PNPM docker 非根用户权限被拒绝
PNPM docker non-root user Permission Denied
我今天才发现 pnpm,它帮助解决了我安装时 npm 超时的问题,这太棒了。
docker 图片中的 pnpm tho 有问题。
以前只有 npm 我有像这样的非特权用户
FROM node:14.17.3-slim
# build args
ARG NPM_AUTH_TOKEN
ARG HOME=/home/app
ARG NPMRC_PATH=$HOME/.npmrc
# setup unprivileged user
RUN useradd -Umrd $HOME app
WORKDIR $HOME
USER app
# copy configuration
COPY --chown=app:app "bin" "bin"
COPY --chown=app:app "package.json" "package-lock.json" "webpack.config.js" ".babelrc" ./
RUN ./bin/write_npmrc && \
npm ci --production=false
ENV NODE_ENV=development
VOLUME ["$HOME/config", "$HOME/log", "$HOME/src"]
CMD ["npm", "start"]
EXPOSE 9000
但是如果我切换到 pnpn 由于权限被拒绝,我将无法继续构建图像,我需要使用 root 用户。
FROM node:14.17.3-slim
# build args
ARG NPM_AUTH_TOKEN
ARG HOME=/home/app
ARG NPMRC_PATH=$HOME/.npmrc
RUN apt-get update && apt-get install -y curl \
&& rm -rf /var/lib/apt/lists/*
RUN curl -f https://get.pnpm.io/v6.16.js | node - add --global pnpm
WORKDIR $HOME
# copy configuration
COPY "bin" "bin"
COPY "package.json" "pnpm-lock.yaml" "webpack.config.js" ".babelrc" ./
RUN ./bin/write_npmrc && \
pnpm install --frozen-lockfile
ENV NODE_ENV=development
VOLUME ["$HOME/config", "$HOME/log", "$HOME/src"]
CMD ["pnpm", "start"]
EXPOSE 9000
有什么办法可以让我保持
# setup unprivileged user
RUN useradd -Umrd $HOME app
WORKDIR $HOME
USER app
用 pnpm 代替?
您只需要在安装系统包后更改为您的非特权用户即可。
示例:
FROM node:14.17.3-slim
# build args
ARG NPM_AUTH_TOKEN
ARG HOME=/home/app
ARG NPMRC_PATH=$HOME/.npmrc
RUN apt-get update && apt-get install -y curl \
&& rm -rf /var/lib/apt/lists/*
RUN curl -f https://get.pnpm.io/v6.16.js | node - add --global pnpm
# setup unprivileged user
RUN useradd -Umrd $HOME app && \
chown -R app:app $HOME
WORKDIR $HOME
USER app
# copy configuration
COPY --chown=app:app "bin" "bin"
COPY --chown=app:app "package.json" "pnpm-lock.yaml" "webpack.config.js" ".babelrc" ./
RUN ./bin/write_npmrc && \
pnpm install --frozen-lockfile
ENV NODE_ENV=development
VOLUME ["$HOME/config", "$HOME/log", "$HOME/src"]
CMD ["pnpm", "start"]
EXPOSE 9000
我今天才发现 pnpm,它帮助解决了我安装时 npm 超时的问题,这太棒了。 docker 图片中的 pnpm tho 有问题。
以前只有 npm 我有像这样的非特权用户
FROM node:14.17.3-slim
# build args
ARG NPM_AUTH_TOKEN
ARG HOME=/home/app
ARG NPMRC_PATH=$HOME/.npmrc
# setup unprivileged user
RUN useradd -Umrd $HOME app
WORKDIR $HOME
USER app
# copy configuration
COPY --chown=app:app "bin" "bin"
COPY --chown=app:app "package.json" "package-lock.json" "webpack.config.js" ".babelrc" ./
RUN ./bin/write_npmrc && \
npm ci --production=false
ENV NODE_ENV=development
VOLUME ["$HOME/config", "$HOME/log", "$HOME/src"]
CMD ["npm", "start"]
EXPOSE 9000
但是如果我切换到 pnpn 由于权限被拒绝,我将无法继续构建图像,我需要使用 root 用户。
FROM node:14.17.3-slim
# build args
ARG NPM_AUTH_TOKEN
ARG HOME=/home/app
ARG NPMRC_PATH=$HOME/.npmrc
RUN apt-get update && apt-get install -y curl \
&& rm -rf /var/lib/apt/lists/*
RUN curl -f https://get.pnpm.io/v6.16.js | node - add --global pnpm
WORKDIR $HOME
# copy configuration
COPY "bin" "bin"
COPY "package.json" "pnpm-lock.yaml" "webpack.config.js" ".babelrc" ./
RUN ./bin/write_npmrc && \
pnpm install --frozen-lockfile
ENV NODE_ENV=development
VOLUME ["$HOME/config", "$HOME/log", "$HOME/src"]
CMD ["pnpm", "start"]
EXPOSE 9000
有什么办法可以让我保持
# setup unprivileged user
RUN useradd -Umrd $HOME app
WORKDIR $HOME
USER app
用 pnpm 代替?
您只需要在安装系统包后更改为您的非特权用户即可。
示例:
FROM node:14.17.3-slim
# build args
ARG NPM_AUTH_TOKEN
ARG HOME=/home/app
ARG NPMRC_PATH=$HOME/.npmrc
RUN apt-get update && apt-get install -y curl \
&& rm -rf /var/lib/apt/lists/*
RUN curl -f https://get.pnpm.io/v6.16.js | node - add --global pnpm
# setup unprivileged user
RUN useradd -Umrd $HOME app && \
chown -R app:app $HOME
WORKDIR $HOME
USER app
# copy configuration
COPY --chown=app:app "bin" "bin"
COPY --chown=app:app "package.json" "pnpm-lock.yaml" "webpack.config.js" ".babelrc" ./
RUN ./bin/write_npmrc && \
pnpm install --frozen-lockfile
ENV NODE_ENV=development
VOLUME ["$HOME/config", "$HOME/log", "$HOME/src"]
CMD ["pnpm", "start"]
EXPOSE 9000