): void {\n rushSession.hooks.initialize.tap(this.pluginName, () => {\n rushSession.registerCloudBuildCacheProviderFactory('http', async (buildCacheConfig) => {\n const config: IRushHttpBuildCachePluginConfig = (\n buildCacheConfig as typeof buildCacheConfig & {\n httpConfiguration: IRushHttpBuildCachePluginConfig;\n }\n ).httpConfiguration;\n\n const { url, uploadMethod, headers, tokenHandler, cacheKeyPrefix, isCacheWriteAllowed } = config;\n\n const options: IHttpBuildCacheProviderOptions = {\n pluginName: this.pluginName,\n rushJsonFolder: rushConfig.rushJsonFolder,\n url: url,\n uploadMethod: uploadMethod,\n headers: headers,\n tokenHandler: tokenHandler,\n cacheKeyPrefix: cacheKeyPrefix,\n isCacheWriteAllowed: !!isCacheWriteAllowed\n };\n\n const { HttpBuildCacheProvider } = await import('./HttpBuildCacheProvider');\n return new HttpBuildCacheProvider(options, rushSession);\n });\n });\n }\n}\n"]}

package/lib-esm/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
+// See LICENSE in the project root for license information.
+import { RushHttpBuildCachePlugin } from './RushHttpBuildCachePlugin';
+export default RushHttpBuildCachePlugin;
+//# sourceMappingURL=index.js.map

package/lib-esm/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,4FAA4F;AAC5F,2DAA2D;AAE3D,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,eAAe,wBAAwB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.\n// See LICENSE in the project root for license information.\n\nimport { RushHttpBuildCachePlugin } from './RushHttpBuildCachePlugin';\n\nexport default RushHttpBuildCachePlugin;\nexport type { IHttpBuildCacheProviderOptions, UploadMethod } from './HttpBuildCacheProvider';\n"]}

package/lib-esm/schemas/http-config.schema.json ADDED Viewed

@@ -0,0 +1,52 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "title": "Configuration for build cache with HTTPS server",
+  "type": "object",
+  "required": ["url"],
+  "properties": {
+    "url": {
+      "type": "string",
+      "description": "(Required) The URL of the server that stores the caches (e.g. \"https://build-caches.example.com\").",
+      "format": "uri"
+    },
+    "uploadMethod": {
+      "type": "string",
+      "description": "(Optional) The HTTP method to use when writing to the cache (defaults to PUT).",
+      "enum": ["PUT", "POST", "PATCH"],
+      "default": "PUT"
+    },
+    "headers": {
+      "type": "object",
+      "description": "(Optional) HTTP headers to pass to the cache server",
+      "properties": {},
+      "additionalProperties": {
+        "type": "string"
+      }
+    },
+    "tokenHandler": {
+      "type": "object",
+      "description": "(Optional) Shell command that prints the authorization token needed to communicate with the HTTPS server and exits with code 0. This command will be executed from the root of the monorepo.",
+      "properties": {
+        "exec": {
+          "type": "string",
+          "description": "(Required) The command or script to execute."
+        },
+        "args": {
+          "type": "array",
+          "description": "(Optional) Arguments to pass to the command or script.",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "cacheKeyPrefix": {
+      "type": "string",
+      "description": "(Optional) prefix for cache keys."
+    },
+    "isCacheWriteAllowed": {
+      "type": "boolean",
+      "description": "(Optional) If set to true, allow writing to the cache. Defaults to false."
+    }
+  }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@rushstack/rush-http-build-cache-plugin",
-  "version": "5.167.0",
+  "version": "5.169.0",
   "description": "Rush plugin for generic HTTP cloud build cache",
   "repository": {
     "type": "git",
@@ -8,22 +8,46 @@
     "directory": "rush-plugins/rush-http-build-cache-plugin"
   },
   "homepage": "https://rushjs.io",
-  "main": "lib/index.js",
-  "types": "lib/index.d.ts",
+  "main": "./lib-commonjs/index.js",
+  "module": "./lib-esm/index.js",
+  "types": "./lib-dts/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./lib-dts/index.d.ts",
+      "import": "./lib-esm/index.js",
+      "require": "./lib-commonjs/index.js"
+    },
+    "./lib/*.schema.json": "./lib-commonjs/*.schema.json",
+    "./lib/*": {
+      "types": "./lib-dts/*.d.ts",
+      "import": "./lib-esm/*.js",
+      "require": "./lib-commonjs/*.js"
+    },
+    "./rush-plugin-manifest.json": "./rush-plugin-manifest.json",
+    "./package.json": "./package.json"
+  },
+  "typesVersions": {
+    "*": {
+      "lib/*": [
+        "lib-dts/*"
+      ]
+    }
+  },
   "license": "MIT",
   "dependencies": {
     "https-proxy-agent": "~5.0.0",
-    "@rushstack/credential-cache": "0.1.10",
-    "@rushstack/rush-sdk": "5.167.0",
-    "@rushstack/node-core-library": "5.19.1"
+    "@rushstack/credential-cache": "0.2.0",
+    "@rushstack/node-core-library": "5.20.0",
+    "@rushstack/rush-sdk": "5.169.0"
   },
   "devDependencies": {
     "eslint": "~9.37.0",
-    "@microsoft/rush-lib": "5.167.0",
-    "@rushstack/heft": "1.1.13",
-    "@rushstack/terminal": "0.21.0",
+    "@microsoft/rush-lib": "5.169.0",
+    "@rushstack/heft": "1.2.0",
+    "@rushstack/terminal": "0.22.0",
     "local-node-rig": "1.0.0"
   },
+  "sideEffects": false,
   "scripts": {
     "build": "heft build --clean",
     "start": "heft test-watch",

package/rush-plugin-manifest.json CHANGED Viewed

@@ -4,8 +4,8 @@
     {
       "pluginName": "rush-http-build-cache-plugin",
       "description": "Rush plugin for generic HTTP build cache",
-      "entryPoint": "lib/index.js",
-      "optionsSchema": "lib/schemas/http-config.schema.json"
+      "entryPoint": "./lib-commonjs/index.js",
+      "optionsSchema": "./lib-commonjs/schemas/http-config.schema.json"
     }
   ]
 }