Set up NPM packaging as a private package (#31)

Addresses ENG-1642. Includes updates to package.json (prepublishOnly script, GPLv3 license, "p0" entrypoint, packaged files) needed in order to serve package on NPM. Note that currently it is published as @komaldhull/p0cli, a private package under my NPM user. This is just for testing purposes. When we are ready to make it public, I have created an organization called "p0security", and we can publish it under @p0security/p0cli. The ticket ENG-1531 captures this TODO. Also adds a Github workflow to publish the package to NPM when a github release is published. Tested via installing the CLI using npm install -g (if you send me your NPM username, I can add you to the private package so you can test as well), and tested the workflow by triggering it manually and verifying that publish succeeds.
p0-security · Feb 23, 2024 · eb85d77 · eb85d77
1 parent 89d5b2b
commit eb85d77
Show file tree

Hide file tree

Showing 7 changed files with 52 additions and 14 deletions.
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -52,7 +52,7 @@ module.exports = {
     "prettier.config.js",
     "jest.config.js",
     "public/**",
-    "build/**",
+    "dist/**",
     "__mocks__/**",
     "node_modules/**",
   ],

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
@@ -0,0 +1,24 @@
+# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
+# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
+
+name: Node.js Package
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish-npm:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: ^20.4.0
+          registry-url: https://registry.npmjs.org/
+      - name: Yarn install
+        run: yarn install --ignore-engines --frozen-lockfile
+      - name: Publish npm package
+        run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_AUTH_TOKEN}}
diff --git a/.gitignore b/.gitignore
@@ -130,3 +130,6 @@ dist
 .pnp.*
 
 build/
+
+dist/
+
diff --git a/p0 b/p0
@@ -13,4 +13,4 @@ process.emit = function (name, data, ...args) {
   return originalEmit.apply(process, arguments);
 };
 
-require(`${__dirname}/build/index.js`).main();
+require(`${__dirname}/dist/index.js`).main();
diff --git a/package.json b/package.json
@@ -1,12 +1,23 @@
 {
-  "name": "p0cli",
-  "version": "0.2.0",
+  "name": "@komaldhull/p0cli",
+  "version": "0.2.5",
   "description": "Execute infra CLI commands with P0 grants",
   "main": "index.ts",
-  "repository": "https://github.com/p0-security/p0cli",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/p0-security/p0cli.git"
+  },
   "author": "P0 Security",
-  "license": "Proprietary",
-  "private": true,
+  "license": "GPL-3.0-only",
+  "bin": {
+    "p0": "p0"
+  },
+  "files": [
+    "dist",
+    "p0",
+    "README.md",
+    "CONTRIBUTING.md"
+  ],
   "dependencies": {
     "@rgrove/parse-xml": "^4.1.0",
     "@types/pluralize": "^0.0.33",
@@ -42,8 +53,9 @@
     "ts-jest": "^29.1.2"
   },
   "scripts": {
-    "build": "tsc && cp -r public build/",
-    "clean": "rm -rf build/",
-    "p0": "node --no-deprecation ./p0"
+    "build": "tsc && cp -r public dist/",
+    "clean": "rm tsconfig.tsbuildinfo && rm -rf dist/",
+    "p0": "node --no-deprecation ./p0",
+    "prepublishOnly": "npm run clean && npm run build"
   }
 }
diff --git a/src/common/auth/server.ts b/src/common/auth/server.ts
@@ -4,7 +4,7 @@ import express from "express";
 import http from "node:http";
 import { dirname } from "node:path";
 
-const ROOT_PATH = dirname(require.main!.filename);
+const ROOT_PATH = `${dirname(require.main!.filename)}/dist`;
 
 /** A small amount of time is necessary prior to shutting down the redirect server to
  * properly render the redirect-landing page
@@ -33,7 +33,6 @@ export const withRedirectServer = async <S, T, U>(
     const token = req.query as T;
     complete(value, token)
       .then((result) => {
-        // res.redirect(`${ROOT_PATH}/redirect-landing.html`);
         res.status(200).sendFile(`${ROOT_PATH}/public/redirect-landing.html`);
         redirectResolve(result);
       })

diff --git a/tsconfig.json b/tsconfig.json
@@ -52,7 +52,7 @@
     // "emitDeclarationOnly": true,                      /* Only output d.ts files and not JavaScript files. */
     // "sourceMap": true,                                /* Create source map files for emitted JavaScript files. */
     // "outFile": "./",                                  /* Specify a file that bundles all outputs into one JavaScript file. If 'declaration' is true, also designates a file that bundles all .d.ts output. */
-    "outDir": "./build",                                   /* Specify an output folder for all emitted files. */
+    "outDir": "./dist",                                   /* Specify an output folder for all emitted files. */
     // "removeComments": true,                           /* Disable emitting comments. */
     // "noEmit": true,                                   /* Disable emitting files from a compilation. */
     // "importHelpers": true,                            /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
@@ -104,5 +104,5 @@
     "skipLibCheck": true                                 /* Skip type checking all .d.ts files. */
   },
 
-  "exclude": ["build/", "__mocks__/", "node_modules/"],
+  "exclude": ["dist/", "__mocks__/", "node_modules/"],
 }