我的 JavaScript 项目成功地利用了Dockerfile
. 在“构建”阶段.npmrc
,正在使用作为 Docker 构建参数提供的秘密动态构建文件,如下所示:
FROM node:12.16-alpine AS build
ARG ACCESS_TOKEN
WORKDIR /app
COPY package*.json ./
RUN echo "//npm.pkg.github.com/:_authToken=$ACCESS_TOKEN" > .npmrc && \
echo "@my_org:registry=https://npm.pkg.github.com" >> .npmrc && \
npm ci --production && \
rm -f .npmrc
# ...remainder of file omitted
我知道我可以在命令行中提供令牌,如下所示:NPM_TOKEN=$ACCESS_TOKEN npm ci --production
. 但是,这失败如下:
... earlier docker build output omitted
---> 68c5ba096f60
Step 6/16 : RUN NPM_TOKEN=$ACCESS_TOKEN npm ci --production --registry https://npm.pkg.github.com/
---> Running in 418c51a85c15
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="GitHub Package Registry"
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2020-09-09T11_07_17_789Z-debug.log
failed to build: couldn't build "my_org/my-project": unable to stream build output: The command '/bin/sh -c NPM_TOKEN=$ACCESS_TOKEN npm ci --production --registry https://npm.pkg.github.com/' returned a non-zero code: 1
我正在尝试的是可能的还是必须始终有一个用于身份验证的.npmrc
文件?