Fix for wrapper scripts not being applied in non-interactive environments

These environments do not respect the BASH_ENV variable so installing these alias hooks does not work

Author: abdurriq

src/artifacts-helper/NOTES.md

@@ -1,6 +1,6 @@
 This installs [Azure Artifacts Credential Provider](https://github.com/microsoft/artifacts-credprovider)
-and optionally configures functions which shadow `dotnet`, `nuget`, `npm`, `yarn`, `rush`, and `pnpm` which dynamically sets an authentication token
-for pulling artifacts from a feed before running the command.
+and optionally configures shims which shadow `dotnet`, `nuget`, `npm`, `yarn`, `rush`, and `pnpm`.
+These dynamically sets an authentication token for pulling artifacts from a feed before running the command.
 
 For `npm`, `yarn`, `rush`, and `pnpm` this requires that your `~/.npmrc` file is configured to use the ${ARTIFACTS_ACCESSTOKEN}
 environment variable for the `authToken`. A helper script has been added that you can use to write your `~/.npmrc`
@@ -40,28 +40,4 @@ to download the package.
 
 ## OS Support
 
-This feature is tested to work on Debian/Ubuntu and Mariner CBL 2.0
-
-## Changing where functions are configured
-
-By default, the functions are defined in `/etc/bash.bashrc` and `/etc/zsh/zshrc` if the container user is `root`, otherwise `~/.bashrc` and `~/.zshrc`.
-This default configuration ensures that the functions are always available for any interactive shells.
-
-In some cases it can be useful to have the functions written to a non-default location. For example:
-- the configuration file of a shell other than `bash` and `zsh`
-- a custom file which is not a shell configuration script (so that it can be `source`d in non-interactive shells and scripts)
-
-To do this, set the `targetFiles` option to the path script path where the functions should be written. Note that the default paths WILL NOT be used
-if the `targetFiles` option is provided, so you may want to include them in the overridden value, or add `source` the custom script in those configurations:
-
-```bash
-# .devcontainer/devcontainer.json
-{
-    // ...
-    "targetFiles": "/custom/path/to/auth-helper.sh"
-}
-
-# ~/.bashrc
-
-source /custom/path/to/auth-helper.sh
-```
+This feature is tested to work on Debian/Ubuntu and Mariner CBL 2.0

src/artifacts-helper/devcontainer-feature.json

@@ -1,7 +1,7 @@
 {
     "name": "Azure Artifacts Credential Helper",
     "id": "artifacts-helper",
-    "version": "2.0.3",
+    "version": "3.0.0",
     "description": "Configures Codespace to authenticate with Azure Artifact feeds",
     "options": {
         "nugetURIPrefixes": {
@@ -49,10 +49,10 @@
             "default": true,
             "description": "Create alias for pnpm"
         },
-        "targetFiles": {
+        "shimDirectory": {
             "type": "string",
-            "default": "DEFAULT",
-            "description": "Comma separated list of files to write to. Default is '/etc/bash.bashrc,/etc/zsh/zshrc' for root and '~/.bashrc,~/.zshrc' for non-root"
+            "default": "/usr/local/bin",
+            "description": "Directory where the shims will be installed. This must be in $PATH, and needs to be as early as possible in priority for the scripts to override the base executables."
         },
         "python": {
             "type": "boolean",

src/artifacts-helper/install.sh

@@ -12,7 +12,7 @@ ALIAS_NPX="${NPXALIAS:-"true"}"
 ALIAS_RUSH="${RUSHALIAS:-"true"}"
 ALIAS_PNPM="${PNPMALIAS:-"true"}"
 INSTALL_PIP_HELPER="${PYTHON:-"false"}"
-COMMA_SEP_TARGET_FILES="${TARGETFILES:-"DEFAULT"}"
+SHIM_DIRECTORY="${SHIMDIRECTORY:-"/usr/local/bin"}"
 
 ALIASES_ARR=()
 
@@ -78,31 +78,23 @@ cd "$(dirname "$0")"
 
 cp ./scripts/install-provider.sh /tmp
 chmod +rx /tmp/install-provider.sh
+
 cp ./scripts/install-python-keyring.sh /tmp
 chmod +rx /tmp/install-python-keyring.sh
 
-sed "s|REPLACE_WITH_AZURE_DEVOPS_NUGET_FEED_URL_PREFIX|${PREFIXES}|g" ./scripts/run-dotnet.sh > /usr/local/bin/run-dotnet.sh
-chmod +rx /usr/local/bin/run-dotnet.sh
-sed "s|REPLACE_WITH_AZURE_DEVOPS_NUGET_FEED_URL_PREFIX|${PREFIXES}|g" ./scripts/run-nuget.sh > /usr/local/bin/run-nuget.sh
-chmod +rx /usr/local/bin/run-nuget.sh
-cp ./scripts/run-npm.sh /usr/local/bin/run-npm.sh
-chmod +rx /usr/local/bin/run-npm.sh
-cp ./scripts/run-yarn.sh /usr/local/bin/run-yarn.sh
-chmod +rx /usr/local/bin/run-yarn.sh
-cp ./scripts/write-npm.sh /usr/local/bin/write-npm.sh
-chmod +rx /usr/local/bin/write-npm.sh
-cp ./scripts/run-npx.sh /usr/local/bin/run-npx.sh
-chmod +rx /usr/local/bin/run-npx.sh
-
-cp ./scripts/run-rush.sh /usr/local/bin/run-rush.sh
-chmod +rx /usr/local/bin/run-rush.sh
-cp ./scripts/run-rush-pnpm.sh /usr/local/bin/run-rush-pnpm.sh
-chmod +rx /usr/local/bin/run-rush-pnpm.sh
-
-cp ./scripts/run-pnpm.sh /usr/local/bin/run-pnpm.sh
-chmod +rx /usr/local/bin/run-pnpm.sh
-cp ./scripts/run-pnpx.sh /usr/local/bin/run-pnpx.sh
-chmod +rx /usr/local/bin/run-pnpx.sh
+# Replace AZURE_DEVOPS_NUGET_FEED_URL_PREFIX in scripts that require it
+sed -i "s|REPLACE_WITH_AZURE_DEVOPS_NUGET_FEED_URL_PREFIX|${PREFIXES}|g" ./scripts/dotnet
+sed -i "s|REPLACE_WITH_AZURE_DEVOPS_NUGET_FEED_URL_PREFIX|${PREFIXES}|g" ./scripts/nuget
+
+# Install helper scripts in ${SHIM_DIRECTORY}
+cp "./scripts/auth-ado.sh" "${SHIM_DIRECTORY}"
+cp "./scripts/resolve-shim.sh" "${SHIM_DIRECTORY}"
+
+# Install selected shim scripts in ${SHIM_DIRECTORY}
+for alias in "${ALIASES_ARR[@]}"; do
+    chmod +rx "./scripts/${alias}"
+    cp "./scripts/${alias}" "${SHIM_DIRECTORY}"
+done
 
 if [ "${INSTALL_PIP_HELPER}" = "true" ]; then
     USER="${_REMOTE_USER}" /tmp/install-python-keyring.sh
@@ -116,28 +108,6 @@ if command -v sudo >/dev/null 2>&1; then
     fi
 fi
 
-if [ "${COMMA_SEP_TARGET_FILES}" = "DEFAULT" ]; then
-    if [ "${INSTALL_WITH_SUDO}" = "true" ]; then
-        COMMA_SEP_TARGET_FILES="~/.bashrc,~/.zshrc"
-    else
-        COMMA_SEP_TARGET_FILES="/etc/bash.bashrc,/etc/zsh/zshrc"
-    fi
-fi
-
-IFS=',' read -r -a TARGET_FILES_ARR <<< "$COMMA_SEP_TARGET_FILES"
-
-for ALIAS in "${ALIASES_ARR[@]}"; do
-    for TARGET_FILE in "${TARGET_FILES_ARR[@]}"; do
-        CMD="$ALIAS() { /usr/local/bin/run-$ALIAS.sh \"\$@\"; }"
-
-        if [ "${INSTALL_WITH_SUDO}" = "true" ]; then
-            sudo -u ${_REMOTE_USER} bash -c "echo '$CMD' >> $TARGET_FILE"
-        else
-            echo $CMD >> $TARGET_FILE || true
-        fi
-    done
-done
-
 if [ "${INSTALL_WITH_SUDO}" = "true" ]; then
     sudo -u ${_REMOTE_USER} bash -c "/tmp/install-provider.sh ${USENET6}"
 fi

src/artifacts-helper/scripts/auth-ado.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+if [ -f "${HOME}/ado-auth-helper" ]; then
+  ARTIFACTS_ACCESSTOKEN=$(${HOME}/ado-auth-helper get-access-token)
+fi

src/artifacts-helper/scripts/dotnet

@@ -0,0 +1,11 @@
+#!/bin/bash
+source auth-ado.sh
+source resolve-shim.sh
+
+# Install artifact credential provider if it is not already installed
+if [ ! -d "${HOME}/.nuget/plugins/netcore" ]; then
+  wget -qO- https://aka.ms/install-artifacts-credprovider.sh | bash
+fi
+
+DOTNET_EXE="$(resolve_shim)"
+VSS_NUGET_ACCESSTOKEN="${ARTIFACTS_ACCESSTOKEN:-}" VSS_NUGET_URI_PREFIXES=REPLACE_WITH_AZURE_DEVOPS_NUGET_FEED_URL_PREFIX ${NUGET_EXE} "$@"

src/artifacts-helper/scripts/npm

@@ -0,0 +1,6 @@
+#!/bin/bash
+source auth-ado.sh
+source resolve-shim.sh
+
+NPM_EXE="$(resolve_shim)"
+ARTIFACTS_ACCESSTOKEN="${ARTIFACTS_ACCESSTOKEN:-}" ${NPM_EXE} "$@"

src/artifacts-helper/scripts/npx

@@ -0,0 +1,6 @@
+#!/bin/bash
+source auth-ado.sh
+source resolve-shim.sh
+
+NPX_EXE="$(resolve_shim)"
+ARTIFACTS_ACCESSTOKEN="${ARTIFACTS_ACCESSTOKEN:-}" ${NPX_EXE} "$@"

src/artifacts-helper/scripts/pnpm

@@ -0,0 +1,6 @@
+#!/bin/bash
+source auth-ado.sh
+source resolve-shim.sh
+
+PNPM_EXE="$(resolve_shim)"
+ARTIFACTS_ACCESSTOKEN="${ARTIFACTS_ACCESSTOKEN:-}" ${PNPM_EXE} "$@"

src/artifacts-helper/scripts/pnpx

@@ -0,0 +1,6 @@
+#!/bin/bash
+source auth-ado.sh
+source resolve-shim.sh
+
+PNPX_EXE="$(resolve_shim)"
+ARTIFACTS_ACCESSTOKEN="${ARTIFACTS_ACCESSTOKEN:-}" ${PNPX_EXE} "$@"

src/artifacts-helper/scripts/resolve-shim.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+[[ ${RESOLVE_SHIMS_IMPORTED} == "true" ]] && return
+RESOLVE_SHIMS_IMPORTED=true
+
+resolve_shim() {
+    # Find the next non-shim executable in PATH so we do not run the shim again
+    shim_file=$(readlink -f "${BASH_SOURCE[1]}")
+    echo $(which -a dotnet | grep -vx "$shim_file" | head -n 1)
+}