fix(ci): use wombat dressing room fallback in nightly release to prevent ENEEDAUTH

[rmedranollamas]

Summary

This PR resolves the ENEEDAUTH custom npm registry authentication mapping mismatch error that occurs during the scheduled nightly release pipeline.

Details

In the scheduled nightly release workflow (release-nightly.yml), when the pipeline triggers on a schedule, it runs in the 'internal' environment where vars.NPM_REGISTRY_PUBLISH_URL is undefined.

Because of this, it was falling back to the default of 'https://registry.npmjs.org/'. This caused actions/setup-node to generate authorization config in ~/.npmrc mapped to registry.npmjs.org. However, since all of our packages under the @google scope are mapped to use the Wombat Dressing Room proxy (https://wombat-dressing-room.appspot.com) in the local project .npmrc files, npm publish would attempt to publish to Wombat but find no credentials mapped to it, resulting in npm error need auth.

To resolve this:

• Replaced the nightly fallback publish/registry URLs in .github/workflows/release-nightly.yml with https://wombat-dressing-room.appspot.com to guarantee correct authentication mapping on nightly runs.
• Standardized the registry URL format by removing the trailing slashes across .npmrc, packages/core/.npmrc, and .github/actions/setup-npmrc/action.yml to prevent key mismatch during npm's strict URL matching.

Related Issues

Fixes #28102 Fixes #28087

How to Validate

Since this is a CI environment workflow bug, validation can be confirmed by running the nightly release workflow on a branch or observing the next scheduled nightly run. The configuration change ensures that even if environment variables are not loaded, the fallback correctly targets the custom registry.

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses authentication failures during scheduled nightly releases by standardizing registry URL formats and ensuring the correct proxy is used. Additionally, it includes stability improvements for the test suite and scheduler, ensuring more reliable execution in CI environments.

Highlights

• CI Registry Authentication: Updated the nightly release workflow and npm configuration to use the Wombat Dressing Room proxy URL consistently, preventing ENEEDAUTH errors caused by registry mismatches.
• Registry URL Standardization: Removed trailing slashes from registry URLs across project configuration files to ensure strict URL matching compatibility.
• Test Infrastructure Improvements: Added support for non-strict fake response loading in integration tests and increased timeouts to improve CI stability.
• Scheduler Yielding: Updated the scheduler to use a 10ms timeout instead of queueMicrotask for yielding to the event loop, ensuring better external event processing.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/release-nightly.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

📊 PR Size: size/XS

• Lines changed: 8
• Additions: +4
• Deletions: -4
• Files changed: 3

[gemini-code-assist]

Code Review

This pull request introduces several updates to improve the robustness of integration tests, release publishing, and scheduler yielding. Key changes include adding --ignore-scripts to npm publish commands, removing trailing slashes from registry URLs, implementing a non-strict mode for fake responses in tests, and replacing queueMicrotask with setTimeout in the scheduler. Feedback is provided regarding the error handling in parallel-tools.test.ts, where writing the failure output directly to the workspace without a nested try-catch could mask the original test failure if the write operation fails.

I am having trouble creating individual review comments. Click here to see my feedback.

integration-tests/parallel-tools.test.ts (58-61)

Writing to a file in the catch block without wrapping it in a try-catch can mask the original test failure. If fs.writeFileSync throws an error (e.g., due to permission issues or a read-only file system in the CI environment), the original assertion failure (err) will be lost, making debugging extremely difficult. Additionally, writing directly to the current working directory can pollute the workspace. Wrapping the write operation in a try-catch and writing to rig.testDir ensures the original error is always rethrown and the workspace remains clean.

    } catch (err) {
      try {
        fs.writeFileSync(join(rig.testDir!, 'pty_output_failure.txt'), run.output);
      } catch (writeErr) {
        console.error('Failed to write pty_output_failure.txt:', writeErr);
      }
      throw err;
    }

References

1. In contexts like test logging or error handling, prefer synchronous file I/O over asynchronous methods to ensure data durability and log capture.