I'm trying to deploy using AWS code build and have an NPM dependency which exists in a private github repository only.
When using composer for similar scenarios I use the "github-oauth" option https://getcomposer.org/doc/06-config.md#github-oauth. Is there similar functionality for NPM without hard-coding my token into my package.json file?
Related
I figured this would be a problem that has been solved a million times over, but I just can't find the solution. I wish to setup my Java Maven project to install Angular dependencies from my private Nexus server. I use the frontend-maven-plugin to install a new npm every time, so the configuration must be available for that npm for it to work.
I know I can add the following to my .npmrc file and it works:
registry = http://nexus.global.dns/repository/npm-all/
_authToken = NpmToken.xxx
always-auth = true
The problem I have with this solution is that the auth token gets checked into git and that I have to remove it every time I work outside of my network, where I do not have access to the nexus server. This happens for example when I am developing something for the frontend away from home as my nexus server is not on the cloud. So I wish for nexus to be used only by my jenkins pipelines which will use the frontend-maven-plugin.
I figured I would set the registry the commandline way but that is proving to be a challenge. In my frontend-maven-plugin I have set up executions that run the following lines:
npm set registry http://nexus.global.dns/repository/npm-all/
npm //nexus.global.dns/:_authToken=${NEXUS_NPM_AUTH_TOKEN}
npm install --no-package-lock
This returns a 401 error as it is not able to authenticate: Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
My next attempt was to remove the explicit mention of the repository I want to use from Nexus, because maybe it can figure out which one it should use:
npm set registry http://nexus.global.dns
npm //nexus.global.dns/:_authToken=${NEXUS_NPM_AUTH_TOKEN}
npm install --no-package-lock
Authentication now seemingly works, but it is trying to pull the dependencies from http://nexus.global.dns as expected. I get the following error: 404 Not Found - GET http://nexus.global.dns/#angular-builders%2fjest
If I navigate to http://nexus.global.dns/repository/npm-all/#angular-builders%2fjest instead I do get the dependency's package.json as a response.
Clearly the registry should be http://nexus.global.dns/repository/npm-all/ but I can't get authentication to work with the command line. I have also tried:
npm //nexus.global.dns/repository/npm-all/:_authToken=${NEXUS_NPM_AUTH_TOKEN}
but this does not work either. How do I set the auth token for my Nexus private server through the command line?
I'm using Artifactory to pull npm packages. One of the packages that I use is stored privately and in order to access it the publisher gave me an authentication token.
I was asked to add //registry.npmjs.org/:_authToken=<private_token> to .npmrc, however my environment use Artifactory as a proxy for the public npm registry. How can I configure an authentication token geared specifically for the package?
You can use virtual repo concept of artifactory. You can upload the custom packages into your local repo and a common repo that will get the packages from the npm
I'm using npm link to change my private package and see changes in action in another project. The problem is that both my projects use graphql as a dependency so I get an error Cannot use GraphQLSchema "[object GraphQLSchema]" I was trying to use resolutions key in package.json of my main project. Unfortunately it didn't help. So, I'm clueless about how to resolve this issue without pushing a newer version of my package to npm
To get around this do the following
npm i -g graphql
For each dependant project, inside the working directory
npm link graphql
This will connect to the globally installed graphql for each project and allow you to share the module without the shared directory structure
I have a Node.js package available in public npm repository. Also I set up a build in AWS CodeBuild to run unit tests each time there's a new push into the master branch of package's repository on github.
I'd like to set up automatic invocation of npm publish in the build specification in case if package version increases and all tests pass.
Is it possible to authenticate in npm by invoking npm add-user inside AWS CodeBuild environment without compromising my npm credentials? Right now I'm the only maintainer of the package, but I'm looking for a general solution when the package and the build are maintained by a team.
What are some best practices for handling npm credentials while dealing with AWS CodeBuild?
One way to vend credentials in general with AWS CodeBuild is "EC2 parameter store". AWS CodeBuild supports bringing Parameter Store variables as regular environment variables to your build. You can use that to vend sensitive information like npm and AWS credentials.
Documentation
https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html
https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-syntax
We've started using Nexus OSS 3 as a standalone NPM server and so far it's working great but there's one thing that makes little sense to me, and that is the requirement to do the npm login before being able to npm install self published packages.
We're following the proposed repository structure:
npm_proxy - to use as proxy toward npm public repo
npm_private_internal - to use to upload self created internal packages
npm_private_external - to use to upload 3rd party packages
npm_group - to wrap all of them together so they're reachable with one URL
Now I understand that npm login should be required when publishing a new package, but why is it required when doing npm install of one of the self published packages, and can it be avoided ?
It's not required if you allow anonymous read privileges to your npm repositories. But I guess you've not given these privileges to the anonymous user?
If so, the alternative would be to base64 encode the needed credentials in your .npmrc file as described here:
https://books.sonatype.com/nexus-book/reference/npm-deploying-packages.html
But using npm login would be preferable.