Enable NPM Config at build time

Question

Enable NPM Config at build time

Opened this issue 6 years ago · 4 comments

In the dockerfile, allow NPM configs to be run.

Allow an argument variable be passed to the dockerfile that will be an array of strings. Each item in the array should used to do an NPM config.

for item in array_of_configs
do
npm config $item
done

apply to

Unfetter discover api

Answer 1 · 2018-11-05T11:42:14.000Z

This will be needed in unfetter-ui and most of the unfetter-store subprojects:

unfetter-ctf-ingest
unfetter-discover-api
unfetter-discover-processor
unfetter-threat-ingest
unfetter-socket-server

Basically, wherever there is a Dockerfile with an npm i[nstall] command.

Answer 2 · 2018-11-05T11:48:13.000Z

As for the concern re shell injection, I concur, but I know no other way, and the configurations we are talking about point to URLs, so I can't imagine how you can protect this.

Answer 3 · 2018-11-05T12:06:54.000Z

One last comment: The command should be npm config set <key> <value> [-g|--global]

I think that's going to affect the scripting; I know with Ansible you can use hashes in YAML files to have multiple values in a loop:

npm_configs:
  item1:
    key: key1
    value: value1
    global: false
  item2:
    key: key2
    value: value2
    global: true

then

tasks:
- name: Write npm configuration
  shell: npm config set {{ item.key }} {{ item.value }} {{  '-g' if item.global else '' }}
  with_dict: npm_configs

I guess this technique could be used to write the Dockerfile for each dev build.

Answer 4 · 2018-11-05T16:00:22.000Z

An alternative is to a .npmrc file ( https://docs.npmjs.com/files/npmrc ) and copy it into the image, which may be easier to manage vs build args. We could have ansible generate these files