build: set up all packages to publish via wombot proxy (#17679)

* build: set up all packages to publish via wombot proxy

* release: remove otp prompting from release process

* release: remove npm login/logut/auth checks

* release: remove .npmrc file after release completes

Author: josephperrott

src/cdk-experimental/package.json

@@ -23,5 +23,8 @@
     "@angular/cdk": "0.0.0-PLACEHOLDER",
     "@angular/core": "0.0.0-NG",
     "tslib": "^1.9.0"
+  },
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
   }
 }

src/cdk/package.json

@@ -38,5 +38,8 @@
   "ng-update": {
     "migrations": "./schematics/migration.json"
   },
-  "sideEffects": false
+  "sideEffects": false,
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
+  }
 }

src/google-maps/package.json

@@ -31,5 +31,8 @@
     "@angular/core": "0.0.0-NG",
     "@angular/common": "0.0.0-NG"
   },
-  "sideEffects": false
+  "sideEffects": false,
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
+  }
 }

src/material-experimental/package.json

@@ -24,5 +24,8 @@
     "@angular/material": "0.0.0-PLACEHOLDER",
     "material-components-web": "0.0.0-MDC",
     "tslib": "^1.9.0"
+  },
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
   }
 }

src/material-moment-adapter/package.json

@@ -31,5 +31,8 @@
       "@angular/cdk",
       "@angular/material-moment-adapter"
     ]
+  },
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
   }
 }

src/material/package.json

@@ -42,6 +42,9 @@
       "@angular/material-moment-adapter"
     ]
   },
-  "sideEffects": false
+  "sideEffects": false,
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
+  }
 }
 

src/youtube-player/package.json

@@ -31,5 +31,8 @@
     "@angular/core": "0.0.0-NG",
     "@angular/common": "0.0.0-NG"
   },
-  "sideEffects": false
+  "sideEffects": false,
+  "publishConfig":{
+    "registry":"https://wombat-dressing-room.appspot.com"
+  }
 }

tools/release/npm/npm-client.ts

@@ -1,40 +1,12 @@
 import {spawnSync} from 'child_process';
 
-/**
- * Process environment that does not refer to Yarn's package registry. Since the scripts are
- * usually run through Yarn, we need to update the "npm_config_registry" so that NPM is able to
- * properly run "npm login" and "npm publish".
- */
-const npmClientEnvironment = {
-  ...process.env,
-  // See https://docs.npmjs.com/misc/registry for the official documentation of the NPM registry.
-  npm_config_registry: 'https://registry.npmjs.org',
-};
-
-/** Checks whether NPM is currently authenticated. */
-export function isNpmAuthenticated(): boolean {
-  return spawnSync('npm', ['whoami'], {
-    shell: true,
-    env: npmClientEnvironment,
-  }).stdout.toString() !== '';
-}
-
-/** Runs "npm login" interactively by piping stdin/stderr/stdout to the current tty. */
-export function npmLoginInteractive(): boolean {
-  return spawnSync('npm', ['login'], {
-    stdio: 'inherit',
-    shell: true,
-    env: npmClientEnvironment,
-  }).status === 0;
-}
-
 /** Runs NPM publish within a specified directory */
-export function npmPublish(packagePath: string, distTag: string, otp: string): string | null {
+export function npmPublish(packagePath: string, distTag: string): string | null {
   const result =
-      spawnSync('npm', ['publish', '--access', 'public', '--tag', distTag, '--otp', otp], {
+      spawnSync('npm', ['publish', '--access', 'public', '--tag', distTag], {
         cwd: packagePath,
         shell: true,
-        env: npmClientEnvironment,
+        env: process.env,
       });
 
   // We only want to return an error if the exit code is not zero. NPM by default prints the
@@ -44,11 +16,3 @@ export function npmPublish(packagePath: string, distTag: string, otp: string): s
   }
   return null;
 }
-
-/** Log out of npm. */
-export function npmLogout(): boolean {
-  return spawnSync('npm', ['logout'], {
-    shell: true,
-    env: npmClientEnvironment,
-  }).status === 0;
-}

tools/release/prompt/npm-dist-tag-prompt.ts

@@ -24,20 +24,6 @@ export async function promptForNpmDistTag(version: Version): Promise<string> {
   return distTag;
 }
 
-/**
- * Prompts the current user-input interface for a npm one-time password (OTP). This is required
- * to publish packages in the @angular namespace.
- */
-export async function promptForNpmOtp(): Promise<string> {
-  const {otp} = await prompt<{otp: string}>({
-    type: 'text',
-    name: 'otp',
-    message: 'Enter the one-time password (OTP) for the angular npm account:',
-  });
-
-  return otp;
-}
-
 /**
  * Determines all allowed npm dist-tag choices for a specified version. For example,
  * a pre-release version should be never published to the "latest" tag.

tools/release/publish-release.ts

@@ -1,27 +1,19 @@
 import chalk from 'chalk';
 import {spawnSync} from 'child_process';
-import {readFileSync} from 'fs';
+import {readFileSync, unlinkSync} from 'fs';
 import {join} from 'path';
 import {BaseReleaseTask} from './base-release-task';
 import {checkReleaseOutput} from './check-release-output';
 import {extractReleaseNotes} from './extract-release-notes';
 import {GitClient} from './git/git-client';
 import {getGithubNewReleaseUrl} from './git/github-urls';
-import {
-  isNpmAuthenticated,
-  npmLogout,
-  npmLoginInteractive,
-  npmPublish,
-} from './npm/npm-client';
-import {promptForNpmDistTag, promptForNpmOtp} from './prompt/npm-dist-tag-prompt';
+import {npmPublish} from './npm/npm-client';
+import {promptForNpmDistTag} from './prompt/npm-dist-tag-prompt';
 import {promptForUpstreamRemote} from './prompt/upstream-remote-prompt';
 import {releasePackages} from './release-output/release-packages';
 import {CHANGELOG_FILE_NAME} from './stage-release';
 import {parseVersionName, Version} from './version-name/parse-version';
 
-/** Maximum allowed tries to authenticate NPM. */
-const MAX_NPM_LOGIN_TRIES = 2;
-
 /**
  * Class that can be instantiated in order to create a new release. The tasks requires user
  * interaction/input through command line prompts.
@@ -94,10 +86,6 @@ class PublishReleaseTask extends BaseReleaseTask {
       await this._promptStableVersionForNextTag();
     }
 
-    // Ensure that we are authenticated, so that we can run "npm publish" for
-    // each package once the release output is built.
-    this._checkNpmAuthentication();
-
     this._buildReleasePackages();
     console.info(chalk.green(`  ✓   Built the release output.`));
 
@@ -124,12 +112,8 @@ class PublishReleaseTask extends BaseReleaseTask {
     // the user to interactively confirm that the script should continue.
     await this._promptConfirmReleasePublish();
 
-    // Prompt for the OTP right before publishing so that it doesn't expire while building the
-    // packages.
-    const npmOtp = await promptForNpmOtp();
-
     for (let packageName of releasePackages) {
-      this._publishPackageToNpm(packageName, npmDistTag, npmOtp);
+      this._publishPackageToNpm(packageName, npmDistTag);
     }
 
     const newReleaseUrl = getGithubNewReleaseUrl({
@@ -144,17 +128,11 @@ class PublishReleaseTask extends BaseReleaseTask {
 
     console.log();
     console.info(chalk.green(chalk.bold(`  ✓   Published all packages successfully`)));
-
-    // Always log out of npm after releasing to prevent unintentional changes to
-    // any packages.
-    if (npmLogout()) {
-      console.info(chalk.green(`  ✓   Logged out of npm`));
-    } else {
-      console.error(chalk.red(`  ✘   Could not log out of NPM. Please manually log out!`));
-    }
-
     console.info(chalk.yellow(`  ⚠   Please draft a new release of the version on Github.`));
     console.info(chalk.yellow(`      ${newReleaseUrl}`));
+
+    // Remove file at ~/.npmrc after release is complete.
+    unlinkSync('~/.npmrc');
   }
 
   /**
@@ -205,45 +183,11 @@ class PublishReleaseTask extends BaseReleaseTask {
     }
   }
 
-  /**
-   * Checks whether NPM is currently authenticated. If not, the user will be prompted to enter
-   * the NPM credentials that are necessary to publish the release. We achieve this by basically
-   * running "npm login" as a child process and piping stdin/stdout/stderr to the current tty.
-   */
-  private _checkNpmAuthentication() {
-    if (isNpmAuthenticated()) {
-      console.info(chalk.green(`  ✓   NPM is authenticated.`));
-      return;
-    }
-
-    let failedAuthentication = false;
-    console.log(chalk.yellow(`  ⚠   NPM is currently not authenticated. Running "npm login"..`));
-
-    for (let i = 0;  i < MAX_NPM_LOGIN_TRIES; i++) {
-      if (npmLoginInteractive()) {
-        // In case the user was able to login properly, we want to exit the loop as we
-        // don't need to ask for authentication again.
-        break;
-      }
-
-      failedAuthentication = true;
-      console.error(chalk.red(`  ✘   Could not authenticate successfully. Please try again.`));
-    }
-
-    if (failedAuthentication) {
-      console.error(chalk.red(`  ✘   Could not authenticate after ${MAX_NPM_LOGIN_TRIES} tries. ` +
-        `Exiting..`));
-      process.exit(1);
-    }
-
-    console.info(chalk.green(`  ✓   Successfully authenticated NPM.`));
-  }
-
   /** Publishes the specified package within the given NPM dist tag. */
-  private _publishPackageToNpm(packageName: string, npmDistTag: string, npmOtp: string) {
+  private _publishPackageToNpm(packageName: string, npmDistTag: string) {
     console.info(chalk.green(`  ⭮   Publishing "${packageName}"..`));
 
-    const errorOutput = npmPublish(join(this.releaseOutputPath, packageName), npmDistTag, npmOtp);
+    const errorOutput = npmPublish(join(this.releaseOutputPath, packageName), npmDistTag);
 
     if (errorOutput) {
       console.error(chalk.red(`  ✘   An error occurred while publishing "${packageName}".`));