jfa*_*123 5 npm gitlab semantic-release
我正在尝试使用语义发布来发布到 gitlab 上的范围私有注册表,但我不断收到错误,因为它试图针对公共注册表而不是私有注册表进行身份验证。
\n这是我的设置(有些内容被遮挡)
\n包.json
\n\n {\n "name": "@mygroup/npm_registry",\n "version": "1.0.12",\n "description": "Test",\n "main": "index.ts",\n "repository": "https://gitlab.com/mygroup/randomStuff/npm_registry",\n "author": "An author",\n "license": "UNLICENSED",\n "private": false,\n "scripts": {\n .....\n "semantic-release": "semantic-release"\n },\n "dependencies": {\n ......\n },\n "devDependencies": {\n .....\n "semantic-release": "^17.4.4",\n "@semantic-release/commit-analyzer": "^8.0.1",\n "@semantic-release/release-notes-generator": "^9.0.3",\n "@semantic-release/gitlab": "^6.2.1",\n "@semantic-release/npm": "^7.1.3",\n "@semantic-release/git": "^9.0.0"\n }\n .......\n "publishConfig": {\n "@mygroup:registry": "https://gitlab.com/api/v4/projects/XXXXXX/packages/npm/"\n }\n }\n\n.npmrc(authTokens是具有完全访问权限的个人令牌)
\n\n //gitlab.com/api/v4/projects/XXXXXXX/packages/npm/:_authToken=YYYYYYYYYYYYYYYYY\n //gitlab.com/api/v4/packages/npm/:_authToken=YYYYYYYYYYYYYYYYY\n @mygroup:registry "https://gitlab.com/api/v4/packages/npm/"\n\n.releaserc.json
\n\n //gitlab.com/api/v4/projects/XXXXXXX/packages/npm/:_authToken=YYYYYYYYYYYYYYYYY\n //gitlab.com/api/v4/packages/npm/:_authToken=YYYYYYYYYYYYYYYYY\n @mygroup:registry "https://gitlab.com/api/v4/packages/npm/"\n\n我尝试了多种从本地运行它的方法,多次提示我输入用户名和密码(对于密码,我使用 gitlab 个人访问令牌),并使用以下 CI/CD 运行它:
\n.gitlab-ci.yaml
\n\n {\n "branches": ["main"],\n "plugins": [\n "@semantic-release/commit-analyzer",\n "@semantic-release/release-notes-generator",\n [\n "@semantic-release/gitlab",\n {\n "gitlabUrl": "https://gitlab.com",\n "gitlabApiPathPrefix": "/api/v4",\n "verifyConditions": []\n }\n ],\n "@semantic-release/npm",\n [\n "@semantic-release/git",\n {\n "assets": ["package.json"],\n "message": "chore(release): ${nextRelease.version} [skip ci]\\n\\n${nextRelease.notes}"\n }\n ]\n ]\n }\n\n值得注意的是,自从我一直在测试多项事情以来,CI/CD 上的确切步骤已经发生了很大变化,例如不传递调用中的变量并确保它们都直接在 gitlab 上设置,但没有任何效果。
\n对于环境变量,我有NPM_TOKEN, GL_TOKEN, GITLAB_TOKEN.
这是本地运行时的实际错误:
\n\n\nRun Code Online (Sandbox Code Playgroud)\n\n default:\n image: node:14.17\n \n variables:\n NPM_TOKEN: ${CI_JOB_TOKEN}\n \n stages:\n - publish\n \n Publish:\n stage: publish\n script:\n - mkdir -p /root/.config/git\n - echo https://myusername:XXXXXXXXXXXXX@gitlab.com/ > /root/.config/git/credentials\n - git config --global credential.helper store\n - GL_TOKEN=YYYYYYYYYYYYYY;NPM_TOKEN=YYYYYYYYYYYYYY; npm run semantic-release --debug\n\n
>> @mygroup/npm_registry@1.0.12 semantic-release\n>> semantic-release\n>\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x84\xb9 Running semantic-release version 17.4.4\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "verifyConditions" from "@semantic-release/gitlab"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "verifyConditions" from "@semantic-release/npm"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "verifyConditions" from "@semantic-release/git"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "analyzeCommits" from "@semantic-release/commit-analyzer"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "generateNotes" from "@semantic-release/release-notes-generator"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "prepare" from "@semantic-release/npm"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "prepare" from "@semantic-release/git"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "publish" from "@semantic-release/gitlab"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "publish" from "@semantic-release/npm"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Loaded plugin "addChannel" from "@semantic-release/npm"\n>[11:36:42 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9a\xa0 This run was not triggered in a known CI environment, running in dry-run mode.\n>j[11:36:56 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9a\xa0 Run automated release from branch main on repository https://gitlab.com/mygroup/randomStuff/npm_registry in dry-run mode\n>[11:37:00 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Allowed to push to the Git repository\n>[11:37:00 a.m.] [semantic-release] \xe2\x80\xba \xe2\x84\xb9 Start step "verifyConditions" of plugin "@semantic-release/gitlab"\n>[11:37:00 a.m.] [semantic-release] [@semantic-release/gitlab] \xe2\x80\xba \xe2\x84\xb9 Verify GitLab authentication (https://gitlab.com/api/v4)\n>[11:37:00 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x96 Failed step "verifyConditions" of plugin "@semantic-release/gitlab"\n>[11:37:00 a.m.] [semantic-release] \xe2\x80\xba \xe2\x84\xb9 Start step "verifyConditions" of plugin "@semantic-release/npm"\n>[11:37:00 a.m.] [semantic-release] [@semantic-release/npm] \xe2\x80\xba \xe2\x84\xb9 Verify authentication for registry https://registry.npmjs.org/\n>[11:37:00 a.m.] [semantic-release] [@semantic-release/npm] \xe2\x80\xba \xe2\x84\xb9 Reading npm config from /home/user/Work/git/npm_registry/.npmrc\n>[11:37:00 a.m.] [semantic-release] [@semantic-release/npm] \xe2\x80\xba \xe2\x84\xb9 Wrote NPM_TOKEN to /tmp/6a8800c051f3e40927850be223835151/.npmrc\n>npm ERR! code E401\n>npm ERR! 401 Unauthorized - GET https://registry.npmjs.org/-/whoami\n>\n>npm ERR! A complete log of this run can be found in:\n>npm ERR! /home/user/.npm/_logs/2021-07-22T18_37_01_006Z-debug.log\n>[11:37:01 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x96 Failed step "verifyConditions" of plugin "@semantic-release/npm"\n>[11:37:01 a.m.] [semantic-release] \xe2\x80\xba \xe2\x84\xb9 Start step "verifyConditions" of plugin "@semantic-release/git"\n>[11:37:01 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x94 Completed step "verifyConditions" of plugin "@semantic-release/git"\n>[11:37:01 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x96 EINVALIDNPMTOKEN Invalid npm token.\n>The npm token (https://github.com/semantic-release/npm/blob/master/README.md#npm-registry-authentication) configured in the NPM_TOKEN environment variable must be a valid token (https://docs.npmjs.com/getting-started/working_with_tokens) allowing to publish to the registry https://registry.npmjs.org/.\n>\n>If you are using Two Factor Authentication for your account, set its level to "Authorization only" (https://docs.npmjs.com/getting-started/using-two-factor-authentication#levels-of-authentication) in your account settings. semantic-release cannot publish with the default "\n>Authorization and writes" level.\n>\n>Please make sure to set the NPM_TOKEN environment variable in your CI with the exact value of the npm token.\n>\n>[11:37:01 a.m.] [semantic-release] \xe2\x80\xba \xe2\x9c\x96 An error occurred while running semantic-release: HTTPError: Response code 403 (Forbidden)\n> at EventEmitter.<anonymous> (/home/user/Work/git/npm_registry/node_modules/got/dist/source/as-promise.js:118:31)\n> at processTicksAndRejections (internal/process/task_queues.js:93:5) {\n> pluginName: \'@semantic-release/gitlab\'\n>}\n>AggregateError: \n> HTTPError: Response code 403 (Forbidden)\n> at EventEmitter.<anonymous> (/home/user/Work/git/npm_registry/node_modules/got/dist/source/as-promise.js:118:31)\n> SemanticReleaseError: Invalid npm token.\n> at module.exports (/home/user/Work/git/npm_registry/node_modules/@semantic-release/npm/lib/get-error.js:6:10)\n> at module.exports (/home/user/Work/git/npm_registry/node_modules/@semantic-release/npm/lib/verify-auth.js:26:33)\n> at async verifyConditions (/home/user/Work/git/npm_registry/node_modules/@semantic-release/npm/index.js:36:7)\n> at async validator (/home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/normalize.js:34:24)\n> at async /home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/pipeline.js:37:34\n> at async Promise.all (index 0)\n> at async next (/home/user/Work/git/npm_registry/node_modules/p-reduce/index.js:16:18)\n> at /home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/pipeline.js:54:11\n> at processTicksAndRejections (internal/process/task_queues.js:93:5)\n> at async Object.pluginsConf.<computed> [as verifyConditions] (/home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/index.js:80:11)\n> at async run (/home/user/Work/git/npm_registry/node_modules/semantic-release/index.js:95:3)\n> at async module.exports (/home/user/Work/git/npm_registry/node_modules/semantic-release/index.js:260:22)\n> at async module.exports (/home/user/Work/git/npm_registry/node_modules/semantic-release/cli.js:55:5)\n\n\n\n
通过 CI/CD 运行时我得到同样的结果
\n不确定它是否有帮助,但这也是文件夹结构:
\n\n .\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 dist\n \xe2\x94\x82\xc2\xa0\xc2\xa0 \xe2\x94\x94\xe2\x94\x80\xe2\x94\x80 ...\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 node_modules\n \xe2\x94\x82\xc2\xa0\xc2\xa0 \xe2\x94\x94\xe2\x94\x80\xe2\x94\x80 ...\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 src\n \xe2\x94\x82\xc2\xa0\xc2\xa0 \xe2\x94\x94\xe2\x94\x80\xe2\x94\x80 ...\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 types\n \xe2\x94\x82 \xe2\x94\x94\xe2\x94\x80\xe2\x94\x80 ...\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 .gitignore\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 .gitlab-ci.yml\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 .npmrc\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 .releaserc.json\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 package-lock.json\n \xe2\x94\x9c\xe2\x94\x80\xe2\x94\x80 package.json\n \xe2\x94\x94\xe2\x94\x80\xe2\x94\x80 tsconfig.json\n\n知道这是配置问题还是我正在使用不兼容版本的语义包?
\n编辑: \n所以我意识到,如果在 package.json 上将私有字段从 false 更改为 true,那么我不再收到错误,并且语义发布实际上完成了所有操作,但是实际上没有在注册表上发布包。注意到它说跳过了实际的 npm 发布步骤,因为它被标记为私有。
\n该解决方案是由语义发布 github 页面上的开发人员向我提供的,基本上可以归结为我的.npmrc.
所以我的有:
@mygroup:registry "https://gitlab.com/api/v4/packages/npm/"
@mygroup:registry=https://gitlab.com/api/v4/packages/npm/
在知道实际问题之前,我解决这个问题的另一种方法是:
export NPM_CONFIG_REGISTRY=https://gitlab.com/api/v4/projects/XXXX/packages/npm/
但这更多的是一种解决方法,只能在运行语义发布时完成,而不是之前完成,因为它会覆盖所有注册表,因此无法安装任何公共包。
编辑:添加 github 对话的链接https://github.com/semantic-release/npm/issues/381
| 归档时间: |
|
| 查看次数: |
3700 次 |
| 最近记录: |