Azure Devops: Cannot Build an Image using NPM private registry even after setting NPM Authenticate

Question

I am always getting an error on npm install after setting NPM Authenticate. I would like to authenticate to my npm private registry during image build and install all the dependencies I need. Maybe I misunderstood how this authentication process works but this is what I am doing:

Build pipeline

I tried establishing a service connection from the project settings page as in Service connections for builds and releases

After that, I also set up my NPM Authentication task following the steps in With a Task Runner (e.g. make gulp work)

But this is not working. These are the errors I am getting:

During 'NPM Authenticate' phase:

[warning]Found and overrode credentials for the myregistry.pkgs.visualstudio.com registry in the selected .npmrc file. Remove credentials from the file and store them in an npm service connection instead (recommended), or remove the npm Authenticate task from your build to use credentials checked into an .npmrc.

During 'Build an Image' phase:

Step 4/7 : RUN npm install --production ---> Running in 8724f713f1db [91mnpm ERR! code[0m[91m E404 [0m[91mnpm [0m[91mERR! 404[0m[91m Not Found: @myregistry/service-logging@latest npm ERR![0m[91m A complete log of this run can be found in: npm ERR!
/root/.npm/_logs/2018-09-11T04_20_00_513Z-debug.log [0mThe command '/bin/sh -c npm install --production' returned a non-zero code: 1 [error]The command '/bin/sh -c npm install --production' returned a non-zero code: 1 [error]/usr/local/bin/docker failed with return code: 1 [section]Finishing: Build an image

This is my .npmrc file:

unsafe-perm=true
package-lock=false
registry=https://myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/
always-auth=true
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:_authToken=${NPM_TOKEN}
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/:_authToken=${NPM_TOKEN}

And this is my Dockerfile:

FROM node:8.9-alpine

ARG NPM_TOKEN

WORKDIR /usr/src/srv/

COPY package.json package.json

COPY .npmrc .npmrc

RUN npm install --production

RUN rm -f .npmrc

COPY . .

EXPOSE 8080

CMD npm start

Any help to unblock me from this issue will be highly appreciated! Thanks!

Answer 1

I finally resolved this issue in my pipeline by removing the last two lines in my .npmrc file. the last line was causing an issue. After the NPM Authenticate task, my .npmrc file was being modified to:

unsafe-perm=true
package-lock=false
registry=https://myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/
always-auth=true

//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/:_authToken=${NPM_TOKEN}

//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:username=VssToken
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:_password=***
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:email=VssEmail
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:always-auth=true

Somehow, the following config was being taken into consideration and the config the NPM Authenticate inserted was being ignored, causing the pipeline error:

//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/:_authToken=${NPM_TOKEN}

Also, no need to include the following line since NPM Authenticate will do the job for you:

//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:_authToken=${NPM_TOKEN}

By removing the line above, this warning disappeared:

[warning]Found and overrode credentials for the myregistry.pkgs.visualstudio.com registry in the selected .npmrc file. Remove credentials from the file and store them in an npm service connection instead (recommended), or remove the npm Authenticate task from your build to use credentials checked into an .npmrc.

So, to conclude, just keep your .npmrc file as simple as this:

unsafe-perm=true
package-lock=false
registry=https://myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/
always-auth=true

Everything was fine with the Dockerfile.

Answer 2

I encountered this recently, Posting what I found out here in case it helps folks (or myself) in the future.

I was trying to authenticate against a private NPM feed during an Azure DevOps Pipeline build using the NpmAuthenticate task runner.

My initial pipeline looked like this:

- task: npmAuthenticate@0
  displayName: Authenticate Npm Feed
  inputs:
    workingFile: './source/WebApplication/.npmrc'
    customEndpoint: ExternalFeedServiceConnection

- task: Npm@1
  inputs:
    command: 'install'
    workingDir: ./source/WebApplication #path to package.json
    customRegistry: 'useNpmrc'
    displayName: Install NPM Packages

The Npm@1 task would continually fail with a login error. No matter what permutation was attempted. What finally worked was replacing it with a script step instead:

  - script: 'npm install'
    workingDirectory: ./source/WebApplication
    displayName: npm install

The script step appears to be executing the exact same command as the Npm@1 task, but is able to authenticate fine.

The npmAuthenticate azure devops task documentation vaguely suggests this, but it's unclear why it would work with a script step but not the Npm@1 task.