使用 Nexus https npm 注册表代理时,我应该如何在 .npmrc 中设置 _auth?
How should I set _auth in .npmrc when using a Nexus https npm registry proxy?
上下文
我的 .npmrc 文件似乎被正确读取(从命令行和 Maven 构建中使用 npm config ls -l 检查)。
npm 所在的机器 运行 无法直接连接到网络,它只能连接到 Nexus npm 注册表 url。因此,未设置代理属性 proxy 和 https-proxy。
由于对 Nexus 的访问受到限制,我从 Nexus 中生成了一个访问令牌。
Nexus 安全令牌由用户名和密码组成,两者都包含 / 等字符,通常必须是 "url encoded"
正如预期的那样,使用此配置,当 运行ning npm install 检测不到代理时。
Nexus npm 注册表代理似乎已正确设置(在使用生成的令牌连接后,我可以使用网络浏览器访问 json 文件并下载 tgz 文件)
如果我将 registry 设置为 http://registry.npmjs.org/ 并注释 _auth、email、always-auth、strict-ssl 属性,并添加 proxy 和 https-proxy 配置, npm install 按预期工作(但我无法在目标环境中执行)
.npmrc 文件的内容
; Nexus proxy registry pointing to http://registry.npmjs.org/
registry = https://<host>/nexus/content/repositories/npmjs-registry/
; base64 encoded authentication token
_auth = <see question below>
; required by Nexus
email = <valid email>
; force auth to be used for GET requests
always-auth = true
; we don't want to put certificates in .npmrc
strict-ssl = false
loglevel = silly
问题
我应该如何正确生成 _auth 属性 才能让 npm install 按预期工作?
到目前为止我试过了
- base64Encode(
<username>:<password>)
- 结果
npm info retry will retry, error on last attempt: Error: socket hang up
- base64Encode(urlencode(
<username>:<password>))
- 结果
npm info retry will retry, error on last attempt: Error: This request requires auth credentials. Run `npm login` and repeat the request.
- base64Encode(urlencode(
<username>):urlencode(<password>))
- 结果
npm info retry will retry, error on last attempt: Error: socket hang up
收到 socket hang up 错误时,我有以下堆栈跟踪:
http request GET https://<host>/nexus/content/repositories/npmjs-registry/fsevents
sill fetchPackageMetaData Error: socket hang up
sill fetchPackageMetaData at TLSSocket.onHangUp (_tls_wrap.js:1035:19)
sill fetchPackageMetaData at TLSSocket.g (events.js:260:16)
sill fetchPackageMetaData at emitNone (events.js:72:20)
sill fetchPackageMetaData at TLSSocket.emit (events.js:166:7)
sill fetchPackageMetaData at endReadableNT (_stream_readable.js:905:12)
sill fetchPackageMetaData at doNTCallback2 (node.js:441:9)
sill fetchPackageMetaData at process._tickCallback (node.js:355:17)
sill fetchPackageMetaData error for fsevents@^1.0.0 { [Error: socket hang up] code: 'ECONNRESET' }
WARN install Couldn't install optional dependency: socket hang up
verb install Error: socket hang up
verb install at TLSSocket.onHangUp (_tls_wrap.js:1035:19)
verb install at TLSSocket.g (events.js:260:16)
verb install at emitNone (events.js:72:20)
verb install at TLSSocket.emit (events.js:166:7)
verb install at endReadableNT (_stream_readable.js:905:12)
verb install at doNTCallback2 (node.js:441:9)
verb install at process._tickCallback (node.js:355:17)
收到 This request requires auth credentials 错误时,我有以下堆栈跟踪:
npm sill fetchPackageMetaData Error: This request requires auth credentials. Run `npm login` and repeat the request.
npm sill fetchPackageMetaData at CachingRegistryClient.authify (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\authify.js:17:14)
npm sill fetchPackageMetaData at CachingRegistryClient.makeRequest (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:103:17)
npm sill fetchPackageMetaData at <root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:66:17
npm sill fetchPackageMetaData at RetryOperation._fn (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\attempt.js:18:5)
npm sill fetchPackageMetaData at null._onTimeout (<root>\ui\target\node\node_modules\npm\node_modules\retry\lib\retry_operation.js:49:10)
npm sill fetchPackageMetaData at Timer.listOnTimeout (timers.js:92:15)
npm sill fetchPackageMetaData error for fsevents@^1.0.0 [Error: This request requires auth credentials. Run `npm login` and repeat the request.]
npm WARN install Couldn't install optional dependency: This request requires auth credentials. Run `npm login` and repeat the request.
npm verb install Error: This request requires auth credentials. Run `npm login` and repeat the request.
npm verb install at CachingRegistryClient.authify (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\authify.js:17:14)
npm verb install at CachingRegistryClient.makeRequest (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:103:17)
npm verb install at <root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:66:17
npm verb install at RetryOperation._fn (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\attempt.js:18:5)
npm verb install at null._onTimeout (<root>\ui\target\node\node_modules\npm\node_modules\retry\lib\retry_operation.js:49:10)
npm verb install at Timer.listOnTimeout (timers.js:92:15)
提前致谢。
查看 registry-client 代码后,我找到了答案,就在这里。我 post 它可能对其他人有帮助:
base64Encode(<username>:<password>)
顺便说一下,有一个 URL 编码,但它是 authify.js 负责的。
我面临的 "socket hang up" 问题是因为如果在 Windows 配置中设置了代理,当从 CLI(而不是 Maven)启动 npm 时build) 所有 ```.npmrc`` 代理设置似乎被忽略,而 npm 忽略本机代理排除(对于公司 url)。我会打开工单来报告这种奇怪的行为。
我不知道 Nexus,但我们使用 artifactory 作为 npm 存储库,在那里我可以通过调用 base64encode(username:encryptedPassword) 创建我的身份验证令牌,其中 encryptedPassword 是我从我的个人人工档案。
也许这有帮助。
https://books.sonatype.com/nexus-book/reference/npm-deploying-packages.html
$ echo -n 'username:password' | openssl base64
我刚刚编写了一个包装器,用于将凭据存储在您的系统钥匙串中并即时提供它们。查看:https://github.com/Xiphe/npm_keychain_auth
Before you run npm login, please follow the instructions below :
1) Create an ~/.npmrc file with the following contents:
registry=https://example.com/repository/npm-group/
email=username@example.com
always-auth=true
//example.com/repository/npm-group/:_authToken=
2) run `npm login`
# npm login
Username: firstname.lastname
Password:
Email: (this IS public) firstname.lastname@example.com
Logged in as firstname,lastname on https://example.com/repository/npm-group/.
Use the same password you use to login to example.com
如果您有授权令牌,则不应使用 username:password。
我建议你:
生成令牌
- 删除你的 ~/.npmrc 或重命名它。
- 确保您的环境设置如 $NPM_CONFIG_* 未设置。
- 使用以下方法验证电子邮件和其他设置是否已取消:
npm config list
- 使用以下命令登录 npm:
npm login --registry=https://nexus.whatever.registry/respository/npm-whatever-group/
- 登录后 - 您已登录。 npm 应该在你的 ~/.npmrc 中为它生成一个令牌。它看起来像:
//nexus.whatever.registry/respository/npm-whatever-group/:_authToken=NpmToken.YOUR-LOVELY-TOKEN-IN-HEX
- 您可以在项目、CI 管道和其他项目中使用该令牌。确保在你的项目 .npmrc 中有:
//nexus.whatever.registry/respository/npm-whatever-group/:_authToken=NpmToken.YOUR-LOVELY-TOKEN-IN-HEX
email = <EMAIL_USED_FOR_TOKEN_GENERATION>
always-auth = true
registry = https://nexus.whatever.registry/respository/npm-whatever-group/
如果authentication/certs有问题:
- 添加环境变量(也添加到您的 CI/CD 管道)
$NODE_EXTRA_CA_CERTS 指向 /home/wherever/is/your/cert.pem
对于 CI/CD 管道(如 gitlabs 或 jenikins):
- 考虑用
${RELEVANT_ENV_VARIABLES} 替换 .npmrc 项目文件中的实际值。通过这种方式,您将使它们不那么显眼,并且始终在管道更改时自动更新。
希望对您有所帮助。
上下文
我的
.npmrc文件似乎被正确读取(从命令行和 Maven 构建中使用npm config ls -l检查)。npm所在的机器 运行 无法直接连接到网络,它只能连接到 Nexus npm 注册表 url。因此,未设置代理属性proxy和https-proxy。由于对 Nexus 的访问受到限制,我从 Nexus 中生成了一个访问令牌。
Nexus 安全令牌由用户名和密码组成,两者都包含
/等字符,通常必须是 "url encoded"正如预期的那样,使用此配置,当 运行ning
npm install检测不到代理时。Nexus npm 注册表代理似乎已正确设置(在使用生成的令牌连接后,我可以使用网络浏览器访问
json文件并下载tgz文件)如果我将
registry设置为http://registry.npmjs.org/并注释_auth、email、always-auth、strict-ssl属性,并添加proxy和https-proxy配置,npm install按预期工作(但我无法在目标环境中执行)
.npmrc 文件的内容
; Nexus proxy registry pointing to http://registry.npmjs.org/
registry = https://<host>/nexus/content/repositories/npmjs-registry/
; base64 encoded authentication token
_auth = <see question below>
; required by Nexus
email = <valid email>
; force auth to be used for GET requests
always-auth = true
; we don't want to put certificates in .npmrc
strict-ssl = false
loglevel = silly
问题
我应该如何正确生成 _auth 属性 才能让 npm install 按预期工作?
到目前为止我试过了
- base64Encode(
<username>:<password>)- 结果
npm info retry will retry, error on last attempt: Error: socket hang up
- 结果
- base64Encode(urlencode(
<username>:<password>))- 结果
npm info retry will retry, error on last attempt: Error: This request requires auth credentials. Run `npm login` and repeat the request.
- 结果
- base64Encode(urlencode(
<username>):urlencode(<password>))- 结果
npm info retry will retry, error on last attempt: Error: socket hang up
- 结果
收到 socket hang up 错误时,我有以下堆栈跟踪:
http request GET https://<host>/nexus/content/repositories/npmjs-registry/fsevents
sill fetchPackageMetaData Error: socket hang up
sill fetchPackageMetaData at TLSSocket.onHangUp (_tls_wrap.js:1035:19)
sill fetchPackageMetaData at TLSSocket.g (events.js:260:16)
sill fetchPackageMetaData at emitNone (events.js:72:20)
sill fetchPackageMetaData at TLSSocket.emit (events.js:166:7)
sill fetchPackageMetaData at endReadableNT (_stream_readable.js:905:12)
sill fetchPackageMetaData at doNTCallback2 (node.js:441:9)
sill fetchPackageMetaData at process._tickCallback (node.js:355:17)
sill fetchPackageMetaData error for fsevents@^1.0.0 { [Error: socket hang up] code: 'ECONNRESET' }
WARN install Couldn't install optional dependency: socket hang up
verb install Error: socket hang up
verb install at TLSSocket.onHangUp (_tls_wrap.js:1035:19)
verb install at TLSSocket.g (events.js:260:16)
verb install at emitNone (events.js:72:20)
verb install at TLSSocket.emit (events.js:166:7)
verb install at endReadableNT (_stream_readable.js:905:12)
verb install at doNTCallback2 (node.js:441:9)
verb install at process._tickCallback (node.js:355:17)
收到 This request requires auth credentials 错误时,我有以下堆栈跟踪:
npm sill fetchPackageMetaData Error: This request requires auth credentials. Run `npm login` and repeat the request.
npm sill fetchPackageMetaData at CachingRegistryClient.authify (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\authify.js:17:14)
npm sill fetchPackageMetaData at CachingRegistryClient.makeRequest (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:103:17)
npm sill fetchPackageMetaData at <root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:66:17
npm sill fetchPackageMetaData at RetryOperation._fn (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\attempt.js:18:5)
npm sill fetchPackageMetaData at null._onTimeout (<root>\ui\target\node\node_modules\npm\node_modules\retry\lib\retry_operation.js:49:10)
npm sill fetchPackageMetaData at Timer.listOnTimeout (timers.js:92:15)
npm sill fetchPackageMetaData error for fsevents@^1.0.0 [Error: This request requires auth credentials. Run `npm login` and repeat the request.]
npm WARN install Couldn't install optional dependency: This request requires auth credentials. Run `npm login` and repeat the request.
npm verb install Error: This request requires auth credentials. Run `npm login` and repeat the request.
npm verb install at CachingRegistryClient.authify (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\authify.js:17:14)
npm verb install at CachingRegistryClient.makeRequest (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:103:17)
npm verb install at <root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\request.js:66:17
npm verb install at RetryOperation._fn (<root>\ui\target\node\node_modules\npm\node_modules\npm-registry-client\lib\attempt.js:18:5)
npm verb install at null._onTimeout (<root>\ui\target\node\node_modules\npm\node_modules\retry\lib\retry_operation.js:49:10)
npm verb install at Timer.listOnTimeout (timers.js:92:15)
提前致谢。
查看 registry-client 代码后,我找到了答案,就在这里。我 post 它可能对其他人有帮助:
base64Encode(<username>:<password>)
顺便说一下,有一个 URL 编码,但它是 authify.js 负责的。
我面临的 "socket hang up" 问题是因为如果在 Windows 配置中设置了代理,当从 CLI(而不是 Maven)启动 npm 时build) 所有 ```.npmrc`` 代理设置似乎被忽略,而 npm 忽略本机代理排除(对于公司 url)。我会打开工单来报告这种奇怪的行为。
我不知道 Nexus,但我们使用 artifactory 作为 npm 存储库,在那里我可以通过调用 base64encode(username:encryptedPassword) 创建我的身份验证令牌,其中 encryptedPassword 是我从我的个人人工档案。
也许这有帮助。
https://books.sonatype.com/nexus-book/reference/npm-deploying-packages.html
$ echo -n 'username:password' | openssl base64
我刚刚编写了一个包装器,用于将凭据存储在您的系统钥匙串中并即时提供它们。查看:https://github.com/Xiphe/npm_keychain_auth
Before you run npm login, please follow the instructions below :
1) Create an ~/.npmrc file with the following contents:
registry=https://example.com/repository/npm-group/
email=username@example.com
always-auth=true
//example.com/repository/npm-group/:_authToken=
2) run `npm login`
# npm login
Username: firstname.lastname
Password:
Email: (this IS public) firstname.lastname@example.com
Logged in as firstname,lastname on https://example.com/repository/npm-group/.
Use the same password you use to login to example.com
如果您有授权令牌,则不应使用 username:password。 我建议你:
生成令牌
- 删除你的 ~/.npmrc 或重命名它。
- 确保您的环境设置如 $NPM_CONFIG_* 未设置。
- 使用以下方法验证电子邮件和其他设置是否已取消:
npm config list - 使用以下命令登录 npm:
npm login --registry=https://nexus.whatever.registry/respository/npm-whatever-group/ - 登录后 - 您已登录。 npm 应该在你的 ~/.npmrc 中为它生成一个令牌。它看起来像:
//nexus.whatever.registry/respository/npm-whatever-group/:_authToken=NpmToken.YOUR-LOVELY-TOKEN-IN-HEX
- 您可以在项目、CI 管道和其他项目中使用该令牌。确保在你的项目 .npmrc 中有:
//nexus.whatever.registry/respository/npm-whatever-group/:_authToken=NpmToken.YOUR-LOVELY-TOKEN-IN-HEX
email = <EMAIL_USED_FOR_TOKEN_GENERATION>
always-auth = true
registry = https://nexus.whatever.registry/respository/npm-whatever-group/
如果authentication/certs有问题:
- 添加环境变量(也添加到您的 CI/CD 管道) $NODE_EXTRA_CA_CERTS 指向 /home/wherever/is/your/cert.pem
对于 CI/CD 管道(如 gitlabs 或 jenikins):
- 考虑用
${RELEVANT_ENV_VARIABLES}替换 .npmrc 项目文件中的实际值。通过这种方式,您将使它们不那么显眼,并且始终在管道更改时自动更新。
- 考虑用
希望对您有所帮助。