diff --git a/.github/workflows/aps-cypress-e2e.yaml b/.github/workflows/aps-cypress-e2e.yaml index 9f1f7e170..282d1e916 100644 --- a/.github/workflows/aps-cypress-e2e.yaml +++ b/.github/workflows/aps-cypress-e2e.yaml @@ -16,6 +16,8 @@ env: GIT_COMMIT_AUTHOR: ${{ github.actor }} GIT_COMMIT_MESSAGE: ${{ github.event.head_commit.message }} GIT_REPO_URL: ${{ github.repository }} + # Optional: avoids npm 403 from registry when multiple images run npm install in parallel + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} jobs: cypress-run: diff --git a/docker-compose.yml b/docker-compose.yml index b39fe57c1..9028b31bd 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,6 +5,10 @@ x-common-variables: &common-variables KONG_PG_USER: konguser KONG_PG_PASSWORD: konguser +secrets: + npm_token: + environment: "NPM_TOKEN" + services: keycloak: image: quay.io/keycloak/keycloak:15.1.1 @@ -64,6 +68,8 @@ services: build: context: . dockerfile: ./local/portal/Dockerfile.E2E + secrets: + - npm_token env_file: - .env.local ports: @@ -80,6 +86,8 @@ services: build: context: ./feeds dockerfile: Dockerfile + secrets: + - npm_token env_file: - ./local/feeds/.env.local restart: on-failure @@ -208,6 +216,8 @@ services: build: context: ./local/cypress-jwks-url dockerfile: Dockerfile + secrets: + - npm_token volumes: - ./local/cypress-jwks-url:/src command: npm start @@ -237,6 +247,8 @@ services: build: context: . dockerfile: e2e/Dockerfile + secrets: + - npm_token volumes: - ./e2e/coverage:/e2e/coverage - ./e2e/results:/e2e/results diff --git a/e2e/Dockerfile b/e2e/Dockerfile index cb8708b7b..fa9bb88de 100644 --- a/e2e/Dockerfile +++ b/e2e/Dockerfile @@ -4,7 +4,9 @@ FROM cypress/included:13.17.0 WORKDIR /app COPY src/. ./ -RUN npm install --legacy-peer-deps +RUN --mount=type=secret,id=npm_token \ + ( [ ! -s /run/secrets/npm_token ] || npm config set //registry.npmjs.org/:_authToken="$(cat /run/secrets/npm_token)" ) && \ + npm install --legacy-peer-deps RUN npx nyc instrument --compact=false . --in-place @@ -14,7 +16,9 @@ WORKDIR /e2e RUN apt-get -y update; apt-get -y install curl COPY e2e/package.json /e2e COPY e2e/package-lock.json /e2e -RUN npm install +RUN --mount=type=secret,id=npm_token \ + ( [ ! -s /run/secrets/npm_token ] || npm config set //registry.npmjs.org/:_authToken="$(cat /run/secrets/npm_token)" ) && \ + npm install COPY e2e/cypress.config.ts /e2e COPY e2e/tsconfig.json /e2e diff --git a/feeds/Dockerfile b/feeds/Dockerfile index bfda758c6..6a0ec0d18 100644 --- a/feeds/Dockerfile +++ b/feeds/Dockerfile @@ -12,7 +12,9 @@ ENV APP_REVISION=${APP_REVISION} WORKDIR /app COPY package*.json ./ -RUN npm install +RUN --mount=type=secret,id=npm_token \ + ( [ ! -s /run/secrets/npm_token ] || npm config set //registry.npmjs.org/:_authToken="$(cat /run/secrets/npm_token)" ) && \ + npm install COPY . ./ diff --git a/local/cypress-jwks-url/Dockerfile b/local/cypress-jwks-url/Dockerfile index 34ab14541..cc5df2579 100644 --- a/local/cypress-jwks-url/Dockerfile +++ b/local/cypress-jwks-url/Dockerfile @@ -6,7 +6,9 @@ COPY package*.json / EXPOSE 3500 -RUN npm install +RUN --mount=type=secret,id=npm_token \ + ( [ ! -s /run/secrets/npm_token ] || npm config set //registry.npmjs.org/:_authToken="$(cat /run/secrets/npm_token)" ) && \ + npm install COPY . / diff --git a/local/portal/Dockerfile.E2E b/local/portal/Dockerfile.E2E index d0a18f2e6..b6986e4fb 100644 --- a/local/portal/Dockerfile.E2E +++ b/local/portal/Dockerfile.E2E @@ -16,7 +16,11 @@ COPY --chown=node src/*.json ./ COPY --chown=node src/nyc.config.js ./ -RUN npm install --legacy-peer-deps +USER root +RUN --mount=type=secret,id=npm_token \ + ( [ ! -s /run/secrets/npm_token ] || npm config set //registry.npmjs.org/:_authToken="$(cat /run/secrets/npm_token)" ) && \ + npm install --legacy-peer-deps && chown -R node:node /app +USER node COPY --chown=node src ./