不使用专用注册中心的Gitlab语义发布

Question

我试图使用语义发布发布到gitlab上的范围内的私有注册中心，但是我不断地出错，因为它试图针对公共注册中心而不是私有注册中心。

这是我的设置(有些东西模糊了)

package.json

    {
      "name": "@mygroup/npm_registry",
      "version": "1.0.12",
      "description": "Test",
      "main": "index.ts",
      "repository": "https://gitlab.com/mygroup/randomStuff/npm_registry",
      "author": "An author",
      "license": "UNLICENSED",
      "private": false,
      "scripts": {
        .....
           "semantic-release": "semantic-release"
      },
      "dependencies": {
      ......
      },
      "devDependencies": {
      .....
        "semantic-release": "^17.4.4",
        "@semantic-release/commit-analyzer": "^8.0.1",
        "@semantic-release/release-notes-generator": "^9.0.3",
        "@semantic-release/gitlab": "^6.2.1",
        "@semantic-release/npm": "^7.1.3",
        "@semantic-release/git": "^9.0.0"
      }
      .......
    "publishConfig": {
        "@mygroup:registry": "https://gitlab.com/api/v4/projects/XXXXXX/packages/npm/"
      }
    }

.npmrc ( authTokens是具有完全访问权限的个人令牌)

    //gitlab.com/api/v4/projects/XXXXXXX/packages/npm/:_authToken=YYYYYYYYYYYYYYYYY
    //gitlab.com/api/v4/packages/npm/:_authToken=YYYYYYYYYYYYYYYYY
    @mygroup:registry "https://gitlab.com/api/v4/packages/npm/"

.releaserc.json

    {
        "branches": ["main"],
        "plugins": [
          "@semantic-release/commit-analyzer",
          "@semantic-release/release-notes-generator",
          [
            "@semantic-release/gitlab",
            {
              "gitlabUrl": "https://gitlab.com",
              "gitlabApiPathPrefix": "/api/v4",
              "verifyConditions": []
            }
          ],
          "@semantic-release/npm",
          [
            "@semantic-release/git",
            {
              "assets": ["package.json"],
              "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
            }
          ]
        ]
      }

我尝试过多种从本地运行它的方法，这会多次提示我输入用户名和密码(对于密码，我使用了gitlab个人访问令牌)，并通过以下方式从CI/CD运行：

.gitlab-ci.yaml

    default:
      image: node:14.17
    
    variables:
      NPM_TOKEN: ${CI_JOB_TOKEN}
    
    stages:
      - publish
    
    Publish:
      stage: publish
      script:
        - mkdir -p /root/.config/git
        - echo https://myusername:XXXXXXXXXXXXX@gitlab.com/ > /root/.config/git/credentials
        - git config --global credential.helper store
        - GL_TOKEN=YYYYYYYYYYYYYY;NPM_TOKEN=YYYYYYYYYYYYYY; npm run semantic-release --debug

值得注意的是，CI/CD上的确切步骤已经发生了很大的变化，因为我已经测试了许多事情，比如没有在调用时传递vars，并确保它们都是在gitlab上直接设置的，但是没有任何工作。

对于环境变量，我有NPM_TOKEN、GL_TOKEN、GITLAB_TOKEN。

以下是本地运行时的实际错误：

>> @mygroup/npm_registry@1.0.12 semantic-release
>> semantic-release
>
>[11:36:42 a.m.] [semantic-release] › ℹ  Running semantic-release version 17.4.4
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "verifyConditions" from "@semantic-release/gitlab"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "verifyConditions" from "@semantic-release/npm"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "verifyConditions" from "@semantic-release/git"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "analyzeCommits" from "@semantic-release/commit-analyzer"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "generateNotes" from "@semantic-release/release-notes-generator"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "prepare" from "@semantic-release/npm"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "prepare" from "@semantic-release/git"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "publish" from "@semantic-release/gitlab"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "publish" from "@semantic-release/npm"
>[11:36:42 a.m.] [semantic-release] › ✔  Loaded plugin "addChannel" from "@semantic-release/npm"
>[11:36:42 a.m.] [semantic-release] › ⚠  This run was not triggered in a known CI environment, running in dry-run mode.
>j[11:36:56 a.m.] [semantic-release] › ⚠  Run automated release from branch main on repository https://gitlab.com/mygroup/randomStuff/npm_registry in dry-run mode
>[11:37:00 a.m.] [semantic-release] › ✔  Allowed to push to the Git repository
>[11:37:00 a.m.] [semantic-release] › ℹ  Start step "verifyConditions" of plugin "@semantic-release/gitlab"
>[11:37:00 a.m.] [semantic-release] [@semantic-release/gitlab] › ℹ  Verify GitLab authentication (https://gitlab.com/api/v4)
>[11:37:00 a.m.] [semantic-release] › ✖  Failed step "verifyConditions" of plugin "@semantic-release/gitlab"
>[11:37:00 a.m.] [semantic-release] › ℹ  Start step "verifyConditions" of plugin "@semantic-release/npm"
>[11:37:00 a.m.] [semantic-release] [@semantic-release/npm] › ℹ  Verify authentication for registry https://registry.npmjs.org/
>[11:37:00 a.m.] [semantic-release] [@semantic-release/npm] › ℹ  Reading npm config from /home/user/Work/git/npm_registry/.npmrc
>[11:37:00 a.m.] [semantic-release] [@semantic-release/npm] › ℹ  Wrote NPM_TOKEN to /tmp/6a8800c051f3e40927850be223835151/.npmrc
>npm ERR! code E401
>npm ERR! 401 Unauthorized - GET https://registry.npmjs.org/-/whoami
>
>npm ERR! A complete log of this run can be found in:
>npm ERR!     /home/user/.npm/_logs/2021-07-22T18_37_01_006Z-debug.log
>[11:37:01 a.m.] [semantic-release] › ✖  Failed step "verifyConditions" of plugin "@semantic-release/npm"
>[11:37:01 a.m.] [semantic-release] › ℹ  Start step "verifyConditions" of plugin "@semantic-release/git"
>[11:37:01 a.m.] [semantic-release] › ✔  Completed step "verifyConditions" of plugin "@semantic-release/git"
>[11:37:01 a.m.] [semantic-release] › ✖  EINVALIDNPMTOKEN Invalid npm token.
>The npm token (https://github.com/semantic-release/npm/blob/master/README.md#npm-registry-authentication) configured in the NPM_TOKEN environment variable must be a valid token (https://docs.npmjs.com/getting-started/working_with_tokens) allowing to publish to the registry https://registry.npmjs.org/.
>
>If you are using Two Factor Authentication for your account, set its level to "Authorization only" (https://docs.npmjs.com/getting-started/using-two-factor-authentication#levels-of-authentication) in your account settings. semantic-release cannot publish with the default "
>Authorization and writes" level.
>
>Please make sure to set the NPM_TOKEN environment variable in your CI with the exact value of the npm token.
>
>[11:37:01 a.m.] [semantic-release] › ✖  An error occurred while running semantic-release: HTTPError: Response code 403 (Forbidden)
>    at EventEmitter.<anonymous> (/home/user/Work/git/npm_registry/node_modules/got/dist/source/as-promise.js:118:31)
>    at processTicksAndRejections (internal/process/task_queues.js:93:5) {
>  pluginName: '@semantic-release/gitlab'
>}
>AggregateError: 
>    HTTPError: Response code 403 (Forbidden)
>        at EventEmitter.<anonymous> (/home/user/Work/git/npm_registry/node_modules/got/dist/source/as-promise.js:118:31)
>    SemanticReleaseError: Invalid npm token.
>        at module.exports (/home/user/Work/git/npm_registry/node_modules/@semantic-release/npm/lib/get-error.js:6:10)
>        at module.exports (/home/user/Work/git/npm_registry/node_modules/@semantic-release/npm/lib/verify-auth.js:26:33)
>        at async verifyConditions (/home/user/Work/git/npm_registry/node_modules/@semantic-release/npm/index.js:36:7)
>        at async validator (/home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/normalize.js:34:24)
>        at async /home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/pipeline.js:37:34
>        at async Promise.all (index 0)
>        at async next (/home/user/Work/git/npm_registry/node_modules/p-reduce/index.js:16:18)
>    at /home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/pipeline.js:54:11
>    at processTicksAndRejections (internal/process/task_queues.js:93:5)
>    at async Object.pluginsConf.<computed> [as verifyConditions] (/home/user/Work/git/npm_registry/node_modules/semantic-release/lib/plugins/index.js:80:11)
>    at async run (/home/user/Work/git/npm_registry/node_modules/semantic-release/index.js:95:3)
>    at async module.exports (/home/user/Work/git/npm_registry/node_modules/semantic-release/index.js:260:22)
>    at async module.exports (/home/user/Work/git/npm_registry/node_modules/semantic-release/cli.js:55:5)

当我在CI/CD中运行时，我得到了相同的信息。

不确定它是否有用，但以下是文件夹结构：

    .
    ├── dist
    │   └── ...
    ├── node_modules
    │   └── ...
    ├── src
    │   └── ...
    ├── types
    │   └── ...
    ├── .gitignore
    ├── .gitlab-ci.yml
    ├── .npmrc
    ├── .releaserc.json
    ├── package-lock.json
    ├── package.json
    └── tsconfig.json

如果这是配置问题，或者我使用的是语义包的不兼容版本，您知道吗？

编辑：，因此我意识到，如果在package.json上将私有字段从false更改为true，那么我就不再获得错误，语义发布实际上完成了一切，但是注册中心实际上没有发布任何包。注意到它说跳过了npm发布步骤，因为它被标记为私有。

Answer 1

这个解决方案是由语义发布github页面上的一个开发人员给我的，基本上可以归结为我有一个格式糟糕的.npmrc。

所以我的有：

@mygroup:registry "https://gitlab.com/api/v4/packages/npm/"

，但它应该是：

@mygroup:registry=https://gitlab.com/api/v4/packages/npm/

另一种在我知道实际问题之前绕过它的方法是：

export NPM_CONFIG_REGISTRY=https://gitlab.com/api/v4/projects/XXXX/packages/npm/

但这更多是一种解决办法，只能在运行语义发布时才能完成，而不是在此之前，因为它覆盖所有注册中心，因此无法安装任何公共包。

编辑:添加到github会话https://github.com/semantic-release/npm/issues/381的链接

Answer 2

before_script:
- whoami
- apt-get update && apt-get install -y --no-install-recommends git-core ca-certificates
- npm install @semantic-release/gitlab
- |
  {
    echo "@${CI_PROJECT_ROOT_NAMESPACE}:registry=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/npm/"
    echo "${CI_API_V4_URL#https?}/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=\${GITLAB_TOKEN}"
  } | tee -a .npmrc