[英]Jenkins npm build using Github personal access token
I have an npm package that depends on a repo in a private github server in its package.json: 我有一个依赖于私有github服务器package.json中的仓库的npm软件包:
"my-package": "git+https://private.github.example.com/my-org/my-package.git"
The github server is secured with personal access tokens (which are used as passwords during authentication). github服务器由个人访问令牌(在身份验证期间用作密码)保护。 In local builds, users can store their
.gitcredentials
for https://private.github.example.com and git will automatically use them to access the github repository during the npm build. 在本地构建中,用户可以将其
.gitcredentials
存储为https://private.github.example.com,并且git将在npm构建期间自动使用它们来访问github存储库。
I also have a technical user in a Jenkins which in general has access to the github server via a personal access token. 我在Jenkins中也有一个技术用户,该用户通常可以通过个人访问令牌访问github服务器。 However Jenkins uses those credentials only to check out from the github server and the credentials for that appear only to be bound to the github api url, not to git checkouts from any repo on that server that occur during the Jenkins Job.
但是,Jenkins仅使用这些凭据从github服务器中签出,并且该凭据似乎仅绑定到github api url,而不是在Jenkins Job期间从该服务器上的任何存储库中进行git checkout。
I have seen https://support.cloudbees.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs , which describes how to define credentials and inject them into build scripts as environment vars. 我看过https://support.cloudbees.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs ,它描述了如何定义凭据并将其作为环境变量注入到构建脚本中。 However, I do not think it is a good idea to introduce environment variables in a package.json, if that is possible at all.
但是,如果有可能的话,我认为在package.json中引入环境变量不是一个好主意。
How can I make credentials defined by the credentials plugin accessible for git during npm builds? 如何在npm构建期间使git可以访问凭据插件定义的凭据?
使用秘密存储中的凭据在代理上编写一个.gitcredentials文件,然后在发布步骤中再次对其进行清理。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.