我在gitlab中有一个私有的dummy项目,我想把它发布到gitlab的软件包注册表中,我的dummy项目包含四个文件:
- 包. json**
{
"name": "@<my-group>/<my-project>",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"repository": {
"type": "git",
"url": "git+https://gitlab.com/<my-group>/<my-project>.git"
},
"keywords": [],
"author": "",
"license": "ISC",
"bugs": {
"url": "https://gitlab.com/<my-group>/<my-project>/issues"
},
"homepage": "https://gitlab.com/<my-group>/<my-project>#readme"
}- . gitlab-ci.yml格式*
image: node:latest
stages:
- deploy
deploy:
stage: deploy
script:
- echo "@<my-group>:registry=https://${CI_SERVER_HOST}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/">.npmrc
- echo "//${CI_SERVER_HOST}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=${CI_JOB_TOKEN}">>.npmrc
- npm publish- 索引. js**
console.log('success');- 自述文件. md**
<my-project>当我将项目提交到gitlab时,作业失败,并显示以下输出
npm notice package: @<my-group>/<my-project>@1.0.0
npm notice === Tarball Contents ===
npm notice 8B README.md
npm notice 20B index.js
npm notice 612B package.json
npm notice === Tarball Details ===
npm notice name: @<my-group>/<my-project>
npm notice version: 1.0.0
npm notice filename: <my-group>-<my-project>-1.0.0.tgz
npm notice package size: 475 B
npm notice unpacked size: 640 B
npm notice shasum: 7b3db...
npm notice integrity: sha512-xDv0dl9A86...
npm notice total files: 3
npm notice
npm notice Publishing to https://gitlab.com/api/v4/projects/<my-project-id>/packages/npm/ with tag latest and default access
npm ERR! code E403
npm ERR! 403 403 Forbidden - PUT https://gitlab.com/api/v4/projects/<my-project-id>/packages/npm/@<my-group>%2f<my-project> - insufficient_scope
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy, or
npm ERR! 403 on a server you do not have access to.- 注意:**在上面的代码中,我已经用
<my-group>,<my-project>,和<my-project-id>替换了实际的组名,项目名和项目ID。我已经按照gitlab的官方文档设置了这个(参见https://docs.gitlab.com/ee/user/packages/npm_registry/),我相信我可以安全地排除以下情况:
- 注意:**在上面的代码中,我已经用
- 我已确保在项目设置中启用了
Package registry - 我遵循了文档中描述的命名约定
- 我正在使用
CI_JOB_TOKEN,它应该始终有效,并且应该具有适当的权限。 - 我确保在给定的范围内没有其他具有相同名称或版本的包。
- 我已经确保了限定范围的包的URL包含一个尾部斜杠(参见上面的gitlab-ci.yml)
- 我已经确认了查询https://gitlab.com/api/v4/groups的
<my-group>名称空间的路径(只是为了确保根名称空间是正确的) - 我使用
npm init --scope=@<my-group> --yes进行初始化
存储库的url确实是:https://gitlab.com/<my-group>/<my-project>/
任何帮助让这个工作将不胜感激。
1条答案
按热度按时间kiz8lqtg1#
在将作业令牌
${CI_JOB_TOKEN}更改为部署令牌${CI_DEPLOY_PASSWORD}之后,我能够发布到注册表。有关预定义变量的详细信息,请参见Predefined variables reference。
Gitlab部署令牌可以在Settings〉Repository〉Deploy token下为项目创建,作用域如下:读取存储库、读取软件包注册表、写入软件包注册表