[英]when `npm login` with correct account and password , why still get 'Incorrect username or password'?
[英]NPM Login without manually entering the username, password & email
我已經能夠手動登錄到我的 npm 注冊表,即:在我的本地機器上 - 但由於某種原因,它在通過 CI 時無法正常工作。 這里的問題是,在我執行npm login
命令后,程序正在等待手動用戶輸入(用戶名、密碼、電子郵件),我找不到在管道中發送這些輸入的方法(我不能進行手動用戶輸入):
我嘗試了這些不同的方法:
1.將npm身份驗證令牌從我的本地機器復制到gitlab CI/CD設置的環境變量中,然后將它們復制到根目錄下的global.npmrc中:這會導致錯誤(未經身份驗證):
$ cd ~ $ pwd /root $ echo "//<my_registry_url>:_authToken=$NPM_AUTH_TOKEN" > ~/.npmrc $ cat.npmrc <my_registry_url>:_authToken=[MASKED] //<-- the masked value is correct, I had it unmasked before once by mistake... $ npm whoami npm ERR. code ENEEDAUTH npm ERR: need auth This command requires you to be logged in. npm ERR. need auth You need to authorize this machine using `npm adduser` npm ERR: A complete log of this run can be found in: npm ERR: /root/.npm/_logs/2021-03-02T14_29_00_728Z-debug.log Cleaning up file based variables 00:00 ERROR: Job failed: exit code 1
2.安裝npm-cli-login,將用戶名、密碼和email用npm登錄命令一行傳進去
$ npm install -g npm-cli-login
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
added 567 packages, and audited 568 packages in 46s
33 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
// trying to login now
$ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
info attempt registry request try #1 at 6:17:19 AM
http request PUT [MASKED]-/user/org.couchdb.user:<my correct username>
http 201 [MASKED]-/user/org.couchdb.user:<my correct username> // the login seems to have worked, at least I don't get an error
// then I go to the home directory to check the .npmrc file
$ cd ~
$ pwd
/root
$ cat .npmrc
//<my_registry_url>:_authToken=<eyJ...rest of token> // <-- so this was created correctly at my npm-cli-login command
// then I go back to the angular project folder
$ cd /builds/<my path>/app/src/main/ui
$ ls
README.md
angular.json
browserslist
debug.log
e2e
package.json
src
tsconfig.app.json
tsconfig.spec.json
// and when I now run npm install, it says I'm not authenticated
$ npm install
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated axios@0.20.0: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/reques/request/issues/3142
npm WARN deprecated fsevents@2.1.3: "Please update to latest v2.3 or v2.2"
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm" // <-- HERE IT FAILED
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T06_44_42_972Z-debug.log
Cleaning up file based variables
00:01
ERROR: Job failed: exit code 1
3. 在我的 gitlab-ci.yml 中使用這樣的文檔:
- npm login --registry=<my_registry_url> << EOF
- $USERNAME
- $API_KEY
- $EMAIL
- EOF
這導致:
$ npm login --registry=<my_registry_url> << EOF
Username: npm WARN Name may not contain non-url-safe chars
Username: (echo $'\x1b[32;1m$ <my_username>\x1b[0;m') npm ERR! cb() never called!
npm ERR! This is an error with npm itself. Please report this error at:
npm ERR! <https://npm.community>
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T13_54_12_317Z-debug.log
ERROR: Job failed: exit code 1
上面的方法可能根本沒有錯,但不知何故,它只在.npmrc
文件中使用_auth
而不是_authToken
值后才對我有用。
此方法在此處和jfrog confluence站點上進行了描述。
運行此 curl 命令后,我收到了需要放入全局.npmrc
文件的所有內容:
curl -u ${JFROG_USER}:${JFROG_ENCRYPTED_PASSWORD} https://${JFROG_ORG}.jfrog.io/artifactory/api/npm/auth
對於任何感興趣的人,我的 gitlab ci 管道階段中的完整腳本現在看起來像這樣:
script:
- npm -v
6.14.10
- node -v
v14.15.4
- cd ~
- pwd
/root
# install angular globally
- npm i -g @angular/cli
# create the config file '.npmrc' for authenticating at jFrog when running 'npm install'.
- cat > .npmrc
- echo _auth = ${NPM_AUTH_TOKEN} >> .npmrc <- This is the token that I received after running the curl command from the tutorial / link above
- echo always-auth = true >> .npmrc
- echo email = ${EMAIL} >> .npmrc
# the next line makes npm look for the packages that are annotated with @<my-private-repo> at the JFrog Repo.
- echo @<my-private-repo>:registry=${UI_JFROG_REGESTRY} >> .npmrc
# change back to the project folder.
- cd /builds/<my-project-folder>/ui
# install all packages + the <my-private-repo> package from JFrog.
- npm install
我沒有使用不支持非交互性的npm login
,而是使用了 auth URL 和npmrc
。 但是,我只能使用私有 NPM 存儲庫,而不是使用https://registry.npmjs.org/ 。 我不確定 AUTH url 對於公共 NPM 注冊表是什么。 如果有人找到 NPM 的 AUTH url,請告訴我:)。
對於私有 NPM 存儲庫,您可以使用以下命令避免npm login
:
curl -u $USERNAME:$ACCESS_TOKEN https://company.jfrog.io/artifactory/api/npm/auth > ~/.npmrc
這使我們能夠避免不必要的依賴,並且是對 CI 作業的單行更改。
提示:
~/.npmrc
調整為.npmrc
以僅影響當前項目。> ~/.npmrc
並查看來自授權 URL 的 output 是什么。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.