无需手动输入用户名、密码和电子邮件的 NPM 登录
NPM Login without manually entering the username, password & email
我已经能够手动登录到我的 npm 注册表,即:在我的本地机器上 - 但由于某种原因,它在通过 CI 时无法正常工作。这里的问题是,在我执行 npm login
命令后,程序正在等待手动用户输入(用户名、密码、电子邮件),我找不到在管道中发送这些输入的方法(我在哪里无法进行手动用户输入):
我尝试过的这些不同方法:
1.将本地机器的 npm auth token 复制到 gitlab CI/CD 设置的环境变量中,然后将它们复制到根目录下的全局 .npmrc 中:
这会导致错误(未经身份验证):
$ cd ~
$ pwd
/root
$ echo "//<my_registry_url>:_authToken=$NPM_AUTH_TOKEN" > ~/.npmrc
$ cat .npmrc
<my_registry_url>:_authToken=[MASKED] //<-- the masked value is correct, I had it unmasked before once by mistake...
$ npm whoami
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T14_29_00_728Z-debug.log
Cleaning up file based variables
00:00
ERROR: Job failed: exit code 1
2。安装 npm-cli-login 并使用 npm login 命令
在一行中传递用户名、密码和电子邮件
$ npm install -g npm-cli-login
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
added 567 packages, and audited 568 packages in 46s
33 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
// trying to login now
$ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
info attempt registry request try #1 at 6:17:19 AM
http request PUT [MASKED]-/user/org.couchdb.user:<my correct username>
http 201 [MASKED]-/user/org.couchdb.user:<my correct username> // the login seems to have worked, at least I don't get an error
// then I go to the home directory to check the .npmrc file
$ cd ~
$ pwd
/root
$ cat .npmrc
//<my_registry_url>:_authToken=<eyJ...rest of token> // <-- so this was created correctly at my npm-cli-login command
// then I go back to the angular project folder
$ cd /builds/<my path>/app/src/main/ui
$ ls
README.md
angular.json
browserslist
debug.log
e2e
package.json
src
tsconfig.app.json
tsconfig.spec.json
// and when I now run npm install, it says I'm not authenticated
$ npm install
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated axios@0.20.0: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/reques/request/issues/3142
npm WARN deprecated fsevents@2.1.3: "Please update to latest v2.3 or v2.2"
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm" // <-- HERE IT FAILED
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T06_44_42_972Z-debug.log
Cleaning up file based variables
00:01
ERROR: Job failed: exit code 1
3。在我的 gitlab-ci.yml:
中使用这样的文档
- npm login --registry=<my_registry_url> << EOF
- $USERNAME
- $API_KEY
- $EMAIL
- EOF
这导致:
$ npm login --registry=<my_registry_url> << EOF
Username: npm WARN Name may not contain non-url-safe chars
Username: (echo $'\x1b[32;1m$ <my_username>\x1b[0;m') npm ERR! cb() never called!
npm ERR! This is an error with npm itself. Please report this error at:
npm ERR! <https://npm.community>
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T13_54_12_317Z-debug.log
ERROR: Job failed: exit code 1
上面的方法可能根本没有错,但不知何故,它只在我使用 _auth
而不是 .npmrc
文件中的 _authToken
值后才对我有用。
此方法在 here and on the jfrog confluence 网站上有描述。
在 运行 这个 curl 命令之后,我收到了我需要放入全局 .npmrc
文件中的所有内容:
curl -u ${JFROG_USER}:${JFROG_ENCRYPTED_PASSWORD} https://${JFROG_ORG}.jfrog.io/artifactory/api/npm/auth
对于任何感兴趣的人,我的 gitlab ci 管道阶段中的完整脚本现在如下所示:
script:
- npm -v
6.14.10
- node -v
v14.15.4
- cd ~
- pwd
/root
# install angular globally
- npm i -g @angular/cli
# create the config file '.npmrc' for authenticating at jFrog when running 'npm install'.
- cat > .npmrc
- echo _auth = ${NPM_AUTH_TOKEN} >> .npmrc <- This is the token that I received after running the curl command from the tutorial / link above
- echo always-auth = true >> .npmrc
- echo email = ${EMAIL} >> .npmrc
# the next line makes npm look for the packages that are annotated with @<my-private-repo> at the JFrog Repo.
- echo @<my-private-repo>:registry=${UI_JFROG_REGESTRY} >> .npmrc
# change back to the project folder.
- cd /builds/<my-project-folder>/ui
# install all packages + the <my-private-repo> package from JFrog.
- npm install
我已经能够手动登录到我的 npm 注册表,即:在我的本地机器上 - 但由于某种原因,它在通过 CI 时无法正常工作。这里的问题是,在我执行 npm login
命令后,程序正在等待手动用户输入(用户名、密码、电子邮件),我找不到在管道中发送这些输入的方法(我在哪里无法进行手动用户输入):
我尝试过的这些不同方法:
1.将本地机器的 npm auth token 复制到 gitlab CI/CD 设置的环境变量中,然后将它们复制到根目录下的全局 .npmrc 中: 这会导致错误(未经身份验证):
$ cd ~ $ pwd /root $ echo "//<my_registry_url>:_authToken=$NPM_AUTH_TOKEN" > ~/.npmrc $ cat .npmrc <my_registry_url>:_authToken=[MASKED] //<-- the masked value is correct, I had it unmasked before once by mistake... $ npm whoami npm ERR! code ENEEDAUTH npm ERR! need auth This command requires you to be logged in. npm ERR! need auth You need to authorize this machine using `npm adduser` npm ERR! A complete log of this run can be found in: npm ERR! /root/.npm/_logs/2021-03-02T14_29_00_728Z-debug.log Cleaning up file based variables 00:00 ERROR: Job failed: exit code 1
2。安装 npm-cli-login 并使用 npm login 命令
在一行中传递用户名、密码和电子邮件 $ npm install -g npm-cli-login
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
added 567 packages, and audited 568 packages in 46s
33 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
// trying to login now
$ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
info attempt registry request try #1 at 6:17:19 AM
http request PUT [MASKED]-/user/org.couchdb.user:<my correct username>
http 201 [MASKED]-/user/org.couchdb.user:<my correct username> // the login seems to have worked, at least I don't get an error
// then I go to the home directory to check the .npmrc file
$ cd ~
$ pwd
/root
$ cat .npmrc
//<my_registry_url>:_authToken=<eyJ...rest of token> // <-- so this was created correctly at my npm-cli-login command
// then I go back to the angular project folder
$ cd /builds/<my path>/app/src/main/ui
$ ls
README.md
angular.json
browserslist
debug.log
e2e
package.json
src
tsconfig.app.json
tsconfig.spec.json
// and when I now run npm install, it says I'm not authenticated
$ npm install
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated axios@0.20.0: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/reques/request/issues/3142
npm WARN deprecated fsevents@2.1.3: "Please update to latest v2.3 or v2.2"
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm" // <-- HERE IT FAILED
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T06_44_42_972Z-debug.log
Cleaning up file based variables
00:01
ERROR: Job failed: exit code 1
3。在我的 gitlab-ci.yml:
中使用这样的文档 - npm login --registry=<my_registry_url> << EOF
- $USERNAME
- $API_KEY
- $EMAIL
- EOF
这导致:
$ npm login --registry=<my_registry_url> << EOF
Username: npm WARN Name may not contain non-url-safe chars
Username: (echo $'\x1b[32;1m$ <my_username>\x1b[0;m') npm ERR! cb() never called!
npm ERR! This is an error with npm itself. Please report this error at:
npm ERR! <https://npm.community>
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T13_54_12_317Z-debug.log
ERROR: Job failed: exit code 1
上面的方法可能根本没有错,但不知何故,它只在我使用 _auth
而不是 .npmrc
文件中的 _authToken
值后才对我有用。
此方法在 here and on the jfrog confluence 网站上有描述。
在 运行 这个 curl 命令之后,我收到了我需要放入全局 .npmrc
文件中的所有内容:
curl -u ${JFROG_USER}:${JFROG_ENCRYPTED_PASSWORD} https://${JFROG_ORG}.jfrog.io/artifactory/api/npm/auth
对于任何感兴趣的人,我的 gitlab ci 管道阶段中的完整脚本现在如下所示:
script:
- npm -v
6.14.10
- node -v
v14.15.4
- cd ~
- pwd
/root
# install angular globally
- npm i -g @angular/cli
# create the config file '.npmrc' for authenticating at jFrog when running 'npm install'.
- cat > .npmrc
- echo _auth = ${NPM_AUTH_TOKEN} >> .npmrc <- This is the token that I received after running the curl command from the tutorial / link above
- echo always-auth = true >> .npmrc
- echo email = ${EMAIL} >> .npmrc
# the next line makes npm look for the packages that are annotated with @<my-private-repo> at the JFrog Repo.
- echo @<my-private-repo>:registry=${UI_JFROG_REGESTRY} >> .npmrc
# change back to the project folder.
- cd /builds/<my-project-folder>/ui
# install all packages + the <my-private-repo> package from JFrog.
- npm install