We have a scoped module, and for npm to be be able to resolve it, we have to say where its repo is. This can be done in i.e. .npmrc, such as:
#my-scope:registry=http://my-sweet-replication.example.com/npm/
My problem is that because of some proxying and authentication for GET requests, I have to put different values in .npmrc for development versus the build server (travis enterprise). We already take advantage of the fact that npm can read environment variables for packages that are not scoped, but as both # and : are invalid characters in an environment variable I'm unable to export the correct URL.
Any ideas on how to tell npm where to look for scoped modules without putting it in .npmrc?
For now, my solution is to use the env command, i.e. (in .travis.yml)
install: env 'NPM_CONFIG_#MY-SCOPE:REGISTRY=http://my-sweet-replication.example.com/npm/' npm install
Is that the only way to do it?
Putting it in the travis env matrix does not work, as it uses EXPORT, so it tries to export just REGISTRY
(Posting my answer as I didn't get any hits from googling)
Create the user by hand, by installing a ~/.npmrc with the appropriate token.
First, go into your project's envvars, and set the token under some name. For this example I use NPM_TOKEN, but that's not important. Some unices break with lowercase envvars, so use allcaps.
Next add the following to your .travis.yml:
before_install:
- echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc
Now you should have an NPM user with the appropriate credentials.
Related
I figured this would be a problem that has been solved a million times over, but I just can't find the solution. I wish to setup my Java Maven project to install Angular dependencies from my private Nexus server. I use the frontend-maven-plugin to install a new npm every time, so the configuration must be available for that npm for it to work.
I know I can add the following to my .npmrc file and it works:
registry = http://nexus.global.dns/repository/npm-all/
_authToken = NpmToken.xxx
always-auth = true
The problem I have with this solution is that the auth token gets checked into git and that I have to remove it every time I work outside of my network, where I do not have access to the nexus server. This happens for example when I am developing something for the frontend away from home as my nexus server is not on the cloud. So I wish for nexus to be used only by my jenkins pipelines which will use the frontend-maven-plugin.
I figured I would set the registry the commandline way but that is proving to be a challenge. In my frontend-maven-plugin I have set up executions that run the following lines:
npm set registry http://nexus.global.dns/repository/npm-all/
npm //nexus.global.dns/:_authToken=${NEXUS_NPM_AUTH_TOKEN}
npm install --no-package-lock
This returns a 401 error as it is not able to authenticate: Unable to authenticate, need: BASIC realm="Sonatype Nexus Repository Manager"
My next attempt was to remove the explicit mention of the repository I want to use from Nexus, because maybe it can figure out which one it should use:
npm set registry http://nexus.global.dns
npm //nexus.global.dns/:_authToken=${NEXUS_NPM_AUTH_TOKEN}
npm install --no-package-lock
Authentication now seemingly works, but it is trying to pull the dependencies from http://nexus.global.dns as expected. I get the following error: 404 Not Found - GET http://nexus.global.dns/#angular-builders%2fjest
If I navigate to http://nexus.global.dns/repository/npm-all/#angular-builders%2fjest instead I do get the dependency's package.json as a response.
Clearly the registry should be http://nexus.global.dns/repository/npm-all/ but I can't get authentication to work with the command line. I have also tried:
npm //nexus.global.dns/repository/npm-all/:_authToken=${NEXUS_NPM_AUTH_TOKEN}
but this does not work either. How do I set the auth token for my Nexus private server through the command line?
I'm having an issue with installing an NPM package from GCP.
I was able to upload the package to the artifact registry of GCP by doing the following steps:
Login to my google account (gcloud auth application-default login)
Run
gcloud artifacts print-settings npm \ --project=[my-project]\ --repository=[my-repo] \ --location=us-east1 \ --scope=#[my-scope]
Pasting the output of the previous step in the .npmrc file located in the root of the project.
Refreshing the access token to GCP (npx google-artifactregistry-auth ./.npmrc)
Run yarn publish
My .npmrc file looks like this:
#[my-scope]:registry=https://us-east1-npm.pkg.dev/[my-project]/[my-repo]/
//us-east1-npm.pkg.dev/[my-project]/[my-repo]/:_authToken="[auth-token]"
//us-east1-npm.pkg.dev/[my-project]/[my-repo]/:always-auth=true
However, when I try to install the package on another project by:
Executing steps 1-4 mentioned above
Run yarn add #[my-scope]/[my-package]
I get an 404 error.
Looks like yarn is looking for the package in the default registry:
error An unexpected error occurred: "https://registry.yarnpkg.com/#[my-scope]/#[my-pacakge]/-/#[my-scope]/[my-package]-0.0.1.tgz: Request failed \"404 Not Found\"".
I simply followed the steps mentioned in the installation instructions in GCP but somehow it's not working.
I encountered a similar issue in this post: Can't install a scoped package I published to a npm registry in GCP but this not the exact error I get.
I would appreciate any help regarding this issue.
Thanks in advance!
I just had this problem for a couple of days and the solution is simple, DO NOT USE YARN when publishing. That's it.
I don't know which part of yarn causes this but basically it ignores .npmrc resulting in the tarball to point to the wrong repository, you can check it if you run yarn info. So when publishing to GCP artifact registry one should use npm publish instead.
In both setting up authentication for npm and Managing Node.js packages, Obtaining an access token section the command used is
npx google-artifactregistry-auth
In the same section there is a note that explains how to add flags if you need to change the path of the .npmrc file.
Note: If you need to store your repository settings and credentials in .npmrc files other than the defaults, you can run the credential helper with additional flags.
--repo-config is the .npmrc file with your repository settings. If you don't specify this flag, the default location is the current directory.
--credential-config is the path to the .npmrc file where you want to write the access token. The default is your user .npmrc file.
Instead of:
npx google-artifactregistry-auth ./.npmrc
It could be written as
npx google-artifactregistry-auth --repo-config=pathto/.npmrc --credential-config=pathto/.npmrc
If you are not sure where your file is you can run npm config ls -l | grep config as explained here
Also check you are specifying the correct .npmrc path if it is different than the default registry as shown in Configuring npm and confirm you are trying to install a package from the Node.js package repository with the correct scope, package, tag or version to be completely explicit.
It's first time I'm trying to use Actions in GitHub to load a package on npm.
My workflow gets error because of:
npm ERR! code E404
npm ERR! 404 Not Found - PUT https://registry.npmjs.org/github-custom-module - Not found
npm ERR! 404
I noticed that also trying to reach out by browse bar https://registry.npmjs.com/ or http://registry.npmjs.com/ and it responds something like:
{"db_name":"registry","engine":"couch_bt_engine","doc_count":2594600,"doc_del_count":334,"update_seq":12737068,"purge_seq":0,"compact_running":false,"sizes":{"active":52390186030,"external":150891609029,"file":52550172912},"disk_size":52550172912,"data_size":52390186030,"other":{"data_size":150891609029},"instance_start_time":"1640854262658073","disk_format_version":7,"committed_update_seq":12737068,"compacted_seq":12733464,"uuid":"d8db915449574fe1dbb729e34426a075"}
just wondering if someone got in trouble for the same reason and eventually how to fix it!
Thank you very much!
Since your npm package is in a private repo, your Github action may not have access to it. There are two approaches to solving this ->
The easy way
You can use a read only access token in the dependency list in the package.json file to install the packages. This will require changing the code base but it trivializes the CI part. Bear in mind that if the token expires or is deleted your builds will start failing.
The not so easy way
The other way is to again create an access token for the npm registry and then
adding it to the Github Secrets instead. So lets say we store it in
NPM_TOKEN then in your action file you could simply add this to the env
steps:
- run: |
npm install
- env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
You also need to create a .npmrc file in the root of your project with a single line using the env variable to set the auth token.
//registry.npmjs.org/:_authToken=${NPM_TOKEN}
The npm cli will replace the value from the environment in so your secrets are safe !
I'm trying to integrate TeamCity Server (Windows) with my private NPM repo. I have create an OAuth token.
But I can't find any examples how to use the token in regards to NPM login alone or via TeamCity?
SOLVED!
In a PowerShell (run as ADMIN) run this:
npm login --registry=https://registry.npmjs.org/
--scope=#your_npm_handle
(NB. Replace the your_npm_handle in the command above with YOUR private NPM handle!)
Enter your username, password and NPM e-mail when prompted
You should now see a successful login to NPM
Now run:
npm config set always-auth true
If you now run:
npm config edit
you should see something like this / 3 lines of code in the file .npmrc
#your_npm_handle=https://registry.npmjs.org/
//registry.npmjs.org/:_authToken=xxxx-xxxx-xxxx-xxxx
always-auth=true
Please remember: To use a placeholder to your AUTH token ID and place the actual AUTH token in an .env file and only ref. to it in the .npmrc file). Replace this: authToken=xxxx-xxxx-xxxx-xxxx with this: authToken=${NPM_TOKEN} and in your .env file add this: NPM_TOKEN=xxxx-xxxx-xxxx-xxxx
Add this .npmrc file in the ROOT of your project.
Commit and publish the .npmrc file to source control (not the .env file!)
TeamCity will now download the .npmrc file together with the rest of your source code and run with success because it will use the NPM config file and thereby be able to access your private NPM repo and download all you private #packages.
Remember to activate F2A to your NPM account + to your NPM AUTH tokens.
Be aware this solution ONLY works on multiple machines as long as none of the machines don't invalidate this single AUTH token. In this case use a separate AUTH token setup for each machine or simply use NPM LOGIN instead each time.
I stumbled upon this while dealing with something similar and i thought sharing a bit, cause the accepted answer is pretty insecure:
a) You should not push your token/keys into a version control. Period. This is a security flaw.
b) You don't need to log in via npm login to retrieve your key. You should log in to npmjs.com where you will see a section called "Access Tokens". There you can create tokens to use for this situation and mark them as read-only as well. (or you can use command line to create tokens as well)
c) Teamcity offers "parameters". You can set up a secret there to use during the build. You can do this at root or project level. Create an "environment" parameter and mark it as read-only and as a password so it is secure.
d) For example if you have a docker build, pass it in as a --build-arg NPM_TOKEN=%env.yourTokenName% as additional parameter, then ${NPM_TOKEN} can be used in your .npmrc file if you set it up in your Dockerfile correctly (ARG NPM_TOKEN)
I am using Nexus Repository ManagerOSS 3.0.2-0, I have successfully created npm hosted repository, but when I click on the link it always says 400 bad request.
And also through command line am not able to perform npm adduser pointing to this registry .
Any idea what am doing wrong?
The link in the UI is non functional, it's there to copy for use in setting up tooling, the 400 is expected behavior at this point in time.
As for npm adduser, I believe this should work. Make sure to have the npm Bearer Token Realm enabled.
You can read more about enabling it here: https://books.sonatype.com/nexus-book/reference3/npm.html#_authentication_using_realm_and_login