Fix wrong picking of the npm package.json

  Sometimes the npm tarball will contain more than one package.json, we
  should always use the root package.json as the first product metadata.

charon/cmd/command.py

@@ -170,12 +170,15 @@ def upload(
         buckets = __get_buckets(targets, conf)
         if npm_archive_type != NpmArchiveType.NOT_NPM:
             logger.info("This is a npm archive")
+            npm_root_path = root_path\
+                if root_path and root_path != "maven-repository" else "package"
             tmp_dir, succeeded = handle_npm_uploading(
                 archive_path,
                 product_key,
                 buckets=buckets,
                 aws_profile=aws_profile,
                 dir_=work_dir,
+                root_path=npm_root_path,
                 gen_sign=contain_signature,
                 key=sign_key,
                 dry_run=dryrun,
@@ -331,12 +334,15 @@ def delete(
         buckets = __get_buckets(targets, conf)
         if npm_archive_type != NpmArchiveType.NOT_NPM:
             logger.info("This is a npm archive")
+            npm_root_path = root_path\
+                if root_path and root_path != "maven-repository" else "package"
             tmp_dir, succeeded = handle_npm_del(
                 archive_path,
                 product_key,
                 buckets=buckets,
                 aws_profile=aws_profile,
                 dir_=work_dir,
+                root_path=npm_root_path,
                 dry_run=dryrun,
                 manifest_bucket_name=manifest_bucket_name
             )

charon/pkgs/npm.py

@@ -73,9 +73,10 @@ def default(self, o):
 def handle_npm_uploading(
         tarball_path: str,
         product: str,
-        buckets: List[Tuple[str, str, str, str]] = None,
+        buckets: List[Tuple[str, str, str, str]],
         aws_profile=None,
         dir_=None,
+        root_path="package",
         do_index=True,
         gen_sign=False,
         key=None,
@@ -103,7 +104,7 @@ def handle_npm_uploading(
         prefix = remove_prefix(bucket[2], "/")
         registry = bucket[3]
         target_dir, valid_paths, package_metadata = _scan_metadata_paths_from_archive(
-            tarball_path, registry, prod=product, dir__=dir_
+            tarball_path, registry, prod=product, dir__=dir_, pkg_root=root_path
         )
         if not os.path.isdir(target_dir):
             logger.error("Error: the extracted target_dir path %s does not exist.", target_dir)
@@ -230,9 +231,10 @@ def handle_npm_uploading(
 def handle_npm_del(
         tarball_path: str,
         product: str,
-        buckets: List[Tuple[str, str, str, str]] = None,
+        buckets: List[Tuple[str, str, str, str]],
         aws_profile=None,
         dir_=None,
+        root_path="package",
         do_index=True,
         dry_run=False,
         manifest_bucket_name=None
@@ -250,7 +252,7 @@ def handle_npm_del(
         Returns the directory used for archive processing and if the rollback is successful
     """
     target_dir, package_name_path, valid_paths = _scan_paths_from_archive(
-        tarball_path, prod=product, dir__=dir_
+        tarball_path, prod=product, dir__=dir_, pkg_root=root_path
     )
 
     valid_dirs = __get_path_tree(valid_paths, target_dir)
@@ -433,11 +435,15 @@ def _gen_npm_package_metadata_for_del(
     return meta_files
 
 
-def _scan_metadata_paths_from_archive(path: str, registry: str, prod="", dir__=None) ->\
-        Tuple[str, list, NPMPackageMetadata]:
+def _scan_metadata_paths_from_archive(
+    path: str, registry: str, prod="", dir__=None, pkg_root="pakage"
+) -> Tuple[str, list, NPMPackageMetadata]:
     tmp_root = mkdtemp(prefix=f"npm-charon-{prod}-", dir=dir__)
     try:
-        _, valid_paths = extract_npm_tarball(path, tmp_root, True, registry)
+        _, valid_paths = extract_npm_tarball(
+            path=path, target_dir=tmp_root, is_for_upload=True,
+            pkg_root=pkg_root, registry=registry
+        )
         if len(valid_paths) > 1:
             version = _scan_for_version(valid_paths[1])
             package = NPMPackageMetadata(version, True)
@@ -447,9 +453,13 @@ def _scan_metadata_paths_from_archive(path: str, registry: str, prod="", dir__=N
         sys.exit(1)
 
 
-def _scan_paths_from_archive(path: str, prod="", dir__=None) -> Tuple[str, str, list]:
+def _scan_paths_from_archive(
+    path: str, prod="", dir__=None, pkg_root="package"
+) -> Tuple[str, str, list]:
     tmp_root = mkdtemp(prefix=f"npm-charon-{prod}-", dir=dir__)
-    package_name_path, valid_paths = extract_npm_tarball(path, tmp_root, False)
+    package_name_path, valid_paths = extract_npm_tarball(
+        path=path, target_dir=tmp_root, is_for_upload=False, pkg_root=pkg_root
+    )
     return tmp_root, package_name_path, valid_paths
 
 

charon/utils/archive.py

@@ -46,8 +46,9 @@ def extract_zip_with_files(zf: ZipFile, target_dir: str, file_suffix: str, debug
     zf.extractall(target_dir, members=filtered)
 
 
-def extract_npm_tarball(path: str, target_dir: str, is_for_upload: bool, registry=DEFAULT_REGISTRY)\
-        -> Tuple[str, list]:
+def extract_npm_tarball(
+    path: str, target_dir: str, is_for_upload: bool, pkg_root="package", registry=DEFAULT_REGISTRY
+) -> Tuple[str, list]:
     """ Extract npm tarball will relocate the tgz file and metadata files.
         * Locate tar path ( e.g.: jquery/-/jquery-7.6.1.tgz or @types/jquery/-/jquery-2.2.3.tgz).
         * Locate version metadata path (e.g.: jquery/7.6.1 or @types/jquery/2.2.3).
@@ -56,30 +57,47 @@ def extract_npm_tarball(path: str, target_dir: str, is_for_upload: bool, registr
     valid_paths = []
     package_name_path = str()
     tgz = tarfile.open(path)
+    pkg_file = None
+    root_pkg_file_exists = True
+    try:
+        pkg_file = tgz.getmember(os.path.join(pkg_root, "package.json"))
+        root_pkg_file_exists = pkg_file.isfile()
+    except KeyError:
+        root_pkg_file_exists = False
+        pkg_file = None
     tgz.extractall()
-    for f in tgz:
-        if f.name.endswith("package.json"):
-            version_data, parse_paths = __parse_npm_package_version_paths(f.path)
-            package_name_path = parse_paths[0]
-            os.makedirs(os.path.join(target_dir, parse_paths[0]))
-            tarball_parent_path = os.path.join(target_dir, parse_paths[0], "-")
-            valid_paths.append(os.path.join(tarball_parent_path, _get_tgz_name(path)))
-            version_metadata_parent_path = os.path.join(
-                target_dir, parse_paths[0], parse_paths[1]
+    if not root_pkg_file_exists:
+        logger.info(
+            "Root package.json is not found for archive: %s, will search others",
+            path
+        )
+        for f in tgz:
+            if f.name.endswith("package.json"):
+                pkg_file = f
+                break
+    if pkg_file:
+        version_data, parse_paths = __parse_npm_package_version_paths(pkg_file.path)
+        package_name_path = parse_paths[0]
+        os.makedirs(os.path.join(target_dir, parse_paths[0]))
+        tarball_parent_path = os.path.join(target_dir, parse_paths[0], "-")
+        valid_paths.append(os.path.join(tarball_parent_path, _get_tgz_name(path)))
+        version_metadata_parent_path = os.path.join(
+            target_dir, parse_paths[0], parse_paths[1]
+        )
+        valid_paths.append(os.path.join(version_metadata_parent_path, "package.json"))
+
+        if is_for_upload:
+            tgz_relative_path = "/".join([parse_paths[0], "-", _get_tgz_name(path)])
+            __write_npm_version_dist(
+                path, pkg_file.path, version_data, tgz_relative_path, registry
             )
-            valid_paths.append(os.path.join(version_metadata_parent_path, "package.json"))
-
-            if is_for_upload:
-                tgz_relative_path = "/".join([parse_paths[0], "-", _get_tgz_name(path)])
-                __write_npm_version_dist(path, f.path, version_data, tgz_relative_path, registry)
-
-                os.makedirs(tarball_parent_path)
-                target = os.path.join(tarball_parent_path, os.path.basename(path))
-                shutil.copyfile(path, target)
-                os.makedirs(version_metadata_parent_path)
-                target = os.path.join(version_metadata_parent_path, os.path.basename(f.path))
-                shutil.copyfile(f.path, target)
-            break
+
+            os.makedirs(tarball_parent_path)
+            target = os.path.join(tarball_parent_path, os.path.basename(path))
+            shutil.copyfile(path, target)
+            os.makedirs(version_metadata_parent_path)
+            target = os.path.join(version_metadata_parent_path, os.path.basename(pkg_file.path))
+            shutil.copyfile(pkg_file.path, target)
     return package_name_path, valid_paths