Why is this build stage in my gitlab pipeline failing with
npm Err! 401: Unable to authenticate, need: Basic realm="Artifactory Realm"
When I run the command $ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY it seems like I get correctly logged in. My correct username gets displayed and the global .npmrc file gets created in my home directory.
But when I run npm install or npm i --registry=https://<my_private_repo>.jfrog.io/<my_private_repo> it fails with a 401 error.
Following output am I seeing in the logs of my failed pipeline stage:
Pulling docker image node:14.15.4 ...
Using docker image sha256:924763541c... for node:14.15.4 with digest node@sha256:cb01e9d98a...
Preparing environment 00:01
Running on runner-ffeacb89-project-...-concurrent-0 via ....r.gitlab.host...
Getting source from Git repository 00:01
Fetching changes with git depth set to 50...
Reinitialized existing Git repository in /builds/gravity/my_test_project/.git/
Checking out 5f7... as dev...
Removing .gradle/
Skipping Git submodules setup
Restoring cache 00:06
Checking cache for my_test_project...
cache.zip is up to date
Successfully extracted cache
Executing "step_script" stage of the job script 01:07
Using docker image sha256:924763541c0c8b3839132... for node:14.15.4 with digest node@sha256:cb01e9d9... ...
$ export GRADLE_USER_HOME=`pwd`/.gradle
$ pwd
/builds/my_test_project
$ cd ~
$ npm install -g npm-cli-login
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
/usr/local/bin/npm-cli-login -> /usr/local/lib/node_modules/npm-cli-login/bin/npm-cli-login.js
> core-js@3.10.1 postinstall /usr/local/lib/node_modules/npm-cli-login/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"
+ npm-cli-login@0.1.1
added 634 packages from 451 contributors in 34.086s
$ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
info attempt registry request try #1 at 2:32:54 PM
http request PUT https://<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm/-/user/org.couchdb.user:<my_correct_username>
http 201 https://<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm/-/user/org.couchdb.user:<my_correct_username>
$ pwd
/root
$ cat .npmrc
//<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm//:_authToken=eyJ2...(very long token, looks correct)
$ echo 'always-auth = true' >> .npmrc
$ cat .npmrc
//<my_private_repo>.jfrog.io/<my_private_repo>/api/npm/npm//:_authToken=eyJ2...(very long token, looks correct)
always-auth = true
$ npm i -g @angular/cli
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
/usr/local/bin/ng -> /usr/local/lib/node_modules/@angular/cli/bin/ng
> @angular/cli@11.2.9 postinstall /usr/local/lib/node_modules/@angular/cli
> node ./bin/postinstall/script.js
+ @angular/cli@11.2.9
added 242 packages from 181 contributors in 12.287s
$ cd /builds/my_test_project/ui
$ printenv NPM_TOKEN
eyJ2Z...(my long token)
$ npm config set //registry.npmjs.org/:_authToken ${NPM_TOKEN}
$ npm install
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated axios@0.20.0: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated fsevents@2.1.3: "Please update to latest v2.3 or v2.2"
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm"
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-04-16T14_33_25_786Z-debug.log
Cleaning up file based variables 00:00
ERROR: Job failed: exit code 1
This is my build stage in the .gitlab-ci.yml file (Spring Boot Project)
build:
stage: build
image: node:14.15.4
script:
- pwd
- cd ~
- npm install -g npm-cli-login
- npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
- cat .npmrc
- echo 'always-auth = true' >> .npmrc
- cat .npmrc
- npm i -g @angular/cli
- cd /builds/myProjectFolder
- printenv NPM_TOKEN
- npm config set //myrepo.jfrog.io/myrepo/api/npm/npm//:_authToken ${NPM_TOKEN}
- npm install --registry=https://myrepo.jfrog.io/<my_private_repo>/api/npm/npm/
artifacts:
paths:
- app/src/ui/dist/dm-consent-page
expire_in: 5 days
I solved it by using this method: https://gruchalski.com/posts/2020-09-09-authenticate-to-private-jfrog-npm-registry/
After running this curl command I received everything that I needed to put into my global .npmrc file:
curl -u ${JFROG_USER}:${JFROG_ENCRYPTED_PASSWORD} https://${JFROG_ORG}.jfrog.io/${JFROG_ORG}/api/npm/auth
For anyone who's interested, the full script in my gitlab ci pipeline stage now looks like this:
script:
- npm -v
6.14.10
- node -v
v14.15.4
- cd ~
- pwd
/root
# install angular globally
- npm i -g @angular/cli
# create the config file '.npmrc' for authenticating at jFrog when running 'npm install'.
- cat > .npmrc
- echo _auth = ${NPM_AUTH_TOKEN} >> .npmrc <- This is the token that I received after running the curl command from the tutorial / link above
- echo always-auth = true >> .npmrc
- echo email = ${EMAIL} >> .npmrc
# the next line makes npm look for the packages that are annotated with @<my-private-repo> at the JFrog Repo.
- echo @<my-private-repo>:registry=${UI_JFROG_REGESTRY} >> .npmrc
# change back to the project folder.
- cd /builds/<my-project-folder>/ui
# install all packages + the <my-private-repo> package from JFrog.
- npm install