I've been containerising all my projects at work recently to make the builds more consistent and ultimately to allow us to use those builds for production. I recently ran into the issue on our on premise installation of gitlab of how to pull git repo's as npm modules from our protected internal gitlab during continuous integration (CI) builds when using docker.
So in my package.json I had
"awesome-project": "git+ssh://[email protected]:some-group/awesome-project.git#1.1.0",
Which works when ran via the terminal on my machine but when running in a Docker, the ssh keys from my machine aren't there...
You have two options for local builds, for dev etc
Copy the ssh keys over (multi-stage builds)
I go over this in a previous post on how to do this securely.
Use an access token
This requires a bit of setup for each person that wants to use it but if your aim is to build the same container locally without too many changes then this is your best bet.
In your Dockerfile just before running npm install run the command
RUN sed -i 's/git+ssh:\/\/[email protected]:/git+https:\/\/oauth2:'$BUILD_TOKENemail@example.com\//' ./package.json
This command will search and replace and reference to gitlab and change your npm modules to be downloaded using your token rather than your ssh keys. Your package.json will now look like this:
Two changes here:
- The method of transfer has been changed from
- The user has been changed from
<token-value>is the access token created in gitlab.
You will also now need to run the build step with the
--build-arg option like so:
docker build --build-arg BUILD_TOKEN=<your access token> .
We can't do exactly the same in the CI build as it's not best practice to use your personal access token in CI builds.
Instead of using
oauth2:'$BUILD_TOKEN' as the user to connect to gitlab in the
package.json we use a special user named
gitlab-ci-token with the job token
So in your
Dockerfile before the npm install add the following:
RUN sed -i 's/git+ssh:\/\/[email protected]:/git+https:\/\/gitlab-ci-token:'$BUILD_TOKENfirstname.lastname@example.org\//' ./package.json
and in your
gitlab-ci.yml add the build arg to pass through the job token.
docker build --build-arg BUILD_TOKEN=$CI_JOB_TOKEN -t my-app .
And you're done! Now to make everything into a module!