Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Using a private package within package.json

See original GitHub issue

Hello,

We currently use a private package or repository within one of our services. We’re following this project and are running into the issue where we can’t install a package because it does not have permission to access our private repository.

[2/4] Fetching packages...
error Command failed.
Exit code: 128
Command: git
Arguments: ls-remote --tags --heads ssh://git@private.com:9999/secret/private.git
Directory: /opt
Output:
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I see a wide variety of ways to solve this problem. Some include copying the host SSH key into the container and others recommending the use of docker secrets. I would love to hear your recommendations and perhaps some project examples that solve this problem.

Might add that the example above uses yarn in our Dockerfile and we’re hosting our private code inside a private bitbucket instance.

Thanks!

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:6 (5 by maintainers)

github_iconTop GitHub Comments

3reactions
justinpagecommented, Mar 2, 2019

@brianupskill Apologies for the delay. Here is what we are using:

https://gist.github.com/justinpage/ea14a7a180fc3ba897ff602b7e4db5af

https://gist.github.com/justinpage/2e5d102f17bfeb3d170aac7ca9daeec2

They illustrate some of the initiatives mention in my previous comment. Have fun.

1reaction
BretFishercommented, Mar 19, 2019

If you can get away with using BuildKit in 18.09+, this works awesomely if you have ssh-agent setup locally and just want Docker builds to use your local keys.

Read more comments on GitHub >

github_iconTop Results From Across the Web

package.json - npm Docs
json are the name and version fields as they will be required. The name and version together form an identifier that is assumed...
Read more >
Create Your Own NPM Package — Private or Public - Medium
You can always have a private space in NPM registry, but you must pay for that service, hence in this article, I will...
Read more >
Installing private npm modules · Gemfury Dev Center
Once you have configured npm to use your Gemfury account, specifying dependencies and installing packages from package.json is the same as usual. Remember...
Read more >
Private vs. Restricted Node Packages: What's the Diff?
Marking a package as private ensures that its code will not be published, even accidentally. For instance, a one-off marketing site using React ......
Read more >
package.json - Yarn
The two most important fields in your package.json are name and version ... grant others the right to use a private or unpublished...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Wrong interval relation

Next page

Permission denied missing write access to /opt/app/node_modules