Docker-node: What would be a good way to configure yarn/npm to consume a private registry?

Created on 31 May 2017  路  9Comments  路  Source: nodejs/docker-node

I have had a hard time trying to consume my private registry recently (I'm using https://github.com/verdaccio/verdaccio) from within the container. I'm not sure if this would be the right channel to do this but I would like to share how I've managed to accomplish it.

Since I have began using both Docker and Node very recently I guess this might not be a "pretty" solution, so If you have a finer one I'd be very thankful if you could share it.

In order to make this solution compatible for both my local environment and docker build (also for both yarn and npm), I've set the following environment variables:

.env:

NPM_REGISTRY_HOST=my-private-registry.domain.com
NPM_REGISTRY_PORT=4873
NPM_REGISTRY_PROTOCOL=http
NPM_REGISTRY_TOKEN=MY_S3CR3T_T0K3N

I have places this .npmrc in my project's root directory:

registry=${NPM_REGISTRY_PROTOCOL}://${NPM_REGISTRY_HOST}:${NPM_REGISTRY_PORT}/
_auth=${NPM_REGISTRY_TOKEN}
always-auth=true

Here's my Dockerfile (note that my project requires to build bcrypt so I'm installing some virtual dependencies):

FROM node:7-alpine

LABEL maintainer "Rafael Willians <[email protected]>"

ARG NPM_REGISTRY_HOST
ARG NPM_REGISTRY_PORT="4873"
ARG NPM_REGISTRY_PROTOCOL="https"
ARG NPM_REGISTRY_TOKEN

RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app

COPY .npmrc .
COPY package.json .
RUN time apk add --no-cache --virtual .build-deps \
        binutils-gold \
        curl \
        g++ \
        gcc \
        gnupg \
        libgcc \
        linux-headers \
        make \
        python \
    && time yarn --no-emoji --prod \
    && apk del .build-deps

COPY . .

RUN rm .npmrc

EXPOSE 3000

And here's how I've passed my local environment variables from my docker-compose.yml:

version: '3'

services:
    auth:
        build:
            context: .
            args:
                NPM_REGISTRY_HOST: ${NPM_REGISTRY_HOST}
                NPM_REGISTRY_PORT: ${NPM_REGISTRY_PORT}
                NPM_REGISTRY_PROTOCOL: ${NPM_REGISTRY_PROTOCOL}
                NPM_REGISTRY_TOKEN: ${NPM_REGISTRY_TOKEN}
        command: yarn start
        environment:
            DEBUG: '*:server'
            NODE_ENV: ${NODE_ENV}
        expose:
            - 3000
        ports:
            - '3000:3000'

Edited:
this "solution" actually didn't work as expected. It only worked at the beginning because my private registry was configured to allow anonymous users to download private packages. Already fixed that.

picture rwillians
🎉1

Most helpful comment

@Starefossen npm_config_registry helped a lot, thanks!

I needed to go a little bit further to make it work as I needed. You see, my registry host is also a dynamic address, so I can't afford to have a .npmrc files with that //my-registry.foo.bar/:_authToken="$3CR3T", but I've accomplish to set everything using only environment variables.

I had to look into npm source code in order to learn how to do it, but worthed the time.

So if anyone out there is looking for how to set a private registry and its auth using only environment variables, here's how you can do it:

NPM_CONFIG_REGISTRY=http://my.private.registry:4873/
NPM_CONFIG_USERNAME=username
NPM_CONFIG_EMAIL=email
NPM_CONFIG__PASSWORD=secret

I hope it can save someone else a bit of time.

picture rwillians on 1 Jun 2017
👍2

All 9 comments

Actually you can set registry URL using the npm_config_registry environment variable.

Starefossen picture Starefossen on 31 May 2017

Related npm discussion npm/npm#8356

Starefossen picture Starefossen on 31 May 2017

Thanks @Starefossen! This seems to be a VERY straightforward solution, I'll try it out.

rwillians picture rwillians on 31 May 2017

@Starefossen npm_config_registry helped a lot, thanks!

I needed to go a little bit further to make it work as I needed. You see, my registry host is also a dynamic address, so I can't afford to have a .npmrc files with that //my-registry.foo.bar/:_authToken="$3CR3T", but I've accomplish to set everything using only environment variables.

I had to look into npm source code in order to learn how to do it, but worthed the time.

So if anyone out there is looking for how to set a private registry and its auth using only environment variables, here's how you can do it:

NPM_CONFIG_REGISTRY=http://my.private.registry:4873/
NPM_CONFIG_USERNAME=username
NPM_CONFIG_EMAIL=email
NPM_CONFIG__PASSWORD=secret

I hope it can save someone else a bit of time.

rwillians picture rwillians on 1 Jun 2017
👍2

Thanks for sharing @rwillians 馃憤馃徏馃槃

Starefossen picture Starefossen on 1 Jun 2017

Can we close then?

LaurentGoderre picture LaurentGoderre on 1 Jun 2017

@LaurentGoderre yes

Just one more thing: it didn't work seamlessly for yarn, but I managed to work around by using basic auth.

NPM_CONFIG_USERNAME=user
NPM_CONFIG__PASSWORD=secret
NPM_CONFIG_EMAIL=user@provider
NPM_CONFIG_REGISTRY=http://$NPM_CONFIG_USERNAME:[email protected]:4873/
rwillians picture rwillians on 2 Jun 2017
👍1

Easier urlencode (no backslashes => survives misguided de-/quoting):

od -An -v -t x1 -w65536 | tr ' ' '%'

65536 = 256^2 is the maximum width that my od can use without the bug of prefixing lots of %.

PS: Why the -e option in your echo command? Shouldn't the password config var store the password verbatim?

mk-pmb picture mk-pmb on 4 Jun 2017

@mk-pmb thanks for sharing. That's just a partial snippet from stackoverflow, I have a very limited experience with bash scripting.

In order to avoid further discussion off-topic, I'll change my snippet to use a password with no special chars.

rwillians picture rwillians on 5 Jun 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

danbev picture danbev  路  3Comments
austinfrey picture austinfrey  路  3Comments
frankbaele picture frankbaele  路  3Comments
dionysiusmarquis picture dionysiusmarquis  路  3Comments
kmleow picture kmleow  路  5Comments