安装私有 npm 包适用于本地笔记本电脑,但不适用于 gitlab 管道

Installing private npm package works on local laptop but not in gitlab pipeline

为什么我的 gitlab 管道中的这个构建阶段失败

npm 错了! 401:无法认证,需要:Basic realm="Artifactory Realm"

当我 运行 命令 $ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY 时,我似乎正确登录了。显示了我正确的用户名,并且在我的主目录中创建了全局 .npmrc 文件。但是当我 运行 npm installnpm i --registry=https://<my_private_repo>.jfrog.io/<my_private_repo> 它失败并显示 401.

我在失败的管道阶段的日志中看到以下输出:

Pulling docker image node:14.15.4 ...
Using docker image sha256:924763541c... for node:14.15.4 with digest node@sha256:cb01e9d98a...
Preparing environment 00:01
Running on runner-ffeacb89-project-...-concurrent-0 via ....r.gitlab.host...
Getting source from Git repository 00:01
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in /builds/gravity/my_test_project/.git/
Checking out 5f7... as dev...
Removing .gradle/
Skipping Git submodules setup
Restoring cache 00:06
Checking cache for my_test_project...
cache.zip is up to date                            
Successfully extracted cache
Executing "step_script" stage of the job script 01:07
Using docker image sha256:924763541c0c8b3839132... for node:14.15.4 with digest node@sha256:cb01e9d9... ...
$ export GRADLE_USER_HOME=`pwd`/.gradle
$ pwd
/builds/my_test_project
$ cd ~
$ npm install -g npm-cli-login
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
/usr/local/bin/npm-cli-login -> /usr/local/lib/node_modules/npm-cli-login/bin/npm-cli-login.js
> core-js@3.10.1 postinstall /usr/local/lib/node_modules/npm-cli-login/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"
+ npm-cli-login@0.1.1
added 634 packages from 451 contributors in 34.086s
$ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
info attempt registry request try #1 at 2:32:54 PM
http request PUT https://<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm/-/user/org.couchdb.user:<my_correct_username>
http 201 https://<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm/-/user/org.couchdb.user:<my_correct_username>
$ pwd
/root
$ cat .npmrc
//<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm//:_authToken=eyJ2...(very long token, looks correct)
$ echo 'always-auth = true' >> .npmrc
$ cat .npmrc
//<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm//:_authToken=eyJ2...(very long token, looks correct)
always-auth = true
$ npm i -g @angular/cli
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
/usr/local/bin/ng -> /usr/local/lib/node_modules/@angular/cli/bin/ng
> @angular/cli@11.2.9 postinstall /usr/local/lib/node_modules/@angular/cli
> node ./bin/postinstall/script.js
+ @angular/cli@11.2.9
added 242 packages from 181 contributors in 12.287s
$ cd /builds/my_test_project/ui
$ printenv NPM_TOKEN
eyJ2Z...(my long token)
$ npm config set //registry.npmjs.org/:_authToken ${NPM_TOKEN}
$ npm install
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated axios@0.20.0: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated fsevents@2.1.3: "Please update to latest v2.3 or v2.2"
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm"
npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2021-04-16T14_33_25_786Z-debug.log
Cleaning up file based variables 00:00
ERROR: Job failed: exit code 1

这是我在 .gitlab-ci.yml 文件中的构建阶段(Spring 引导项目)

build:
  stage: build
  image: node:14.15.4
  script:
    - pwd
    - cd ~
    - npm install -g npm-cli-login
    - npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
    - cat .npmrc
    - echo 'always-auth = true' >> .npmrc
    - cat .npmrc
    - npm i -g @angular/cli
    - cd /builds/myProjectFolder
    - printenv NPM_TOKEN
    - npm config set //myrepo.jfrog.io/myrepo/api/npm/npm//:_authToken ${NPM_TOKEN}
    - npm install --registry=https://myrepo.jfrog.io/<my_private_repo>/api/npm/npm/
  artifacts:
    paths:
      - app/src/ui/dist/dm-consent-page
    expire_in: 5 days

我用这个方法解决了:https://gruchalski.com/posts/2020-09-09-authenticate-to-private-jfrog-npm-registry/

在 运行 这个 curl 命令之后,我收到了我需要放入我的全局 .npmrc 文件中的所有内容:

curl -u ${JFROG_USER}:${JFROG_ENCRYPTED_PASSWORD} https://${JFROG_ORG}.jfrog.io/${JFROG_ORG}/api/npm/auth

对于任何感兴趣的人,我的 gitlab ci 管道阶段中的完整脚本现在如下所示:

script:
  - npm -v
  6.14.10
  - node -v
  v14.15.4
  - cd ~
  - pwd
  /root
  # install angular globally
  - npm i -g @angular/cli
  # create the config file '.npmrc' for authenticating at jFrog when running 'npm install'.
  - cat > .npmrc
  - echo _auth = ${NPM_AUTH_TOKEN} >> .npmrc    <- This is the token that I received after running the curl command from the tutorial / link above
  - echo always-auth = true >> .npmrc
  - echo email = ${EMAIL} >> .npmrc
  # the next line makes npm look for the packages that are annotated with @<my-private-repo> at the JFrog Repo.
  - echo @<my-private-repo>:registry=${UI_JFROG_REGESTRY} >> .npmrc
  # change back to the project folder.
  - cd /builds/<my-project-folder>/ui
  # install all packages + the <my-private-repo> package from JFrog.
  - npm install