how to use npmauthenticate step within azure dev-ops pipeline and not invalidate docker cache
I'm building a dockerized angular project using CICD from azure-devops. In my pipeline, I have:
dependencies that are installed from npm and some that are via artifact feeds within azure.
I have added the required
.npmrcfile at the root of my project and this all works ok.
Within my pipeline, I'm using the npmAuthenticate step to grant authenticated access to the private registry. This step in turn appends a generated access token within .npmrc file.
- task: npmAuthenticate@0
inputs:
workingFile: $(System.DefaultWorkingDirectory)/.npmrc
feed: 'xxx-xx-xxx'
As the whole build process is within docker, when it comes to copying over the .npmrc file, this is invalidating the docker cache, as the file has changes within it.
FROM docker.io/node:lts-alpine AS builder
WORKDIR /app
COPY package*.json ./
COPY .npmrc .npmrc //cache invalidates from this point
RUN npm install
COPY . ./
RUN npm run build:project-x
Is there anyway to achieve authenticated access with the .npmrc file without invalidating the cache? I want my future builds to get quicker and utilise cache node_modules.
The npmAuthenticate@0 will append a generated access token into.npmrc file, which is designed behavior.
If you don't want the change on .npmrc file, you can go to DevOps target feed -> Connect to feed -> npm -> Other page, follow the step to set the .npmrc file(doc here).
- Copy the
authentication codeon the page directly to your .npmrc file, user level .npmrc is not needed. Replace your email in the file.
; begin auth token
....
; end auth token
- Generate the Base64 encoding based on the Personal access token on your local machine, copy and replace for
[BASE64_ENCODED_PERSONAL_ACCESS_TOKEN]in your devops .npmrc above. (make sure your account has related permission, eg: owner or contributor permisson on the target feed)
My .npmrc file for your reference:
You can remove npmAuthenticate@0 task, as it can directly use npm install command in pipeline now.
