今回仕事で任されたタスクをもう一度最初から作っていきます。
Project
同僚がFrontendチームで使うというVerdaccioを何の前知識もなくDockerizeして使えるようにしていく。元々同僚の頭の中では形があったようだが詳細は全く説明されず、最後あたりで説明された。。。
最終的に設定するもの
- docker-compose (Verdaccio, Verdaccio s3 plugin, https-portal)
- Bitbucket pipeline
- git hooks - post-receive
Usage
Verdaccioアクセスはhttps://<サイト>
A. Publish a package
1. チームの誰かがパッケージをパブリッシュする。
2. このパッケージはS3 bucketへ。
3. BitBucket Pipelineを通してプロダクションにデプロイ。
B. Add a new user
1. 新規ユーザーを追加>conf/htpasswdに追加される。
2. BitBucket Pipelineを通してプロダクションにデプロイ。
今回はその2aの設定
- Verdaccio & Redis (Dockerfile, config.yaml)+BitBucket plugin
- EC2 (docker, docker-compose, npm)
これはかなり長い時間をかけたけど結局できず、コメントを見る限り問題があるらしい。
Spec and Software
- Amazon Ubuntu Server 18.04
- Verdaccio
- Docker
Path
home/ubuntu/verdaccio-bb/
├── Dockerfile
├── conf
│ └── config.yaml
├── docker-compose.yaml
├── package.json
├── plugins
└── storage
verdaccio/conf/config.yaml
storage: /verdaccio/storage
auth:
bitbucket:
allow: TeamOne(admin|contributor|member)
ttl: 604800 # 7 days
defaultMailDomain: aaa.com <- #有無でテストした
hashPassword: true
cache: redis
redis:
host: 'redis'
port: 6379
prefix: 'verdaccio-bitbucket:'
listen:
0.0.0.0:4873
uplinks:
npmjs:
url: https://registry.npmjs.org/
packages:
'@mypackage/*':
access: TeamOne
publish: TeamOne # restrict to bitbucket teams
'@*/*':
access: $authenticated
publish: $authenticated
proxy: npmjs
'**':
proxy: npmjs
logs:
- {type: stdout, format: pretty, level: http}
verdaccio/package.json
適当に作る。
npm init
名前は上のポイントに合わせる
"name": "@mypackage/verdaccio",
docker-compose.yml
version: '3.1'
services:
verdaccio:
build:
context: ./
dockerfile: Dockerfile
container_name: "verdaccio"
networks:
- node-network
environment:
- VERDACCIO_PORT=4873
ports:
- "4873:4873"
volumes:
- "/home/ubuntu/verdaccio-bb/storage:/verdaccio/storage"
- "/home/ubuntu/verdaccio-bb/conf:/verdaccio/conf"
- "/home/ubuntu/verdaccio-bb/plugins:/verdaccio/plugins"
redis:
image: "redis"
container_name: "redis"
networks:
- node-network
ports:
- "6379:6379"
hostname: redis
networks:
node-network:
driver: bridge
Dockerfile
FROM verdaccio/verdaccio
USER root
ENV NODE_ENV=production
RUN apk add --no-cache --virtual .gyp \
python \
make \
g++
RUN npm i && npm install verdaccio-bitbucket
USER verdaccio
References
- https://verdaccio.org/docs/en/docker
- https://verdaccio.org/docs/en/configuration
- https://github.com/idangozlan/verdaccio-bitbucket
Tips
1) Redis設定
2) conf/config.yaml allowでチーム設定
Error Messages
1) Error: Request failed with status code 401
Useful commands
docker-compose up --force-recreate
docker exec -it --user=root verdaccio /bin/sh
Testing
1. docker起動
docker-compose up
expected logging
verdaccio | warn --- config file - /verdaccio/conf/config.yaml
verdaccio | warn --- Plugin successfully loaded: verdaccio-bitbucket
verdaccio | warn --- http address - http://0.0.0.0:4873/ - verdaccio/4.2.0
2. URLにアクセス
3. Login as a BitBucket user
logging
defaultMailDomain有り
A) "username"で試す。
trace--- authenticating for user <username> failed. Error: bad username/password, access denied
B) "username@aaa.com" で試す。
trace--- authenticating <email>@aaa.com
debug--- [bitbucket] getting teams for <email>@aaa.com@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=member&pagelen=100, role: member
debug--- [bitbucket] getting teams for <email>@aaa.com@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=contributor&pagelen=100, role: contributor
debug--- [bitbucket] getting teams for <email>@aaa.com@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=admin&pagelen=100, role: admin
warn --- undefined, user: <email>@aaa.com, Bitbucket API adaptor error: Request failed with status code 401
trace--- authenticating for user <email>@aaa.com failed. Error: Request failed with status code 401
C) "username..aaa" 以下とあるので..で試す。
Since the username for Bitbucket is the email addresses and cannot contain @, replace the @ with two periods .. The email address is then parsed and converted to a normal email address for authentication
trace--- authenticating for user <email>@aaa.com failed. Error: Request failed with status code 401
http <-- 401, user: null(80.2.21.161), req: 'POST /-/verdaccio/login', error: Request failed with status code 401
info <-- 80.2.21.161 requested 'POST /-/verdaccio/login'
trace--- authenticating <email>..aaa.com
debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=member&pagelen=100, role: member
debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=contributor&pagelen=100, role: contributor
debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=admin&pagelen=100, role: admin
trace--- authenticating for user <email>..aaa.com failed. Error: bad username/password, access denied
defaultMailDomain無し
A) "username"で試す。
verdaccio | trace--- authenticating <username>
verdaccio | debug--- [bitbucket] getting teams for <username>, url: https://api.bitbucket.org/2.0/teams?role=member&pagelen=100, role: member
verdaccio | debug--- [bitbucket] getting teams for <username>, url: https://api.bitbucket.org/2.0/teams?role=contributor&pagelen=100, role: contributor
verdaccio | debug--- [bitbucket] getting teams for <username>, url: https://api.bitbucket.org/2.0/teams?role=admin&pagelen=100, role: admin
verdaccio | trace--- authenticating for user <username> failed. Error: bad username/password, access denied
B) "email..aaa.com"で試す。
verdaccio | trace--- authenticating <email>..aaa.com
verdaccio | debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=member&pagelen=100, role: member
verdaccio | debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=contributor&pagelen=100, role: contributor
verdaccio | debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=admin&pagelen=100, role: admin
verdaccio | trace--- authenticating for user <email>..aaa.com failed. Error: bad username/password, access denied
C) "email@aaa.com"で試す。
verdaccio | trace--- authenticating <email>@aaa.com
verdaccio | debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=member&pagelen=100, role: member
verdaccio | debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=contributor&pagelen=100, role: contributor
verdaccio | debug--- [bitbucket] getting teams for <email>@aaa.com, url: https://api.bitbucket.org/2.0/teams?role=admin&pagelen=100, role: admin
verdaccio | trace--- authenticating for user <email>@aaa.com failed. Error: bad username/password, access denied
Issue 22
同じcurlをしてみる
curl -u user:password https://api.bitbucket.org/2.0/teams?role=member -v
エラーは出ない
* Connection #0 to host api.bitbucket.org left intact
{"pagelen": 10, "values": [], "page": 1, "size": 0}
これと同じcurlを使ってみる
https://github.com/idangozlan/verdaccio-bitbucket/blob/526ff1852a08727e9893d1e8c17c3762e2e4cb1f/src/bitbucket2.js#L40
エラーは出ない
{"pagelen": 10, "values": [], "page": 1, "size": 0}
結論
何日もかけたけどこれ以上時間を費やせないので途中断念。
使っている人がいたら教えてください。
その他読んだもの
app password
https://stackoverflow.com/questions/39886995/how-to-access-bitbucket-using-app-password
basic authentication deprecation
https://confluence.atlassian.com/cloud/deprecation-of-basic-authentication-with-passwords-for-jira-and-confluence-apis-972355348.html