How do I authenticate an npm registry from inside a Docker container in VSTS?

1
votes

I have a Docker Compose build task build out a Node.js project on VSTS. Because we're moving to a private npm registry on VSTS, this means the Docker container needs a way to authenticate with the registry to download packages.

Is there a way to send VSTS credentials to the Docker container so when it builds, it has access to the private npm registry?

I thought of hard-coding VSTS's generated npm credentials into the project's .npmrc file, but even in that case, it wouldn't build in VSTS giving me a "401 Unauthroized" when doing yarn install:

An unexpected error occurred: "https://[VSTS_NAME].pkgs.visualstudio.com/_packaging/[REGISTRY_NAME]/npm/registry/ajv/-/ajv-6.1.1.tgz: Request failed \"401 Unauthorized\"".

1
npmdocker-composeazure-devopsazure-pipelinesazure-pipelines-build-task
What's the code like in .npmrc file? Do you put the token in that file? (Click Generate npm credentials and copy to .npmrc file)starian chen-MSFT
I ended up doing that, but it has security implications, and those tokens only 3 month lifespan.Kevin Ghadyani

1 Answers

0
votes

You can store the token in the secret variable of VSTS build, then you can set the environment variable with that value through docker-compose (-e xx=xx).

Setting environment variables with ‘docker-compose run’

With this way, you can use that environment variable to update the .npmrc file in docker.

You also can update the .npmrc file before calling docker-compose during the vsts build.