test(integration): used token auth for registry interactions rather than legacy auth

test/helpers/npm-registry.js

@@ -6,7 +6,7 @@ import got from 'got';
 import delay from 'delay';
 import pRetry from 'p-retry';
 
-const IMAGE = 'verdaccio/verdaccio:4';
+const IMAGE = 'verdaccio/verdaccio:5';
 const REGISTRY_PORT = 4873;
 const REGISTRY_HOST = 'localhost';
 const NPM_USERNAME = 'integration';
@@ -14,7 +14,7 @@ const NPM_PASSWORD = 'suchsecure';
 const NPM_EMAIL = 'integration@test.com';
 const docker = new Docker();
 const __dirname = dirname(fileURLToPath(import.meta.url));
-let container;
+let container, npmToken;
 
 /**
  * Download the `npm-registry-docker` Docker image, create a new container and start it.
@@ -55,16 +55,23 @@ export async function start() {
       email: NPM_EMAIL,
     },
   });
+
+  // Create token for user
+  ({token: npmToken} = await got(`http://${REGISTRY_HOST}:${REGISTRY_PORT}/-/npm/v1/tokens`, {
+    username: NPM_USERNAME,
+    password: NPM_PASSWORD,
+    method: 'POST',
+    headers: {'content-type': 'application/json'},
+    json: {password: NPM_PASSWORD, readonly: false, cidr_whitelist: []}
+  }).json());
 }
 
 export const url = `http://${REGISTRY_HOST}:${REGISTRY_PORT}/`;
 
-export const authEnv = {
+export const authEnv = () => ({
   npm_config_registry: url, // eslint-disable-line camelcase
-  NPM_USERNAME,
+  NPM_TOKEN: npmToken,
-  NPM_PASSWORD,
+});
-  NPM_EMAIL,
-};
 
 /**
  * Stop and remote the `npm-registry-docker` Docker container.

test/integration.test.js

@@ -31,23 +31,13 @@ const { readJson, writeJson } = fsExtra;
 
 // Environment variables used with semantic-release cli (similar to what a user would setup)
 const { GITHUB_ACTION, GITHUB_ACTIONS, GITHUB_TOKEN, ...processEnvWithoutGitHubActionsVariables } = process.env;
-const env = {
+let env;
-  ...processEnvWithoutGitHubActionsVariables,
-  ...npmRegistry.authEnv,
-  CI: "true",
-  GH_TOKEN: gitbox.gitCredential,
-  TRAVIS: "true",
-  TRAVIS_BRANCH: "master",
-  TRAVIS_PULL_REQUEST: "false",
-  GITHUB_API_URL: mockServer.url,
-};
 
 // Environment variables used only for the local npm command used to do verification
 const npmTestEnv = {
   ...process.env,
-  ...npmRegistry.authEnv,
+  ...npmRegistry.authEnv(),
   npm_config_registry: npmRegistry.url,
-  LEGACY_TOKEN: Buffer.from(`${env.NPM_USERNAME}:${env.NPM_PASSWORD}`, "utf8").toString("base64"),
 };
 
 const cli = path.resolve("./bin/semantic-release.js");
@@ -57,6 +47,17 @@ const pluginLogEnv = path.resolve("./test/fixtures/plugin-log-env");
 
 test.before(async () => {
   await Promise.all([gitbox.start(), npmRegistry.start(), mockServer.start()]);
+
+  env = {
+    ...processEnvWithoutGitHubActionsVariables,
+    ...npmRegistry.authEnv(),
+    CI: "true",
+    GH_TOKEN: gitbox.gitCredential,
+    TRAVIS: "true",
+    TRAVIS_BRANCH: "master",
+    TRAVIS_PULL_REQUEST: "false",
+    GITHUB_API_URL: mockServer.url,
+  };
 });
 
 test.after.always(async () => {