docker build + private NPM (+ private docker hub)
I have an application which runs in a Docker container. It requires some private modules from the company's private NPM registry (Sinopia), and accessing these requires user authentication. The Dockerfile is FROM iojs:latest.
I have tried:
1) creating an .npmrc file in the project root, this actually makes no difference and npm seems to ignore it
2) using env variables for NPM_CONFIG_REGISTRY, NPM_CONFIG_USER etc., but the user doesn't log in.
Essentially, I seem to have no way of authenticating the user within the docker build process. I was hoping that someone might have run into this problem already (seems like an obvious enough issue) and would have a good way of solving it.
(To top it off, I'm using Automated Builds on Docker Hub (triggered on push) so that our servers can access a private Docker registry with the prebuilt images.)
Are there good ways of either: 1) injecting credentials for NPM at build time (so I don't have to commit credentials to my Dockerfile) OR 2) doing this another way that I haven't thought of ?
Answer
I found a somewhat elegant-ish solution in creating a base image for your node.js / io.js containers (you/iojs):
- log in to your private npm registry with the user you want to use for docker
- copy the
.npmrcfile that this generates
Example .npmrc:
registry=https://npm.mydomain.com/
username=dockerUser
[email protected]
strict-ssl=false
always-auth=true
//npm.mydomain.com/:_authToken="someAuthToken"
- create a
Dockerfilethat copies the.npmrcfile appropriately.
Here's my Dockerfile (based on iojs:onbuild):
FROM iojs:2.2.1
MAINTAINER YourSelf
# Exclude the NPM cache from the image
VOLUME /root/.npm
# Create the app directory
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
# Copy npm config
COPY .npmrc /root/.npmrc
# Install app
ONBUILD COPY package.json /usr/src/app/
ONBUILD RUN npm install
ONBUILD COPY . /usr/src/app
# Run
CMD [ "npm", "start" ]
- Make all your node.js/io.js containers
FROM you/iojsand you're good to go.