Skip to content

Ensure npmrc is encrypted before pushing to github#5898

Merged
Steve-Mcl merged 2 commits into
mainfrom
encrypt-npmrc-gitops
Aug 11, 2025
Merged

Ensure npmrc is encrypted before pushing to github#5898
Steve-Mcl merged 2 commits into
mainfrom
encrypt-npmrc-gitops

Conversation

@hardillb
Copy link
Copy Markdown
Contributor

@hardillb hardillb commented Aug 11, 2025
edited
Loading

fixes #5658

Description

Ensures that the .npmrc file is encrypted when pushed to GitHub and decrypted (if required) when pulled.

This needs to happen because if GH spots a npm token being checked in it rejects the push to prevent leaking tokens in public repos.

I can't find any existing tests for the gitops stuff and since it's limited to only working with github hosted repos I can't see how to test this without having to add a user token to the tests. If I could bypass the github requirement I could create a local directory git repo to test with.

Tagging @Steve-Mcl rather than Nick as he has enough to do today before he heads out.

Related Issue(s)

#5658

Checklist

  • I have read the contribution guidelines
  • Suitable unit/system level tests have been added and they pass
  • Documentation has been updated
    • Upgrade instructions
    • Configuration details
    • Concepts
  • Changes flowforge.yml?
    • Issue/PR raised on FlowFuse/helm to update ConfigMap Template
    • Issue/PR raised on FlowFuse/CloudProject to update values for Staging/Production

Labels

  • Includes a DB migration? -> add the area:migration label

@hardillb
Ensure npmrc is encrypted before pushing to github
b00c647 
fixes #5658

Ensures that the .npmrc file is encrypted when pushed to GitHub
and decrypted (if required) when pulled.
@hardillb hardillb added this to the 2.21 milestone Aug 11, 2025
@hardillb hardillb requested a review from Steve-Mcl August 11, 2025 09:05
@hardillb hardillb self-assigned this Aug 11, 2025
@codecov
Copy link
Copy Markdown

codecov Bot commented Aug 11, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 12.50000% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.48%. Comparing base (e4dba78) to head (95e18ac).
⚠️ Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
forge/ee/lib/gitops/index.js 12.50% 7 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #5898      +/-   ##
==========================================
- Coverage   76.51%   76.48%   -0.03%     
==========================================
  Files         369      369              
  Lines       17994    18001       +7     
  Branches     4194     4197       +3     
==========================================
  Hits        13768    13768              
- Misses       4226     4233       +7
Flag Coverage Δ
backend 76.48% <12.50%> (-0.03%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Steve-Mcl Steve-Mcl merged commit 6eb28c6 into main Aug 11, 2025
20 of 21 checks passed
@Steve-Mcl Steve-Mcl deleted the encrypt-npmrc-gitops branch August 11, 2025 16:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Steve-Mcl Steve-Mcl Steve-Mcl approved these changes

Assignees

@hardillb hardillb

Labels

None yet

Projects

🛠 Development
Status: No status

Milestone

2.21

Development

Successfully merging this pull request may close these issues.

Push to GitHub fails when using hosted instances but works with device instances

2 participants

@hardillb @Steve-Mcl