feat(jfrog): support multiple repositories

jfrog-oauth/.npmrc.tftpl

@@ -0,0 +1,5 @@
+email=${ARTIFACTORY_EMAIL}
+%{ for REPO in REPOS ~}
+${REPO.SCOPE}registry=${JFROG_URL}/artifactory/api/npm/${REPO.NAME}
+//${JFROG_HOST}/artifactory/api/npm/${REPO.NAME}/:_authToken=${ARTIFACTORY_ACCESS_TOKEN}
+%{ endfor ~}

jfrog-oauth/README.md

@@ -17,15 +17,16 @@ Install the JF CLI and authenticate package managers with Artifactory using OAut
 ```tf
 module "jfrog" {
   source         = "registry.coder.com/modules/jfrog-oauth/coder"
-  version        = "1.0.15"
+  version        = "2.0.0"
   agent_id       = coder_agent.example.id
   jfrog_url      = "https://example.jfrog.io"
   username_field = "username" # If you are using GitHub to login to both Coder and Artifactory, use username_field = "username"
 
   package_managers = {
-    "npm" : "npm",
-    "go" : "go",
-    "pypi" : "pypi"
+    npm    = ["npm", "@scoped:npm-scoped"]
+    go     = ["go", "another-go-repo"]
+    pypi   = ["pypi", "extra-index-pypi"]
+    docker = ["example-docker-staging.jfrog.io", "example-docker-production.jfrog.io"]
   }
 }
 ```
@@ -44,13 +45,13 @@ Configure the Python pip package manager to fetch packages from Artifactory whil
 ```tf
 module "jfrog" {
   source         = "registry.coder.com/modules/jfrog-oauth/coder"
-  version        = "1.0.15"
+  version        = "2.0.0"
   agent_id       = coder_agent.example.id
   jfrog_url      = "https://example.jfrog.io"
   username_field = "email"
 
   package_managers = {
-    "pypi" : "pypi"
+    pypi = ["pypi"]
   }
 }
 ```
@@ -72,15 +73,15 @@ The [JFrog extension](https://open-vsx.org/extension/JFrog/jfrog-vscode-extensio
 ```tf
 module "jfrog" {
   source                = "registry.coder.com/modules/jfrog-oauth/coder"
-  version               = "1.0.15"
+  version               = "2.0.0"
   agent_id              = coder_agent.example.id
   jfrog_url             = "https://example.jfrog.io"
   username_field        = "username" # If you are using GitHub to login to both Coder and Artifactory, use username_field = "username"
   configure_code_server = true       # Add JFrog extension configuration for code-server
   package_managers = {
-    "npm" : "npm",
-    "go" : "go",
-    "pypi" : "pypi"
+    npm  = ["npm"]
+    go   = ["go"]
+    pypi = ["pypi"]
   }
 }
 ```

jfrog-oauth/main.test.ts

@@ -1,19 +1,115 @@
-import { serve } from "bun";
-import { describe } from "bun:test";
+import { describe, expect, it } from "bun:test";
 import {
-  createJSONResponse,
+  findResourceInstance,
   runTerraformInit,
+  runTerraformApply,
   testRequiredVariables,
 } from "../test";
 
 describe("jfrog-oauth", async () => {
   await runTerraformInit(import.meta.dir);
 
-  testRequiredVariables(import.meta.dir, {
-    agent_id: "some-agent-id",
-    jfrog_url: "http://localhost:8081",
-    package_managers: "{}",
+  const fakeFrogHostAndPort = "localhost:8081";
+  const fakeFrogUrl = `http://${fakeFrogHostAndPort}`;
+
+  it("can run apply with required variables", async () => {
+    testRequiredVariables(import.meta.dir, {
+      agent_id: "some-agent-id",
+      jfrog_url: fakeFrogUrl,
+      package_managers: "{}",
+    });
   });
-});
 
-//TODO add more tests
+  it("generates an npmrc with scoped repos", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "some-agent-id",
+      jfrog_url: fakeFrogUrl,
+      package_managers: JSON.stringify({
+        npm: ["global", "@foo:foo", "@bar:bar"],
+      }),
+    });
+    const coderScript = findResourceInstance(state, "coder_script");
+    const npmrcStanza = `cat << EOF > ~/.npmrc
+[email protected]
+registry=${fakeFrogUrl}/artifactory/api/npm/global
+//${fakeFrogHostAndPort}/artifactory/api/npm/global/:_authToken=
+@foo:registry=${fakeFrogUrl}/artifactory/api/npm/foo
+//${fakeFrogHostAndPort}/artifactory/api/npm/foo/:_authToken=
+@bar:registry=${fakeFrogUrl}/artifactory/api/npm/bar
+//${fakeFrogHostAndPort}/artifactory/api/npm/bar/:_authToken=
+
+EOF`;
+    expect(coderScript.script).toContain(npmrcStanza);
+    expect(coderScript.script).toContain(
+      'jf npmc --global --repo-resolve "global"',
+    );
+    expect(coderScript.script).toContain(
+      'if [ -z "YES" ]; then\n  not_configured npm',
+    );
+  });
+
+  it("generates a pip config with extra-indexes", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "some-agent-id",
+      jfrog_url: fakeFrogUrl,
+      package_managers: JSON.stringify({
+        pypi: ["global", "foo", "bar"],
+      }),
+    });
+    const coderScript = findResourceInstance(state, "coder_script");
+    const pipStanza = `cat << EOF > ~/.pip/pip.conf
+[global]
+index-url = https://default:@${fakeFrogHostAndPort}/artifactory/api/pypi/global/simple
+extra-index-url =
+    https://default:@${fakeFrogHostAndPort}/artifactory/api/pypi/foo/simple
+    https://default:@${fakeFrogHostAndPort}/artifactory/api/pypi/bar/simple
+
+EOF`;
+    expect(coderScript.script).toContain(pipStanza);
+    expect(coderScript.script).toContain(
+      'jf pipc --global --repo-resolve "global"',
+    );
+    expect(coderScript.script).toContain(
+      'if [ -z "YES" ]; then\n  not_configured pypi',
+    );
+  });
+
+  it("registers multiple docker repos", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "some-agent-id",
+      jfrog_url: fakeFrogUrl,
+      package_managers: JSON.stringify({
+        docker: ["foo.jfrog.io", "bar.jfrog.io", "baz.jfrog.io"],
+      }),
+    });
+    const coderScript = findResourceInstance(state, "coder_script");
+    const dockerStanza = `register_docker "foo.jfrog.io"
+register_docker "bar.jfrog.io"
+register_docker "baz.jfrog.io"`;
+    expect(coderScript.script).toContain(dockerStanza);
+    expect(coderScript.script).toContain(
+      'if [ -z "YES" ]; then\n  not_configured docker',
+    );
+  });
+
+  it("sets goproxy with multiple repos", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "some-agent-id",
+      jfrog_url: fakeFrogUrl,
+      package_managers: JSON.stringify({
+        go: ["foo", "bar", "baz"],
+      }),
+    });
+    const proxyEnv = findResourceInstance(state, "coder_env", "goproxy");
+    const proxies = `https://default:@${fakeFrogHostAndPort}/artifactory/api/go/foo,https://default:@${fakeFrogHostAndPort}/artifactory/api/go/bar,https://default:@${fakeFrogHostAndPort}/artifactory/api/go/baz`;
+    expect(proxyEnv["value"]).toEqual(proxies);
+
+    const coderScript = findResourceInstance(state, "coder_script");
+    expect(coderScript.script).toContain(
+      'jf goc --global --repo-resolve "foo"',
+    );
+    expect(coderScript.script).toContain(
+      'if [ -z "YES" ]; then\n  not_configured go',
+    );
+  });
+});

jfrog-oauth/main.tf

@@ -53,23 +53,51 @@ variable "configure_code_server" {
 }
 
 variable "package_managers" {
-  type        = map(string)
-  description = <<EOF
-A map of package manager names to their respective artifactory repositories.
-For example:
-    {
-      "npm": "YOUR_NPM_REPO_KEY",
-      "go": "YOUR_GO_REPO_KEY",
-      "pypi": "YOUR_PYPI_REPO_KEY",
-      "docker": "YOUR_DOCKER_REPO_KEY"
-    }
-EOF
+  type = object({
+    npm    = optional(list(string), [])
+    go     = optional(list(string), [])
+    pypi   = optional(list(string), [])
+    docker = optional(list(string), [])
+  })
+  description = <<-EOF
+    A map of package manager names to their respective artifactory repositories. Unused package managers can be omitted.
+    For example:
+      {
+        npm    = ["GLOBAL_NPM_REPO_KEY", "@SCOPED:NPM_REPO_KEY"]
+        go     = ["YOUR_GO_REPO_KEY", "ANOTHER_GO_REPO_KEY"]
+        pypi   = ["YOUR_PYPI_REPO_KEY", "ANOTHER_PYPI_REPO_KEY"]
+        docker = ["YOUR_DOCKER_REPO_KEY", "ANOTHER_DOCKER_REPO_KEY"]
+      }
+  EOF
 }
 
 locals {
   # The username field to use for artifactory
   username   = var.username_field == "email" ? data.coder_workspace_owner.me.email : data.coder_workspace_owner.me.name
-  jfrog_host = replace(var.jfrog_url, "https://", "")
+  jfrog_host = split("://", var.jfrog_url)[1]
+  common_values = {
+    JFROG_URL                = var.jfrog_url
+    JFROG_HOST               = local.jfrog_host
+    JFROG_SERVER_ID          = var.jfrog_server_id
+    ARTIFACTORY_USERNAME     = local.username
+    ARTIFACTORY_EMAIL        = data.coder_workspace_owner.me.email
+    ARTIFACTORY_ACCESS_TOKEN = data.coder_external_auth.jfrog.access_token
+  }
+  npmrc = templatefile(
+    "${path.module}/.npmrc.tftpl",
+    merge(
+      local.common_values,
+      {
+        REPOS = [
+          for r in var.package_managers.npm :
+          strcontains(r, ":") ? zipmap(["SCOPE", "NAME"], ["${split(":", r)[0]}:", split(":", r)[1]]) : { SCOPE = "", NAME = r }
+        ]
+      }
+    )
+  )
+  pip_conf = templatefile(
+    "${path.module}/pip.conf.tftpl", merge(local.common_values, { REPOS = var.package_managers.pypi })
+  )
 }
 
 data "coder_workspace" "me" {}
@@ -83,19 +111,22 @@ resource "coder_script" "jfrog" {
   agent_id     = var.agent_id
   display_name = "jfrog"
   icon         = "/icon/jfrog.svg"
-  script = templatefile("${path.module}/run.sh", {
-    JFROG_URL : var.jfrog_url,
-    JFROG_HOST : local.jfrog_host,
-    JFROG_SERVER_ID : var.jfrog_server_id,
-    ARTIFACTORY_USERNAME : local.username,
-    ARTIFACTORY_EMAIL : data.coder_workspace_owner.me.email,
-    ARTIFACTORY_ACCESS_TOKEN : data.coder_external_auth.jfrog.access_token,
-    CONFIGURE_CODE_SERVER : var.configure_code_server,
-    REPOSITORY_NPM : lookup(var.package_managers, "npm", ""),
-    REPOSITORY_GO : lookup(var.package_managers, "go", ""),
-    REPOSITORY_PYPI : lookup(var.package_managers, "pypi", ""),
-    REPOSITORY_DOCKER : lookup(var.package_managers, "docker", ""),
-  })
+  script = templatefile("${path.module}/run.sh", merge(
+    local.common_values,
+    {
+      CONFIGURE_CODE_SERVER = var.configure_code_server
+      HAS_NPM               = length(var.package_managers.npm) == 0 ? "" : "YES"
+      NPMRC                 = local.npmrc
+      REPOSITORY_NPM        = try(element(var.package_managers.npm, 0), "")
+      HAS_GO                = length(var.package_managers.go) == 0 ? "" : "YES"
+      REPOSITORY_GO         = try(element(var.package_managers.go, 0), "")
+      HAS_PYPI              = length(var.package_managers.pypi) == 0 ? "" : "YES"
+      PIP_CONF              = local.pip_conf
+      REPOSITORY_PYPI       = try(element(var.package_managers.pypi, 0), "")
+      HAS_DOCKER            = length(var.package_managers.docker) == 0 ? "" : "YES"
+      REGISTER_DOCKER       = join("\n", formatlist("register_docker \"%s\"", var.package_managers.docker))
+    }
+  ))
   run_on_start = true
 }
 
@@ -121,10 +152,13 @@ resource "coder_env" "jfrog_ide_store_connection" {
 }
 
 resource "coder_env" "goproxy" {
-  count    = lookup(var.package_managers, "go", "") == "" ? 0 : 1
+  count    = length(var.package_managers.go) == 0 ? 0 : 1
   agent_id = var.agent_id
   name     = "GOPROXY"
-  value    = "https://${local.username}:${data.coder_external_auth.jfrog.access_token}@${local.jfrog_host}/artifactory/api/go/${lookup(var.package_managers, "go", "")}"
+  value = join(",", [
+    for repo in var.package_managers.go :
+    "https://${local.username}:${data.coder_external_auth.jfrog.access_token}@${local.jfrog_host}/artifactory/api/go/${repo}"
+  ])
 }
 
 output "access_token" {

jfrog-oauth/pip.conf.tftpl

@@ -0,0 +1,6 @@
+[global]
+index-url = https://${ARTIFACTORY_USERNAME}:${ARTIFACTORY_ACCESS_TOKEN}@${JFROG_HOST}/artifactory/api/pypi/${try(element(REPOS, 0), "")}/simple
+extra-index-url =
+%{ for REPO in try(slice(REPOS, 1, length(REPOS)), []) ~}
+    https://${ARTIFACTORY_USERNAME}:${ARTIFACTORY_ACCESS_TOKEN}@${JFROG_HOST}/artifactory/api/pypi/${REPO}/simple
+%{ endfor ~}