chore: diagnostics for registry auth - trying all methods
Some checks failed
Build & Deploy / 🔍 Prepare (push) Successful in 41s
Build & Deploy / 🧪 QA (push) Failing after 59s
Build & Deploy / 🏗️ Build (push) Has been skipped
Build & Deploy / 🚀 Deploy (push) Has been skipped
Build & Deploy / 🧪 Post-Deploy Verification (push) Has been skipped
Build & Deploy / 🔔 Notify (push) Successful in 1s

This commit is contained in:
2026-05-12 11:10:21 +02:00
parent b76542b877
commit e1eff99889

View File

@@ -28,61 +28,61 @@ if [ -z "$token" ]; then
exit 1
fi
# Diagnostic: check token format
echo "Found token from $token_src (length: ${#token})"
# Check if it's base64 encoded user:pass (common in legacy npm)
is_base64_auth=false
if [[ "$token" =~ ^[A-Za-z0-9+/]*={0,2}$ ]] && [ ${#token} -gt 20 ]; then
decoded=$(echo "$token" | base64 -d 2>/dev/null || echo "")
if [[ "$decoded" == *":"* ]]; then
echo "💡 Detected base64 encoded user:pass format."
is_base64_auth=true
fi
fi
# Functional check against the registry instead of the general API
# We test by fetching metadata for a known package
# Functional check against the registry
test_pkg="@mintel/mail"
test_url="${REGISTRY_URL}${test_pkg//\//@}"
echo "Testing registry access for $test_pkg..."
if [ "$is_base64_auth" = true ]; then
status_code=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Basic $token" "${REGISTRY_URL}${test_pkg//\//@}")
else
# Try both 'token' and 'Bearer' for Gitea compatibility
status_code=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $token" "${REGISTRY_URL}${test_pkg//\//@}")
if [ "$status_code" -ne 200 ]; then
status_code=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $token" "${REGISTRY_URL}${test_pkg//\//@}")
fi
fi
# Try Bearer (standard for _authToken)
echo "Trying Bearer auth..."
status_bearer=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $token" "$test_url")
echo "Bearer status: $status_bearer"
if [ "$status_code" -eq 200 ]; then
echo "✅ Registry verification successful (Status: 200)"
# Try Basic (standard for _auth or user:pass)
echo "Trying Basic auth..."
status_basic=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Basic $token" "$test_url")
echo "Basic status: $status_basic"
# Try Token (Gitea specific sometimes)
echo "Trying Token auth..."
status_token=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $token" "$test_url")
echo "Token status: $status_token"
best_auth=""
if [ "$status_bearer" -eq 200 ]; then
echo "✅ Bearer auth worked!"
best_auth="authToken"
elif [ "$status_basic" -eq 200 ]; then
echo "✅ Basic auth worked!"
best_auth="auth"
elif [ "$status_token" -eq 200 ]; then
echo "✅ Token auth worked! (Using Bearer for pnpm)"
best_auth="authToken"
else
echo "❌ Registry verification failed (Status: $status_code)"
echo "⚠️ Proceeding with generation but installation will likely fail."
echo "❌ All auth methods failed."
# Check if it's base64 encoded user:pass and maybe we should decode it then use Bearer?
# Or maybe it's a raw PAT and we should base64 it for Basic?
fi
# Generate .npmrc
echo "Generating .npmrc..."
# Clean up registry path for keys (no protocol, trailing slash matters)
# We add multiple variations to be safe
cat << EOF > .npmrc
$SCOPE:registry=$REGISTRY_URL
always-auth=true
EOF
if [ "$is_base64_auth" = true ]; then
echo "//${REGISTRY_DOMAIN}${REGISTRY_PATH}:_auth=$token" >> .npmrc
echo "//${REGISTRY_DOMAIN}${REGISTRY_PATH%/}:_auth=$token" >> .npmrc
else
# If none worked, default to authToken as it's most common
if [ -z "$best_auth" ] || [ "$best_auth" = "authToken" ]; then
echo "//${REGISTRY_DOMAIN}${REGISTRY_PATH}:_authToken=$token" >> .npmrc
echo "//${REGISTRY_DOMAIN}${REGISTRY_PATH%/}:_authToken=$token" >> .npmrc
else
echo "//${REGISTRY_DOMAIN}${REGISTRY_PATH}:_auth=$token" >> .npmrc
echo "//${REGISTRY_DOMAIN}${REGISTRY_PATH%/}:_auth=$token" >> .npmrc
fi
# Add explicit registry mapping for non-scoped packages if needed (not here usually)
# Add some extra flags for stability
echo "progress=false" >> .npmrc
echo "verify-store-integrity=false" >> .npmrc