Blame - poky/bitbake/lib/bb/fetch2/npm.py - mdmillerii/openbmc

2020-04-13 13:39:40 -0500

[diff] [blame]

1

Brad Bishop

c342db3

2019-05-15 21:57:59 -0400

[diff] [blame]

2

#

3

# SPDX-License-Identifier: GPL-2.0-only

4

#

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

5

"""

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

6

BitBake 'Fetch' npm implementation

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

7

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

8

npm fetcher support the SRC_URI with format of:

9

SRC_URI = "npm://some.registry.url;OptionA=xxx;OptionB=xxx;..."

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

10

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

11

Supported SRC_URI options are:

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

12

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

13

- package

14

The npm package name. This is a mandatory parameter.

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

15

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

16

- version

17

The npm package version. This is a mandatory parameter.

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

18

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

19

- downloadfilename

20

Specifies the filename used when storing the downloaded file.

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

21

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

22

- destsuffix

23

Specifies the directory to use to unpack the package (default: npm).

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

24

"""

25

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

26

import base64

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

27

import json

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

import os

import re

import shlex

import tempfile

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

32

import bb

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

33

from bb.fetch2 import Fetch

34

from bb.fetch2 import FetchError

35

from bb.fetch2 import FetchMethod

36

from bb.fetch2 import MissingParameterError

37

from bb.fetch2 import ParameterError

38

from bb.fetch2 import URI

39

from bb.fetch2 import check_network_access

40

from bb.fetch2 import runfetchcmd

41

from bb.utils import is_semver

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

42

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

43

def npm_package(package):

44

"""Convert the npm package name to remove unsupported character"""

45

# Scoped package names (with the @) use the same naming convention

46

# as the 'npm pack' command.

47

if package.startswith("@"):

48

return re.sub("/", "-", package[1:])

49

return package

50

51

def npm_filename(package, version):

52

"""Get the filename of a npm package"""

53

return npm_package(package) + "-" + version + ".tgz"

54

Andrew Geissler

7e0e3c0

2022-02-25 20:34:39 +0000

[diff] [blame]

55

def npm_localfile(package, version=None):

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

56

"""Get the local filename of a npm package"""

Andrew Geissler

7e0e3c0

2022-02-25 20:34:39 +0000

[diff] [blame]

57

if version is not None:

58

filename = npm_filename(package, version)

59

else:

60

filename = package

61

return os.path.join("npm2", filename)

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

62

63

def npm_integrity(integrity):

64

"""

65

Get the checksum name and expected value from the subresource integrity

66

https://www.w3.org/TR/SRI/

67

"""

68

algo, value = integrity.split("-", maxsplit=1)

69

return "%ssum" % algo, base64.b64decode(value).hex()

70

71

def npm_unpack(tarball, destdir, d):

72

"""Unpack a npm tarball"""

73

bb.utils.mkdirhier(destdir)

74

cmd = "tar --extract --gzip --file=%s" % shlex.quote(tarball)

75

cmd += " --no-same-owner"

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

76

cmd += " --delay-directory-restore"

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

77

cmd += " --strip-components=1"

78

runfetchcmd(cmd, d, workdir=destdir)

Andrew Geissler

595f630

2022-01-24 19:11:47 +0000

[diff] [blame]

79

runfetchcmd("chmod -R +X '%s'" % (destdir), d, quiet=True, workdir=destdir)

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

80

81

class NpmEnvironment(object):

82

"""

83

Using a npm config file seems more reliable than using cli arguments.

84

This class allows to create a controlled environment for npm commands.

85

"""

Stefan Herbrechtsmeier

3d983ec

2021-12-13 12:13:53 +0100

[diff] [blame]

86

def __init__(self, d, configs=[], npmrc=None):

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

87

self.d = d

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

88

Stefan Herbrechtsmeier

3d983ec

2021-12-13 12:13:53 +0100

[diff] [blame]

89

self.user_config = tempfile.NamedTemporaryFile(mode="w", buffering=1)

90

for key, value in configs:

91

self.user_config.write("%s=%s\n" % (key, value))

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

92

93

if npmrc:

94

self.global_config_name = npmrc

95

else:

96

self.global_config_name = "/dev/null"

def __del__(self):

if self.user_config:

self.user_config.close()

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

101

102

def run(self, cmd, args=None, configs=None, workdir=None):

103

"""Run npm command in a controlled environment"""

104

with tempfile.TemporaryDirectory() as tmpdir:

105

d = bb.data.createCopy(self.d)

Patrick Williams

e760df8

2023-05-26 11:10:49 -0500

[diff] [blame]

106

d.setVar("PATH", d.getVar("PATH")) # PATH might contain $HOME - evaluate it before patching

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

107

d.setVar("HOME", tmpdir)

108

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

if not workdir:

workdir = tmpdir

def _run(cmd):

Stefan Herbrechtsmeier

3d983ec

2021-12-13 12:13:53 +0100

[diff] [blame]

113

cmd = "NPM_CONFIG_USERCONFIG=%s " % (self.user_config.name) + cmd

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

114

cmd = "NPM_CONFIG_GLOBALCONFIG=%s " % (self.global_config_name) + cmd

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

115

return runfetchcmd(cmd, d, workdir=workdir)

116

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

117

if configs:

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

118

bb.warn("Use of configs argument of NpmEnvironment.run() function"

119

" is deprecated. Please use args argument instead.")

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

120

for key, value in configs:

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

121

cmd += " --%s=%s" % (key, shlex.quote(value))

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

122

123

if args:

124

for key, value in args:

125

cmd += " --%s=%s" % (key, shlex.quote(value))

126

127

return _run(cmd)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

128

129

class Npm(FetchMethod):

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

130

"""Class to fetch a package from a npm registry"""

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

131

132

def supports(self, ud, d):

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

133

"""Check if a given url can be fetched with npm"""

134

return ud.type in ["npm"]

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

135

136

def urldata_init(self, ud, d):

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

137

"""Init npm specific variables within url data"""

138

ud.package = None

139

ud.version = None

140

ud.registry = None

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

141

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

142

# Get the 'package' parameter

143

if "package" in ud.parm:

144

ud.package = ud.parm.get("package")

145

146

if not ud.package:

147

raise MissingParameterError("Parameter 'package' required", ud.url)

148

149

# Get the 'version' parameter

150

if "version" in ud.parm:

151

ud.version = ud.parm.get("version")

152

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

153

if not ud.version:

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

154

raise MissingParameterError("Parameter 'version' required", ud.url)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

155

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

156

if not is_semver(ud.version) and not ud.version == "latest":

157

raise ParameterError("Invalid 'version' parameter", ud.url)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

158

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

159

# Extract the 'registry' part of the url

Patrick Williams

92b42cb

2022-09-03 06:53:57 -0500

[diff] [blame]

160

ud.registry = re.sub(r"^npm://", "https://", ud.url.split(";")[0])

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

161

162

# Using the 'downloadfilename' parameter as local filename

163

# or the npm package name.

164

if "downloadfilename" in ud.parm:

Andrew Geissler

7e0e3c0

2022-02-25 20:34:39 +0000

[diff] [blame]

165

ud.localfile = npm_localfile(d.expand(ud.parm["downloadfilename"]))

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

166

else:

167

ud.localfile = npm_localfile(ud.package, ud.version)

168

169

# Get the base 'npm' command

170

ud.basecmd = d.getVar("FETCHCMD_npm") or "npm"

171

172

# This fetcher resolves a URI from a npm package name and version and

173

# then forwards it to a proxy fetcher. A resolve file containing the

174

# resolved URI is created to avoid unwanted network access (if the file

175

# already exists). The management of the donestamp file, the lockfile

176

# and the checksums are forwarded to the proxy fetcher.

177

ud.proxy = None

178

ud.needdonestamp = False

179

ud.resolvefile = self.localpath(ud, d) + ".resolved"

180

181

def _resolve_proxy_url(self, ud, d):

182

def _npm_view():

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

183

args = []

184

args.append(("json", "true"))

185

args.append(("registry", ud.registry))

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

186

pkgver = shlex.quote(ud.package + "@" + ud.version)

187

cmd = ud.basecmd + " view %s" % pkgver

188

env = NpmEnvironment(d)

189

check_network_access(d, cmd, ud.registry)

Andrew Geissler

2021-10-29 15:35:00 -0500

[diff] [blame]

190

view_string = env.run(cmd, args=args)

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

191

192

if not view_string:

193

raise FetchError("Unavailable package %s" % pkgver, ud.url)

194

195

try:

196

view = json.loads(view_string)

197

198

error = view.get("error")

199

if error is not None:

200

raise FetchError(error.get("summary"), ud.url)

201

202

if ud.version == "latest":

203

bb.warn("The npm package %s is using the latest " \

204

"version available. This could lead to " \

205

"non-reproducible builds." % pkgver)

206

elif ud.version != view.get("version"):

207

raise ParameterError("Invalid 'version' parameter", ud.url)

return view

except Exception as e:

212

raise FetchError("Invalid view from npm: %s" % str(e), ud.url)

213

214

def _get_url(view):

215

tarball_url = view.get("dist", {}).get("tarball")

216

217

if tarball_url is None:

218

raise FetchError("Invalid 'dist.tarball' in view", ud.url)

219

220

uri = URI(tarball_url)

221

uri.params["downloadfilename"] = ud.localfile

222

223

integrity = view.get("dist", {}).get("integrity")

224

shasum = view.get("dist", {}).get("shasum")

225

226

if integrity is not None:

227

checksum_name, checksum_expected = npm_integrity(integrity)

228

uri.params[checksum_name] = checksum_expected

229

elif shasum is not None:

230

uri.params["sha1sum"] = shasum

231

else:

232

raise FetchError("Invalid 'dist.integrity' in view", ud.url)

return str(uri)

url = _get_url(_npm_view())

237

238

bb.utils.mkdirhier(os.path.dirname(ud.resolvefile))

239

with open(ud.resolvefile, "w") as f:

240

f.write(url)

241

242

def _setup_proxy(self, ud, d):

243

if ud.proxy is None:

244

if not os.path.exists(ud.resolvefile):

245

self._resolve_proxy_url(ud, d)

246

247

with open(ud.resolvefile, "r") as f:

248

url = f.read()

249

250

# Avoid conflicts between the environment data and:

251

# - the proxy url checksum

252

data = bb.data.createCopy(d)

253

data.delVarFlags("SRC_URI")

254

ud.proxy = Fetch([url], data)

255

256

def _get_proxy_method(self, ud, d):

257

self._setup_proxy(ud, d)

258

proxy_url = ud.proxy.urls[0]

259

proxy_ud = ud.proxy.ud[proxy_url]

260

proxy_d = ud.proxy.d

261

proxy_ud.setup_localpath(proxy_d)

262

return proxy_ud.method, proxy_ud, proxy_d

263

264

def verify_donestamp(self, ud, d):

265

"""Verify the donestamp file"""

266

proxy_m, proxy_ud, proxy_d = self._get_proxy_method(ud, d)

267

return proxy_m.verify_donestamp(proxy_ud, proxy_d)

268

269

def update_donestamp(self, ud, d):

270

"""Update the donestamp file"""

271

proxy_m, proxy_ud, proxy_d = self._get_proxy_method(ud, d)

272

proxy_m.update_donestamp(proxy_ud, proxy_d)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

273

274

def need_update(self, ud, d):

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

275

"""Force a fetch, even if localpath exists ?"""

276

if not os.path.exists(ud.resolvefile):

277

return True

278

if ud.version == "latest":

279

return True

280

proxy_m, proxy_ud, proxy_d = self._get_proxy_method(ud, d)

281

return proxy_m.need_update(proxy_ud, proxy_d)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

282

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

283

def try_mirrors(self, fetch, ud, d, mirrors):

284

"""Try to use a mirror"""

285

proxy_m, proxy_ud, proxy_d = self._get_proxy_method(ud, d)

286

return proxy_m.try_mirrors(fetch, proxy_ud, proxy_d, mirrors)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

287

288

def download(self, ud, d):

289

"""Fetch url"""

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

290

self._setup_proxy(ud, d)

291

ud.proxy.download()

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

292

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

293

def unpack(self, ud, rootdir, d):

294

"""Unpack the downloaded archive"""

295

destsuffix = ud.parm.get("destsuffix", "npm")

296

destdir = os.path.join(rootdir, destsuffix)

297

npm_unpack(ud.localpath, destdir, d)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

298

Andrew Geissler

2020-04-13 13:39:40 -0500

[diff] [blame]

299

def clean(self, ud, d):

300

"""Clean any existing full or partial download"""

301

if os.path.exists(ud.resolvefile):

302

self._setup_proxy(ud, d)

303

ud.proxy.clean()

304

bb.utils.remove(ud.resolvefile)

Patrick Williams

2016-06-20 12:57:21 -0500

[diff] [blame]

305

Andrew Geissler