Home > OS >  Npm permission denied on docker php:8.1.1-fpm-alpine3.15
Npm permission denied on docker php:8.1.1-fpm-alpine3.15

Time:06-27

I get the following error message when I try to spin up my service via docker-compose:

service_frontend | npm ERR! code 128

service_frontend | npm ERR! An unknown git error occurred

service_frontend | npm ERR! command git --no-replace-objects clone -b feature/WHITELABEL-212-skeletons-während-der-lad https://bjoernme:***@bitbucket.org/faaren/faaren-ui.git /root/.npm/_cacache/tmp/git-cloneBmjHnf --recurse-submodules --depth=1

service_frontend | npm ERR! fatal: could not create leading directories of '/root/.npm/_cacache/tmp/git-cloneBmjHnf': Permission denied

service_frontend |

service_frontend | npm ERR! A complete log of this run can be found in:

service_frontend | npm ERR! /root/.npm/_logs/2022-06-24T13_42_41_376Z-debug.log

service_frontend exited with code 128

I have tried multiple constellations with in my docker-compose.yml for the user property, starting from root, root:root, node:node, 1000:1000, UID:GID (variables are set to inject my local user id and group id.

The relevant part from my docker-compose.yml:

  service_frontend:
    build:
      context: /workspace/faaren-services/frontend
      dockerfile: Dockerfile
      args:
        dev: "true"
    command: bash -c "npm install --save-dev [email protected] && composer install && php artisan octane:start --server=swoole --host=0.0.0.0 --port=8080 --watch"
    user: root
    volumes:
      - /workspace/faaren-services/frontend:/var/www/html
      - ./docker-conf/supervisor/supervisord.conf:/etc/supervisor/conf.d/supervisord.conf
      - ./docker-conf/php/debugger.ini:/usr/local/etc/php/conf.d/debugger.ini

This is my local docker image:

FROM eu.gcr.io/faaren-prod/frontend-base-image:latest
COPY . /var/www/html
ARG dev=false
RUN if [ ${dev} = "true" ] ; then \
        set -ex \
        && apk add --no-cache npm \
        && mkdir -p /.npm \
        && mkdir -p /root/.npm/_cacache/tmp/ \
        && chmod 777 -R "/root/.npm/_cacache/tmp/" \
        && chmod 777 -R "/.npm" \
    fi ;

And this is our internal base image (which is based on the php:8.1.1-fpm-alpine3.15 image:

FROM php:8.1.1-fpm-alpine3.15
WORKDIR /var/www/html/

RUN apk add --no-cache --update git \
    npm 

RUN mkdir /.npm
RUN mkdir /.cache
RUN chown -R 1000:1001 "/.npm"
RUN chown -R 1000:1001 "/.cache"

CodePudding user response:

After digging deeper into this issue I found out, that in Node 16.15.1 all commands within a npm task are run as the user who owns the current working dir. So even when running npm i as root subcommands as git clone are run as the user the current working dir belongs to.

In my case, /var/www/html/ belongs to user:group 33333:33333. npm i was run as root. Coming to some git clone commands, those were run as user 33333. Therefor the user 33333 was not allowed to access the default cache npm folder under /root/.npm as this folder belongs to user root.

I fixed the problem the following way:

  • create a cache dir outside of root mkdir /var/www/.npm/cache
  • change ownership to 333333: chown -R 33333:33333 /var/www/.npm/cache
  • set new directory as npm cache dir: npm config set cache /var/www/.npm/cache --global
  • Related