NPM fallback dependency URL - npm

I have a npm dependency in my project which is pointing to a private git repo. Unfortunately the git repo link does not work in my local but it works fine when we do a jenkins build since that git repo link only allows certain whitelisted ip's (i.e. jenkins ip address).
I have looked into apache proxypass and verdaccio but I am not sure if that is the right approach for this
dependencies": {
"api-module": "git+https://example/repo-name.git",
},
Locally, I want https://example/repo-name.git to route to https://differentUrl/repo-name.git when I do npm install but don't want to update package.json

I had to setup a host entry and provide an alias to that

Related

How can I use Nexus proxy registry to npm install the node_modules from Github

My company only can use the Intranet, so I set up a Nexus and create a proxy registry to npm install, but I found there are some modules need pull from github. How can I get these modules from Intranet?

How do you install a repo by branch name in a github enterprise repo?

I would like to install repos to a parent repo and specify by branch name.
I have tried the following:
npm install username/repo#branchName --save
npm install username/repo#branchName --save
npm install username/repo#tag --save
npm install username/repo#tag --save
I'm getting an error that says:
Could not install from {theRepoWithBranch} as it does not contain a package.json file.
The repo definitely contains a package.json file.
I'm wondering if this is a permissions issue given I'm using an enterprise npm registry.
npm/npm issue 19788 does mention:
Currently, npm does not support installation of modules from git services hosted on private domain names.
That includes both Github for Enterprise on custom domains as well as instances of gitlab, gitea, gogs, bitbucket and many others, basically anything hosted on a custom domain name.
With the comment:
So, obviously you reference installing via an http(s):// URL directly, but just as an fyi, our GitLab Enterprise instance allows us to install using a slightly different format.
We have 2FA enabled, so it requires SSH to be used.
From the docs.
npm install <git-host>:<git-user>/<repo-name>
npm install <git repo url>
We were able to actually install our repos like this:
npm install git+ssh://git#gitlab.mydomain.com:user/repo.git
So this is more a URL format combined with permission issue.
Regarding the branch, as seen here, your syntax is correct.
And:
if I prepend git+ on the HTTPS URL it works (I run gitea which accepts basic auth)
See also npm/hosted-git-info PR 30

Artifactory remote npm repo only caching package.json files and not TGZ files

I have set my default registry to use a remote Artifactory repository using npm config set registry {registry-url}, so when I run npm install my dependencies are cached in the specified registry.
My issue is that it only seems to be caching package.json files with URLs to the dependency's repo, and not the actual Tarballs. Is there a way to configure it to cache the Tarballs as well?
An Artifactory NPM remote repo pointing to https://registry.npmjs.org should cache .tgz packages in the remote-cache:
When you set up the client make sure you are using the correct URL with the /api/npm part:
http://:8081/artifactory/api/npm/npm-repo/
Also make sure the repository is, in fact, an NPM repository and not a generic type and make sure the remote advanced configuration is using the "store artifacts locally" option.

How to use yarn with private npm registry in Sonatyoe Nexus OSS?

I ve setup the nexus oss 3 and it looks cool. All my projects are installed by using yarn because of the --pure-lockfile option.
Steps to reproduce the issue:
1. Setup nexus oss 3 with a private npm registry (as in documentation)
2. Disable anonymous access from nexus oss 3 admin panel
3. On a linux server with alpine try to yarn install --pure-lockfile (you must have a package that is hosted on the private repo in package.json)
4. Does not work, return 401 error
I tried everything but i could not manage to make yarn to login to get those packages.
If i use npm install, it works.
Can someone tell me how to make yarn work nexus oss3 using the setup from above?
If npm install is working, then you must have login credentials and repository correctly defined.
Open terminal and run npm login, give your username and password for nexus account. This will create a file ~/.npmrc. Open this file nano ~/.npmrc, output look like
//<repository>:_authToken=NpmToken.<token>
A dummy example:
//test.server.com/repository/npm-group/:_authToken=NpmToken.123456-12345-12345-tok-en0onum
Go to the project directory cd <project_dir>, create a new file .yarnrc, open it nano .yarnrc. Insert the following line, save and exit (Ctrl+O, Ctrl+X) it.
registry "<repository>"
Create another file .npmrc in the same directory <project_dir>. Open, add the following line, save and exsit.
registry=<repository>
always-auth=true
//<repository>:_authToken=NpmToken.<token>
Delete the .npmrc at home directory rm ~/.npmrc.
Now you can download node_modules with yarn or yarn install.
I had same issue with nexus 3 and use this configuration on my .npmrc file:
registry=https://your.nexus.com/repository/some-npm/
always-auth=true
/* basic-auth-token: your user:password in base64 */
_auth=<basic-auth-token>
Hope this help you!
The fact that your requests returns 401 (Unauthorized) means that you should supply credentials when connecting to Nexus.
It is far from being a nice solution but I got it working using
yarn set registry https://user:pwd#your.nexus.host/nexus3/repository/npmjs/
I use yarn 1.4.0 (release candidate). It should also work on 1.3.2, but I cannot test that because 1.3.2 has issues with HTTPS_PROXY env vars.

Bluemix node buildpack and modules in private repos

My node.js app uses a number of private shared modules hosted in git repos. I use git URLs like below in the dependencies block in package.json:
"xxx-accountMgr": "git+ssh://git#github.xxx.ibm.com:xxx/lib-account-mgr.git",
when "cf push" this errors during npm install on ssh:
npm ERR! git clone --template=/home/vcap/.npm/_git-remotes/_templates --mirror ssh://git#github.xxx.ibm.com/ipaas/lib-account-mgr.git /home/vcap/.npm/_git-remotes/ssh-git-github-xxx-ibm-com-xxx-lib-account-mgr-git-bf65c10c: ssh: Could not resolve hostname github.xxx.ibm.com: Name or service not known
i expected this as I haven't configured the ssh key in bluemix. is that possible? if not, what's the alternative to install modules from a private repo in bluemix?
If you are downloading a private module hosted on Git, you should be able to use https protocol (with creds) to access it.
There is a trick that could help avoid this issue if that is not an option for you:
1) Package private modules with your application (in node_modules)
2) Move the private modules to devDependencies in package.json, rather than dependencies, so that your local dev workflow is unaffected.
npm install will install dependencies and devDependencies. By
default, Bluemix will only install dependencies
Step 2 is necessary because even if you package the private node_modules with your application, staging for your application will fail because npm still tries to access your private repo to validate the dependency.
Also, if you had a .cfignore file ignoring the entire node_modules directory, that would have to be changed to ignore only the public modules.
If the private repo requires Github authentication to access the shared mdoules, Bluemix won't be able to access them. You can use a command such as git clone https://github.com/repo/etc but that will require the files to be accessible without authentication.
An alternative could be to manual install the files in your repo prior to using cf push so they are available. This is not a great solution but it will solve the problem in the short term.
The problem here is that Bluemix cannot reach back into the corporate network which is apparently where your github repo lives.
It has nothing to do with authentication, although what the others say here is accurate for publically accessible git repositories
This is a workaround what works for me is to use npmjs private modules. On one hand it will work and on the other hand it is really easy to manange versions, and reuse code. Of course you'll need to make some minor changes, but is totally worth it.
Upgrade your npmjs account to use private modules: https://www.npmjs.com/private-modules
On your computer log in to npmjs:
npm login
Publish your modules
Copy your npmrc file to your project:
cp ~/.npmrc /path/to/your/project
npm install your_module --save
Enjoy!
Be aware that if you ever change your password the token inside .npmrc will be revocated.
The token is not derived from your password password, but changing
your password will invalidate all tokens. The token will be valid
until the password is changed. You can also invalidate a single token
by logging out on a machine that is logged in with that token.
Source: https://docs.npmjs.com/private-modules/ci-server-config#checking-in-your-npmrc
You can also use cfnpm module (https://www.npmjs.com/package/cfnpm) it is designed to deal with private package in cliud foundry