Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Regression in 24.89.2 #9244

Closed
1 of 5 tasks
bytestream opened this issue Mar 22, 2021 · 8 comments
Closed
1 of 5 tasks

Regression in 24.89.2 #9244

bytestream opened this issue Mar 22, 2021 · 8 comments
Labels
status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality

Comments

@bytestream
Copy link
Contributor

What Renovate type, platform and version are you using?

GitLab self-hosted

Describe the bug

See #9211 (comment)

Relevant debug logs

See above

Have you created a minimal reproduction repository?

  • This is a really small bug, it does not need a reproduction (think small typo)
  • I have provided a minimal reproduction repository
  • I don't have time for that, but it happens in a public repository I have linked to
  • I don't have time for that, and cannot share my private repository
  • The nature of this bug means it's impossible to reproduce publicly

Additional context
@bytestream bytestream added priority-5-triage status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality labels Mar 22, 2021
@rarkins
Copy link
Collaborator

rarkins commented Mar 22, 2021

Where is the .npmrc coming from? i.e. the one referred to by Error: Failed to replace env in config: ${GITLAB_TOKEN}.

e.g. is it a .npmrc that's mounted into the home directory of the GitLab runner? I don't see it in the repository.

@github-actions
Copy link
Contributor

Thank you for providing a reproduction! 🎉 🚀

The Renovate team will take a look at the reproduction repository. Once we confirm the provided repository reproduces the problem, the label will be changed to reproduction:confirmed.

@bytestream
Copy link
Contributor Author

It's in the repository that renovate is running on: https://gitlab.com/bytestream/renovate-npm/-/blob/master/.npmrc

@rarkins
Copy link
Collaborator

rarkins commented Mar 22, 2021

I think it's possible that prior, Renovate used to delete that .npmrc file temporarily before running npm install. Would that have still worked?

@bytestream
Copy link
Contributor Author

Yes I think so too. I run npm config before running renovate which at the moment does the same thing as the .npmrc file, so I guess that's why it still works in v24.89.1

The .npmrc file is there to ease setup in the repository, and the environment variable replacement is a documented npm feature. https://docs.npmjs.com/using-private-packages-in-a-ci-cd-workflow#create-and-check-in-a-project-specific-npmrc-file

@rarkins
Copy link
Collaborator

rarkins commented Mar 22, 2021

If you are the owner of both the bot and the repos then setting trustLevel=high in config.js will mean that environment variables are used in .npmrc files.

@rarkins
Copy link
Collaborator

rarkins commented Mar 22, 2021

You can also manually configure using customEnvVariables, e.g.

  customEnvVariables: {
    GITLAB_TOKEN: process.env.GITLAB_TOKEN
  }

@bytestream
Copy link
Contributor Author

It looks like customEnvVariables has done the trick; I'll continue to monitor. Thanks very much @rarkins

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 22, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
status:requirements Full requirements are not yet known, so implementation should not be started type:bug Bug fix of existing functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bytestream @rarkins