Docker + Nodejs + Private Repo + Private NPM模块 – 访问问题

我正在使用Docker设置Node.js服务的部署。

我所拥有的Dockerfile是从网上的各种示例拼凑而成的。 Dockerfile的目录包括:

  • Dockerfile
  • id_rsa
  • start.sh

这是Dockerfile:

FROM ubuntu:13.10 # make sure apt is up to date RUN apt-get update # install npm, git, ssh, curl RUN apt-get install -y npm git git-core ssh curl RUN mkdir /nodejs && curl http://nodejs.org/dist/v0.10.31/node-v0.10.31-linux-x64.tar.gz | tar xvzf - -C /nodejs --strip-components=1 # Fixes empty home ENV PATH $PATH:/nodejs/bin ENV HOME /root # SSH SETUP RUN mkdir -p /root/.ssh ADD id_rsa /root/.ssh/id_rsa RUN chmod 700 /root/.ssh/id_rsa RUN echo "IdentityFile /root/.ssh/id_rsa" >> /root/.ssh/ssh_config RUN ssh-keyscan github.com >> /root/.ssh/known_hosts ADD start.sh /tmp/ RUN chmod +x /tmp/start.sh CMD ./tmp/start.sh 

设置完成后,start.sh会运行,并且遇到私有Node.js服务具有的私人NPM依赖性问题。 这是start.sh正在做的事情:

 cd /tmp # try to remove the repo if it already exists rm -rf MediaFX; true git clone https://<username>:<password>@github.com/company/ExampleRepo.git cd RepoName node --version ls npm install NODE_ENV=test DEBUG=* PORT=3000 node server.js 

在ExampleRepo的package.json中,有一个我们像这样导入的私有模块:

 "dependencies": { "scribe": "git+ssh://git@github.com:Company/PrivateDep.git" }, 

当npm安装到这个回购时,它输出这些日志:

 npm ERR! git clone git@github.com:InboxAppCo/scribe.git Cloning into bare repository '/root/.npm/_git-remotes/git-github-com-InboxAppCo-scribe-git-abae334a'... npm ERR! git clone git@github.com:InboxAppCo/scribe.git npm ERR! git clone git@github.com:InboxAppCo/scribe.git Warning: Permanently added the RSA host key for IP address '192.30.252.130' to the list of known hosts. npm ERR! git clone git@github.com:InboxAppCo/scribe.git Permission denied (publickey). npm ERR! git clone git@github.com:InboxAppCo/scribe.git fatal: Could not read from remote repository. npm ERR! git clone git@github.com:InboxAppCo/scribe.git npm ERR! git clone git@github.com:InboxAppCo/scribe.git Please make sure you have the correct access rights npm ERR! git clone git@github.com:InboxAppCo/scribe.git and the repository exists. npm ERR! Error: `git "clone" "--mirror" "git@github.com:InboxAppCo/scribe.git" "/root/.npm/_git-remotes/git-github-com-InboxAppCo-scribe-git-abae334a"` failed with 128 npm ERR! at ChildProcess.cpclosed (/usr/share/npm/lib/utils/exec.js:59:20) npm ERR! at ChildProcess.EventEmitter.emit (events.js:98:17) npm ERR! at Process.ChildProcess._handle.onexit (child_process.js:789:12) npm ERR! If you need help, you may report this log at: npm ERR! <http://bugs.debian.org/npm> npm ERR! or use npm ERR! reportbug --attach /tmp/MediaFX/npm-debug.log npm npm ERR! System Linux 3.16.4-tinycore64 npm ERR! command "/usr/bin/nodejs" "/usr/bin/npm" "install" npm ERR! cwd /tmp/MediaFX npm ERR! node -v v0.10.15 npm ERR! npm -v 1.2.18 

我认为,因为私人节点服务的git克隆工作正常,任何私人NPM依赖关系将顺利安装。

我相当肯定,我的SSH设置是有缺陷的(而且它没有performance出自己,而git克隆私人父母回购),因为我添加用户名和密码的链接。 但是,我不确定,并会如何正确地做到这一点将不胜感激。

git clone https://<username>:<password>@github.com/company/ExampleRepo.git

工作,因为你传递的usernamepassword ,并通过https

 "dependencies": { "scribe": "git+ssh://git@github.com:Company/PrivateDep.git" }, 

因为你通过ssh直接连接,并且Docker不会从主机执行任何ssh agent转发。

不幸的是,它看起来不像npm支持任何URL格式发送用户名和密码像你的克隆线: https : //docs.npmjs.com/files/package.json#git-urls-as-dependencies

您必须将您的ssh密钥添加到泊坞窗容器(Not Reccomended)

或者做一些像主机一样分享你SSH_SOCKET的东西,如:

https://gist.github.com/d11wtq/8699521

以下是我今天晚上尝试实施的方法:

 docker create --build-arg TOKEN <my priv token> <dockerFile> 

也许在Docker文件中声明arg?

 ARG TOKEN 

那么在脚本中有npm install依赖关系使用那个TOKEN

 "privModule": "git+https://${TOKEN}:x-oauth-basic@github.com/<githubID>/<privateModule>.git" 

如果这不起作用,以某种方式replacepackage.json中的var(使用sed)或让npm使用环境var。