gcp-metadata - npm Package Compare versions

Comparing version 4.0.1 to 4.1.0

build/src/index.d.ts

@@ -9,7 +9,5 @@ /**
 import { OutgoingHttpHeaders } from 'http';
+export declare const BASE_PATH = "/computeMetadata/v1";
 export declare const HOST_ADDRESS = "http://169.254.169.254";
-export declare const BASE_PATH = "/computeMetadata/v1";
-export declare const BASE_URL: string;
 export declare const SECONDARY_HOST_ADDRESS = "http://metadata.google.internal.";
-export declare const SECONDARY_BASE_URL: string;
 export declare const HEADER_NAME = "Metadata-Flavor";
@@ -16,0 +14,0 @@ export declare const HEADER_VALUE = "Google";

build/src/index.js

@@ -11,10 +11,26 @@ "use strict";
 const jsonBigint = require('json-bigint'); // eslint-disable-line
+exports.BASE_PATH = '/computeMetadata/v1';
 exports.HOST_ADDRESS = 'http://169.254.169.254';
-exports.BASE_PATH = '/computeMetadata/v1';
-exports.BASE_URL = exports.HOST_ADDRESS + exports.BASE_PATH;
 exports.SECONDARY_HOST_ADDRESS = 'http://metadata.google.internal.';
-exports.SECONDARY_BASE_URL = exports.SECONDARY_HOST_ADDRESS + exports.BASE_PATH;
 exports.HEADER_NAME = 'Metadata-Flavor';
 exports.HEADER_VALUE = 'Google';
 exports.HEADERS = Object.freeze({ [exports.HEADER_NAME]: exports.HEADER_VALUE });
+/**
+ * Returns the base URL while taking into account the GCE_METADATA_IP
+ * environment variable if it exists.
+ *
+ * @returns The base URL, e.g., http://169.254.169.254/computeMetadata/v1.
+ */
+function getBaseUrl(baseUrl) {
+    if (!baseUrl) {
+        baseUrl = process.env.GCE_METADATA_IP
+            ? process.env.GCE_METADATA_IP
+            : exports.HOST_ADDRESS;
+    }
+    // If no scheme is provided default to HTTP:
+    if (!/^https?:\/\//.test(baseUrl)) {
+        baseUrl = `http://${baseUrl}`;
+    }
+    return new URL(exports.BASE_PATH, baseUrl).href;
+}
 // Accepts an options object passed from the user to the API. In previous
@@ -52,3 +68,3 @@ // versions of the API, it referred to a `Request` or an `Axios` request
         const res = await requestMethod({
-            url: `${exports.BASE_URL}/${type}${property}`,
+            url: `${getBaseUrl()}/${type}${property}`,
             headers: Object.assign({}, exports.HEADERS, options.headers),
@@ -87,3 +103,3 @@ retryConfig: { noResponseRetries },
         ...options,
-        url: options.url.replace(exports.BASE_URL, exports.SECONDARY_BASE_URL),
+        url: options.url.replace(getBaseUrl(), getBaseUrl(exports.SECONDARY_HOST_ADDRESS)),
     };
@@ -165,3 +181,7 @@ // We race a connection between DNS/IP to metadata server. There are a couple
         if (cachedIsAvailableResponse === undefined) {
-            cachedIsAvailableResponse = metadataAccessor('instance', undefined, detectGCPAvailableRetries(), true);
+            cachedIsAvailableResponse = metadataAccessor('instance', undefined, detectGCPAvailableRetries(), 
+            // If the default HOST_ADDRESS has been overridden, we should not
+            // make an effort to try SECONDARY_HOST_ADDRESS (as we are likely in
+            // a non-GCP environment):
+            process.env.GCE_METADATA_IP ? false : true);
         }
@@ -180,19 +200,26 @@ await cachedIsAvailableResponse;
         }
-        else if (err.code &&
-            [
-                'EHOSTDOWN',
-                'EHOSTUNREACH',
-                'ENETUNREACH',
-                'ENOENT',
-                'ENOTFOUND',
-                'ECONNREFUSED',
-            ].includes(err.code)) {
-            // Failure to resolve the metadata service means that it is not available.
+        if (err.response && err.response.status === 404) {
             return false;
         }
-        else if (err.response && err.response.status === 404) {
+        else {
+            if (!(err.response && err.response.status === 404) &&
+                // A warning is emitted if we see an unexpected err.code, or err.code
+                // is not populated:
+                (!err.code ||
+                    ![
+                        'EHOSTDOWN',
+                        'EHOSTUNREACH',
+                        'ENETUNREACH',
+                        'ENOENT',
+                        'ENOTFOUND',
+                        'ECONNREFUSED',
+                    ].includes(err.code))) {
+                let code = 'UNKNOWN';
+                if (err.code)
+                    code = err.code;
+                process.emitWarning(`received unexpected error = ${err.message} code = ${code}`, 'MetadataLookupWarning');
+            }
+            // Failure to resolve the metadata service means that it is not available.
             return false;
         }
-        // Throw unexpected errors.
-        throw err;
     }
@@ -199,0 +226,0 @@ }

CHANGELOG.md

@@ -7,2 +7,15 @@ # Changelog
 
+## [4.1.0](https://www.github.com/googleapis/gcp-metadata/compare/v4.0.1...v4.1.0) (2020-05-05)
+
+
+### Features
+
+* Introduces the GCE_METADATA_IP to allow using a different IP address for the GCE metadata server. ([#346](https://www.github.com/googleapis/gcp-metadata/issues/346)) ([ec0f82d](https://www.github.com/googleapis/gcp-metadata/commit/ec0f82d022b4b3aac95e94ee1d8e53cfac3b14a4))
+
+
+### Bug Fixes
+
+* do not check secondary host if GCE_METADATA_IP set ([#352](https://www.github.com/googleapis/gcp-metadata/issues/352)) ([64fa7d6](https://www.github.com/googleapis/gcp-metadata/commit/64fa7d68cbb76f455a3bfdcb27d58e7775eb789a))
+* warn rather than throwing when we fail to connect to metadata server ([#351](https://www.github.com/googleapis/gcp-metadata/issues/351)) ([754a6c0](https://www.github.com/googleapis/gcp-metadata/commit/754a6c07d1a72615cbb5ebf9ee04475a9a12f1c0))
+
 ### [4.0.1](https://www.github.com/googleapis/gcp-metadata/compare/v4.0.0...v4.0.1) (2020-04-14)
@@ -9,0 +22,0 @@

package.json

 {
   "name": "gcp-metadata",
-  "version": "4.0.1",
+  "version": "4.1.0",
   "description": "Get the metadata from a Google Cloud Platform environment",
@@ -24,3 +24,5 @@ "repository": "googleapis/gcp-metadata",
     "predocs-test": "npm run docs",
-    "prelint": "cd samples; npm link ../; npm i"
+    "prelint": "cd samples; npm link ../; npm install",
+    "clean": "gts clean",
+    "precompile": "gts clean"
   },
@@ -48,3 +50,3 @@ "keywords": [
     "@types/node": "^12.7.2",
-    "@types/tmp": "0.1.0",
+    "@types/tmp": "0.2.0",
     "@types/uuid": "^7.0.0",
@@ -55,3 +57,3 @@ "c8": "^7.0.0",
     "gcx": "^1.0.0",
-    "googleapis": "^48.0.0",
+    "googleapis": "^49.0.0",
     "gts": "^2.0.0",
@@ -62,5 +64,5 @@ "linkinator": "^2.0.0",
     "nock": "^12.0.0",
-    "tmp": "^0.1.0",
+    "tmp": "^0.2.0",
     "typescript": "^3.8.3",
-    "uuid": "^7.0.0"
+    "uuid": "^8.0.0"
   },
@@ -67,0 +69,0 @@ "engines": {

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Improved metrics

Total package byte prevSize

49999

increased by5.64%

Lines of code

274

increased by10.04%

Worsened metrics

Number of low supply chain risk alerts

16

increased by220%

No dependency changes