I'm trying to publish a scoped package to a private azure devops artifact feed. I followed the instructions here. I have a project .npmrc with the following entries:
#my-scope:registry=https://pkgs.dev.azure.com/my-org/_packaging/my-feed/npm/registry/
#my-scope:always-auth=true
In my global user .npmrc I have the following entries:
prefix=/usr/local
strict-ssl=false
unsafe-perm=true
//registry.npmjs.org/:_authToken="my-real-token"
//pkgs.dev.azure.com/my-org/_packaging/my-feed/npm/registry/:username=${NPM_USERNAME}
//pkgs.dev.azure.com/my-org/_packaging/my-feed/npm registry/:_password="my-real-base64-token"
//pkgs.dev.azure.com/my-org/_packaging/my-feed/npm/registry/:email=${NPM_EMAIL}
//pkgs.dev.azure.com/my-org/_packaging/my-feed/npm/registry/:always-auth=true
#my-scope:registry=https://pkgs.dev.azure.com/my-org/_packaging/my-feed/npm/registry/
//pkgs.dev.azure.com/my-org/_packaging/my-feed/npm registry/:_authToken="my-real-base64-token"
cafile=${NPM_CERT_LOCATION}
When I try: npm publish I get the following error:
Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/some-guid, Basic realm="https://pkgsprodcus1.pkgs.visualstudio.com/", TFS-Federated
Based on previous posts I see that I might need to do npm login. Executing npm login gives me this error:
npm verb node v6.9.2
npm verb npm v6.8.0
npm ERR! code E400
npm ERR! 400 Bad Request - PUT https://pkgs.dev.azure.com/my-org/_packaging/my-feed/npm/registry/-/user/org.couchdb.user:my-username
I looked at this and this which seemed to be related. However, neither of them worked.
I've tried: curl and curl -u which gave me the following error:
{"$id":"1","innerException":null,"message":"TF400813: Resource not available for anonymous access. Client authentication required.","typeName":"Microsoft.TeamFoundation.Framework.Server.UnauthorizedRequestException, Microsoft.TeamFoundation.Framework.Server","typeKey":"UnauthorizedRequestException","errorCode":0,"eventId":3000}%
I'v also tried with a proxy and a cert. However, with the same results.
This is a bit old, not sure if you are still stuck, but for Windows you can use this npm package: https://www.npmjs.com/package/vsts-npm-auth:
npm install -g vsts-npm-auth
vsts-npm-auth -config path-to-your\.npmrc
Here is a more complete article from Azure DevOps that walks you through setup, .npmrc and auth and publishing: https://learn.microsoft.com/en-us/azure/devops/artifacts/npm/npmrc?view=azure-devops&tabs=windows:
If you are developing on Linux or Mac, vsts-npm-auth is not supported and we recommend generating a token in the following manner for your $HOME/.npmrc
The Connect to feed dialog box generates an appropriately formatted token that you can place into your .npmrc file with a lifespan of 90 days.
From Azure Artifacts, select Connect to feed.
Select npm.
Select Generate npm credentials. Copy the credentials to add them to your user .npmrc file manually. For Windows this is in %USERPROFILE%.npmrc and can be useful if the above method doesn't work. For Linux it is in $HOME/.npmrc.
Related
I have a (test) npm package named #myScope/test which I want to publish into a private gitlab registry within a gitlab project whose address is
https://gitlab.<something>/myId/test-npm-registry/
with ID 9630
First, I'm a bit confused with npm login and .npmrc. If I understand correctly, answers given to npm login end-up as a couple of lines into .npmrc, is that right?
So essentially, to instruct npm about authenticating to a registry, one can either:
manually edit .npmrc
use npm config set
use npm login
Based on what I read on the gitlab help, I've inserted the following lines into my .npmrc:
#myScope:registry=https://gitlab.<something>/api/v4/projects/9630/packages/npm/
'//gitlab.<something>/api/v4/projects/9630/packages/npm/:_authToken'="${GITLAB_AUTH_TOKEN}"
Note: I had to use the project ID, having issues with the url format.
I have also added the following bit into the package.json :
publishConfig":{
"#myScope:registry": "https://gitlab.<something>/api/v4/projects/9630/packages/npm/"
}
Finally, I've created a token in gitlab, with "api, read_api, read_registry, write_registry" rights and I have assigned the token to the GITLAB_AUTH_TOKEN variable:
GITLAB_AUTH_TOKEN="xk4L7xxvzHuykyKawxQZ"
When I do npm publish I'm getting the following message :
npm ERR! code E401
npm ERR! 401 Unauthorized - PUT https://gitlab.<something>/api/v4/projects/9630/packages/npm/#myScope%2ftest-npm-registry
npm ERR! A complete log of this run can be found in:
The logs doesn't help, nor does the verbose mode. Also, I'm not getting if I have to perform an explicit npm login or if the configuration in the .npmrc (with the token) should do the trick. I actually cannot do npm login because the username has an # character in it and npm refuses it.
Any ideas ?
I have a working verdaccio server hosted on a google cloud server. I am able manually publish to it, but am struggling to create a GitHub Action to publish to it when I push to master branch.
I have a script that works perfectly when publishing to npmjs public repo. Here is the relevant part that works for npmjs.org
- name: Publish to npm
if: steps.semantic.outputs.new_release_published == 'true'
run: |
yarn install
git checkout upm
npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
Now, for my own server, I have included the following addition in package.json:
"publishConfig": {
"registry": "http://my.ip.0.0:port"
},
And then in the repositories secrets, I have created an NPM_TOKEN secret with my user's token copied from my computer's .npmrc file after logging in.
I'm getting the following error from the Github Actions result:
npm ERR! code E401
npm ERR! Unable to authenticate, your authentication token seems to be invalid.
npm ERR! To correct this please trying logging in again with:
npm ERR! npm login
So I'm clearly not authenticating properly.
I tried (on the server's cli) using npm token create but it gave me an unauthorized error, and I tried the same on my computer locally after logging in too, and got the same error.
How can I authenticate my Github Actions publish to my custom Verdaccio server? I'm pretty new to this whole CI business, so I suspect I'm missing something quite basic. I suspect I'm doing it wrong using NPM_TOKEN, but it worked fine to publish to npmjs.org public repo.
Again, I can manually publish using npm publish from the terminal on my Mac (after logging into custom server with npm login), so I know that the server is set up properly.
After much googling, I found a solution from this tutorial https://remysharp.com/2015/10/26/using-travis-with-private-npm-deps
It's not written for GitHub Actions but the same procedure worked.
First, you need to login to your private server from your computer. In your home folder look at the .npmrc file (turn on show hidden files).
add this line to the yaml action file:
echo "//YOURREGISTRYADDRESS/:_authToken=\${NODE_AUTH_TOKEN}" > .npmrc
Note that it should actually be NODE_AUTH_TOKEN, NOT your actual token.
The part in the quotes should mostly match the entry in your .npmrc file (without the token).
So now it looks like this
- name: Publish to npm
if: steps.semantic.outputs.new_release_published == 'true'
run: |
yarn install
git checkout upm
echo "//YOURREGISTRYADDRESS/:_authToken=\${NODE_AUTH_TOKEN}" > .npmrc
npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
Then in the Settings -> Secrets part of your GitHub repo, add a secret called NPM_TOKEN and paste in the auth token value from the .npmrc. It's a long series of letters and numbers.
Now this script should properly log in. Apparently the issue is that the default Verdaccio authorization plugin expects it to be used interactively. This line basically creates an .npmrc file on the fly and populates it with the correct info, as if you've already logged in interactively. The file isn't actually created though, and disappears after running, which is a nice touch. It also is pretty secure since it stores the token in the secrets part of the repo. The link above does a better job explaining it, so check it out!
I have an app I'm creating a build pipeline for in Azure DevOps. It uses npm packages which are in a private npm registry (with code created from a different Azure DevOps organisation). When I run npm ci (or npm install) it fails with the following error:
npm ERR! code E401
npm ERR! Unable to authenticate, need: Bearer authorization_uri=https://login.windows.net/b2d01466-6e2c-4b55-8b90-e3ed41afca4a, Basic realm="https://pkgsproduks1.pkgs.visualstudio.com/", TFS-Federated
The specific packages which fail are the ones from the other organisation, which return a 401 when trying to get them.
I thought the best practice to authenticate this was to create a Service Connection within Azure DevOps. I've created a Personal Access Token within the organisation which hosts the npm packages, and used it to create a Service Connection in the organisation which contains my build pipeline. I then included it in my build pipeline yaml as follows:
- task: Npm#1
displayName: Install npm packages
inputs:
command: 'ci'
workingDir: 'Path/To/Working/Directory'
customEndpoint: 'Custom npm registry'
I've also tried using the npm authenticate build step before this (both with and without the customEndpoint: 'Custom npm registry' in the install step) and while the npm authenticate runs successfully it doesn't make any difference to the error I'm getting. I've also tried setting up the Service Connection to use my username and password rather than a PAT, but that made no difference either.
The .npmrc within my project is as follows (modified slightly):
registry=https://registry.npmjs.org/
#{scope}:registry=https://pkgs.dev.azure.com/{organisation}/_packaging/{feedName}/npm/registry/
#{scope}:always-auth=true
Can anyone see what's wrong with the authentication, or link to an article giving an example of doing this across multiple Azure DevOps organisations?
I just killed a few hours troubleshooting a similar NPM authentication issue with a hosted build agent for Azure DevOps.
I did have the NPM Authenticate job in the pipline, and I was still experiencing this error:
npm ERR! code E401
npm ERR! Unable to authenticate, your authentication token seems to be invalid.
npm ERR! To correct this please trying logging in again with:
npm ERR! npm login
As it turned, the project had a mixture of https://pkgs.dev.azure.com/<myorg>/_packaging and https://<myorg>.pkgs.visualstudio.com/_packaging (the legacy URL for the same NPM registry) in scattered .npmrc files.
Making them all to consistently use https://pkgs.dev.azure.com/<myorg>/_packaging had solved my problem.
The .npmrc should look like:
registry=https://pkgs.dev.azure.com/{organization}/{project}/_packaging/{feed}/npm/registry/
#{scope}:registry=https://pkgs.dev.azure.com/{otherorganization}/_packaging/{feed}/npm/registry/
#{otherscope}:registry=https://{thirdPartyRepository}/npm/registry/
always-auth=true
I am unable to publish my package to npm. I am logged in as a user with correct access to that package.
After logging in, I run this command to show I am logged in:
$ npm whoami
ganchrowsci
Then I run this command to ensure that the current user has access to the current package:
$ npm access ls-collaborators
{
"ganchrowsci": "read-write"
}
And then I run publish and it ends with an error:
$ npm publish
...<snip>
npm ERR! code E401
npm ERR! 401 Unauthorized - PUT http://registry.npmjs.com/gs-utils - You must be logged in to publish packages.
This is clearly showing that I am not logged in, but that is also clearly not true. I can't understand why I'm not able to publish. Can you explain what I am doing wrong?
Another piece of information is that, this used to work and we have published many versions of this package, but we haven't published recently. It's only this latest change that we're having trouble with.
I created an account in npm (https://www.npmjs.com/).
Then created a token in that account.
The following command worked for me:
npm adduser --registry=https://registry.npmjs.org/:_authToken=<token-from-npm>
The following worked for me:
npm adduser --registry=https://registry.npmjs.com
I needed to explicitly specify the registry, even though that registry specified in my .npmrc:
//registry.npmjs.org/:_authToken=XXXXXXX
I'm having trouble publishing npm packages using using Package Management feeds.
>vsts-npm-auth -config .npmrc
vsts-npm-auth v0.25.0.0
----------------------
Creating npmrcFile. Path: H:\.npmrc
Getting new credentials for source:https://########.pkgs.visualstudio.com/_packaging/########/npm/registry/, scope:vso.packaging_write vso.drop_write
>npm publish
...
npm ERR! need auth auth required for publishing
npm ERR! need auth You need to authorize this machine using `npm adduser`
What am I missing here?
The .npmrc file (with the "_authToken"), was generated by the vsts-npm-auth -config .npmrc in the H: drive.
I manually moved it to the user folder in order to make the npm publish working.
The solution is moving the .npmrc file to the user folder.