| //registry.npmjs.org/:_authToken=${NPM_TOKEN} | |
| save-exact=true | |
| loglevel=error |
The NPM_TOKEN environment variable (build argument) is generated by executing
npm login and extracting the token from ~/.npmrc.
See Deploying with npm private modules.
docker build -t [TAG] --build-arg NPM_TOKEN=00000000-0000-0000-0000-000000000000 .
# Or, with the token in a local environment variable...
export NPM_TOKEN=00000000-0000-0000-0000-000000000000
docker build -t [TAG] --build-arg NPM_TOKEN=$NPM_TOKEN .| FROM node:4.5 | |
| EXPOSE 8080 | |
| RUN groupadd -r nodejs \ | |
| && useradd -m -r -g nodejs nodejs | |
| ENV DUMB_INIT_URL https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 | |
| RUN wget -O /usr/local/bin/dumb-init ${DUMB_INIT_URL} \ | |
| && chmod +x /usr/local/bin/dumb-init | |
| USER nodejs | |
| RUN mkdir -p /home/nodejs/app | |
| WORKDIR /home/nodejs/app | |
| ARG NPM_TOKEN | |
| COPY package.json /home/nodejs/app/package.json | |
| COPY .npmrc /home/nodejs/app/.npmrc | |
| # NOTE! Copying .npmrc to the filesystem does not risk exposure of secrets | |
| # because rather than containing a secret, it references an environment | |
| # variable (NPM_TOKEN) that contains the secret and is set only during the build. | |
| RUN npm install && rm -f .npmrc | |
| COPY . /home/nodejs/app | |
| RUN npm run build | |
| CMD ["dumb-init", "npm", "start", "-s"] |