Iam struggling with permission error in using npm in Section 4: Building images
My problem is similar to:

However I can’t find the solution there, that’s why I am creating a new topic
When I follow the instructor still I get this permission error:

Dockerfile

FROM node:14.16.0-alpine3.13
RUN addgroup app && adduser -S -G app app
USER app
WORKDIR /app
COPY . .
RUN npm install
ENV API_URL=http://api.myapp.com/
EXPOSE 3000
CMD [“npm”, “start”]

Step 6/9 : RUN npm install
—> Running in 103nj60a010c2
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I’ll try to do my best with it!
npm WARN checkPermissions Missing write access to /app
npm ERR! code EACCES
npm ERR! syscall access
npm ERR! path /app
npm ERR! errno -13
npm ERR! Error: EACCES: permission denied, access ‘/app’
npm ERR! [Error: EACCES: permission denied, access ‘/app’] {
npm ERR! errno: -13,
npm ERR! code: ‘EACCES’,
npm ERR! syscall: ‘access’,
npm ERR! path: ‘/app’
npm ERR! }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator.

npm ERR! A complete log of this run can be found in:
npm ERR! /home/app/.npm/_logs/2021-04-02T22_17_49_152Z-debug.log

Then from the above this thread I updated my Docker file.

My new dockerfile contents:

FROM node:16.0.0-alpine3.13
RUN addgroup app && adduser -S -G app app
RUN mkdir /app && chown app:app /app
USER app

WORKDIR /app
COPY . .
RUN npm install

When I try to build the container I get this permission error:

npm ERR! code EACCES
npm ERR! syscall open
npm ERR! path /app/package-lock.json
npm ERR! errno -13
npm ERR! Error: EACCES: permission denied, open '/app/package-lock.json'
npm ERR!  [Error: EACCES: permission denied, open '/app/package-lock.json'] {
npm ERR!   errno: -13,
npm ERR!   code: 'EACCES',
npm ERR!   syscall: 'open',
npm ERR!   path: '/app/package-lock.json'
npm ERR! }
npm ERR! 
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR! 
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/app/.npm/_logs/2021-05-08T12_59_30_045Z-debug.log

I don’t understand, why I am getting this error as the parent directory is owned by the app user, and it also have permissions to read package.lock and package.json files.

If I remove the RUN npm install from Dockerfile and build the container, this is the output of ls -l

-rw-r--r--    1 root     root        660074 May  5 12:33 package-lock.json
-rw-r--r--    1 root     root           813 Mar  5 19:00 package.json

The other user have read permission. And that seems to be the permissions
npm install needs.
Why am I getting permission error here? Please help

I researched and tested for 6 Hours and found that the below SCRIPT 1 as shown in Mosh’s lecture video is working only if you use the same version of node in video.

SCRIPT 1 - From Video

FROM node:14.16.0-alpine3.13

RUN addgroup app && adduser -S -G app app
USER app

WORKDIR /app

RUN npm install
EXPOSE 3000

CMD [“npm”, “start”]

SCRIPT 2

Latest and other alpine versions have default use NODE which is overriding our app users so below is the solution to use both NODE user and our app users.

###Using custom user i.e. app###

FROM node:16.10.0-alpine3.14

RUN addgroup app && adduser -S -G app app

USER app

WORKDIR /app

COPY --chown=app:node package*.json ./

RUN npm install

COPY --chown=app:node . .

EXPOSE 3000

CMD [“npm”, “start”]

###Using default user i.e. node###

FROM node:16.10.0-alpine3.14

RUN addgroup app && adduser -S -G app app

USER app

WORKDIR /app

COPY --chown=node:node package*.json ./

RUN npm install

COPY --chown=node:node . .

EXPOSE 3000

CMD [“npm”, “start”]

Thank you! I was pulling my hair out… and I’m bald.

Hi

I was going to create a post with my solution as I encountered the same problem. The specific error was with package-lock.json so forcing the user and group of package*.json files to be ‘app’ seems to also work.

FROM node:16.14.0-alpine3.15
RUN addgroup app && adduser -S -G app app
USER app
WORKDIR /app
COPY --chown=app:app package*.json .
RUN npm install
COPY . .
ENV API_URL=http://api.blah.com
EXPOSE 3000

CMD ["npm", "start"]

Hi,

Thanks @Osama210690 and @shaunumb

I’ve tested and is working.

I checked Dockerfile command layer per layer and finally the “content of Dockerfile” is exactly the same with @shaunumb.

Here’s my Dockerfile:
Note: I’m using the latest node alpine version

FROM node:alpine 

RUN addgroup app && adduser -S -G app app
USER app

WORKDIR /app 
COPY --chown=app:app package*.json ./
RUN npm install 
COPY . .

EXPOSE 5173 

CMD ["npm", "run", "dev"]

Hi everybody,

I have the same issue with my Docker compose. I have a MERN Stack Application. When I Build my project with Docker compose on Windows it works fine but on Linux (Ubuntu) I got the following error in my React App container.
sh: react-scripts: permission denied

Here is my Project Structure

My Docker file in react-app

FROM node:16.14.0-alpine3.15
ENV NODE_ENV=production
WORKDIR /usr/src/react-app
COPY ["package.json", "package-lock.json*", "npm-shrinkwrap.json*", "./"]
RUN npm install
COPY . .
EXPOSE 3000
RUN chown -R node /usr/src/react-app
USER node
CMD ["npm", "start"]

Here is my script from package.json in react-app

"scripts": {
    "start": "react-scripts start",
    "build": "react-scripts build",
    "test": "react-scripts test",
    "eject": "react-scripts eject",
    "lint": "eslint --fix"
  },

I also tried the solution from @shaunumb but unfortunatily it does’nt work for me.
Any suggestions ?