Is it possible to use gitlab's package repository to feed our npm packages as well as public packages online.
On proget it is possible to register common npm packages and my private npm packages under the same URL using a proxy. Is it possible to do the same with Gitlab so that pointing to gitlab's repository in the .npmrc would be enough to install all the dependencies ?
Yes, you can have a different registry for your personal packages and e.g. company packages. You can reference them by #my-gitlab-username/foo-package or #company/bar-package.
NPM packages hosted on npmjs.com which get installed by npm install <package> will always be resolved if the lookup on your provided Gitlab package registry fails. Usually you do not have to provide a separate proxy.
Multiple private/non-public registries can be targeted by using npm install #company/<package>. So there should be no issue in targeting multiple Proget and/or Gitlab npm registries at the same time.
Authentification is described here: https://stackoverflow.com/a/42648251/4236831
Related
I have a situation where there was an update in one of npm packages I use in my project, but author didn't publish it on npmjs registry, so up to date code sits in gitlab only.
What would be the best solution to get updated version of code? I believe there is a way to add dependency to project which will be downloaded from gitlab or github public repository directly? Is it possible to compile it like in npmjs as well?
Yes, you could install a dependency from a git repository directly. As can be seen in the npm docs. You can straight install a Git Remote repository like this:
npm install <git remote url>
e.g.
npm install git://github.com/npm/cli.git
But beware that installing directly from the source git might have unintended side effects (missing build files, additional documentation files in general changes to the npmjs Version).
Also installing from the repository I would recommend you install from a specific commit/Tag.
My company only can use the Intranet, so I set up a Nexus and create a proxy registry to npm install, but I found there are some modules need pull from github. How can I get these modules from Intranet?
I would like to install repos to a parent repo and specify by branch name.
I have tried the following:
npm install username/repo#branchName --save
npm install username/repo#branchName --save
npm install username/repo#tag --save
npm install username/repo#tag --save
I'm getting an error that says:
Could not install from {theRepoWithBranch} as it does not contain a package.json file.
The repo definitely contains a package.json file.
I'm wondering if this is a permissions issue given I'm using an enterprise npm registry.
npm/npm issue 19788 does mention:
Currently, npm does not support installation of modules from git services hosted on private domain names.
That includes both Github for Enterprise on custom domains as well as instances of gitlab, gitea, gogs, bitbucket and many others, basically anything hosted on a custom domain name.
With the comment:
So, obviously you reference installing via an http(s):// URL directly, but just as an fyi, our GitLab Enterprise instance allows us to install using a slightly different format.
We have 2FA enabled, so it requires SSH to be used.
From the docs.
npm install <git-host>:<git-user>/<repo-name>
npm install <git repo url>
We were able to actually install our repos like this:
npm install git+ssh://git#gitlab.mydomain.com:user/repo.git
So this is more a URL format combined with permission issue.
Regarding the branch, as seen here, your syntax is correct.
And:
if I prepend git+ on the HTTPS URL it works (I run gitea which accepts basic auth)
See also npm/hosted-git-info PR 30
I'm using Artifactory to pull npm packages. One of the packages that I use is stored privately and in order to access it the publisher gave me an authentication token.
I was asked to add //registry.npmjs.org/:_authToken=<private_token> to .npmrc, however my environment use Artifactory as a proxy for the public npm registry. How can I configure an authentication token geared specifically for the package?
You can use virtual repo concept of artifactory. You can upload the custom packages into your local repo and a common repo that will get the packages from the npm
I'm working in an environment where artifactory does not have internet access. We would like to use artifactory as a npm registry and host. Is it possible to upload external dependencies and their transitive dependencies?
For example: I'm on a computer with internet access and downloaded webpack and all its dependencies using npm install. Now I go to a different network with artifactory access and want to upload my node_modules Folder. Does that work somehow?
In addition to Artifactory's proxy/caching features, it can also host multiple local repositories (such as npm repositories) in it. This basically means that you can create an npm local repository in Artifactory and deploy any npm *.tgz packages (your dependencies) into this repository and Artifactory will generate the relevant metadata for your client. All you'll need to do is to deploy the relevant packages and configur your npm clients to resolve from Artifactory.
I have recently made an node module that should help with this problem.
You give it a list of packages that you want downloaded and it will download the packages with all dependencies as a tar.gz. It will then save them in the original npm folder structure, and create a tar.gz with everything inside.
You can then take the tar.gz with all your dependencies and deploy it to Artifactory using the deploy wizard.
When you deploy, select the checkbox "Deploy as Bundle Artifact". This will extract the tar.gz of packages and load them into the npm repository. Artifactory will read the package.json of all packages, and will load the relevant information, allowing you to pull packages with npm.
The package is called package-bundle, and can be downloaded from npm using npm install -g package-bundle
To download packages you can run the command pb bluebird express#1.0.1, which will fetch the specified packages, and all the required dependencies.