Unable to push a npm artifact to Gitlab - node.js

I'm trying to push a npm artifact and have it stored in Gitlab in its "Package Repositories" but am having trouble. Have tried a few different ways, with all giving the same error.
The below mostly comes from How do I publish a private npm package with gitlab ci?, and this is my .gitlab-ci.yml file
image: node:latest
stages:
- deploy
deploy:
stage: deploy
script:
- npm install
- npm config set //gitlab.com//api/v4/projects/700/packages/npm/:_authToken ${CI_JOB_TOKEN}
- npm publish
But then gets an error of need auth You need to authorize this machine using npm adduser
I then run npm adduser, but that gets an error of Username: npm ERR! cb() never called!
And here is part of the package.json:
"publishConfig": {
"#foo:registry":"https://gitlab.com/api/v4/projects/700/packages/npm"
},
Another method I try is doing not doing the npm config set..., but instead doing echo "//gitlab.com//api/v4/projects/700/packages/npm/:_authToken=${CI_JOB_TOKEN}">.npmrc, but that gets the same errors.
And yet another method I try is not having npm config nor echo //..., but having this in the .npmrc:
#foo:registry=https://gitlab.com/api/v4/projects/700/packages/npm
//gitlab.com/api/v4/projects/700/packages/:_authToken=${CI_JOB_TOKEN}
But even that has the same errors.

Go through the troubleshooting steps that Gitlab provides.
https://docs.gitlab.com/ee/user/packages/npm_registry/index.html#publish-an-npm-package-by-using-cicd

Related

GitHub action with access to private repo

I would like to run the CI part of my Node / Ionic project where I just yesterday added a custom capacitor plugin - repo A.
This plugin sits in repo B.
On my dev machine I added B as
npm install https://PERSONAL_ACCESS_TOKEN#github.com/ME/B.git --save
to project A.
package.json now contains
"B": "git+https://PERSONAL_ACCESS_TOKEN#github.com/ME/B.git",
and I pushed this to my current merge request.
However, the CI pipeline is telling me now:
npm install
shell: /usr/bin/bash -e {0}
npm ERR! Error while executing:
npm ERR! /usr/bin/git ls-remote -h -t https://***#github.com/ME/B.git
npm ERR!
npm ERR! remote: Repository not found.
npm ERR! fatal: repository 'https://github.com/ME/B.git/' not found
npm ERR!
Project B is a private repo. My account owns both repos and I am using my newly created Personal Access Token.
What should I check? I can pull the repo on my local, but there I am setup with my git+ssh env credentials too, so it might work just because of that...
Check first if you need your GitHub username:
https://myGitHubUsername:PERSONAL_ACCESS_TOKEN#github.com/ME/B.git
^^^^^^^^^^^^^^^^^
Then, if you need the token in the git+https URL:
"How to use private GitHub repo as npm dependency" mentions the use of npm-cli-login instead:
- name: Login to GitHub private NPM registry
env:
CI_ACCESS_TOKEN: ${{ secrets.NAME_OF_YOUR_ACCESS_TOKEN_SECRET }}
shell: bash
run: |
npm install -g npm-cli-login
npm-cli-login -u "USERNAME" -p "${CI_ACCESS_TOKEN}" -e "EMAIL" -r "https://npm.pkg.github.com" -s "#SCOPE"
Most answers that I have seen to install private GitHub repo
"package": "git+https://PERSONAL_ACCESS_TOKEN:x-oauth-basic#github.com/username/packge.git"
or
"package": "https://PERSONAL_ACCESS_TOKEN:x-oauth-basic#github.com/username/packge.git"
This works in local, however, if you are using actions/checkout#v2 in your github Action then you need to use persist-credentials:false like the following.
- uses: actions/checkout#v2
with:
persist-credentials: false
otherwise, you'll get an error message remote: Repository not found.
other ways to install private github repo
if you are using ssh like following
"package": "git+ssh://git#github.com/username/packge.git"
then you have to use the ssh-agent in your github action like this
- uses: webfactory/ssh-agent#v0.5.4
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
here SSH_PRIVATE_KEY is a private key from public-private key pair generated using ssh-keygen and the public key is added as a deploy key in the private repo that you are trying to install as an npm package. for more information about this, you can check the official doc

why gitlab runner don't use my custom npm registry but use the default npm registry

I installed a gitlab runner on my window machine
and I run terminal input "npm config set registry http://my/custom/npm/registry"
and then i trigger a pipeline on my gitlab web page
i saw the terminal pannel show me a default registry value after run "npm config get registry"
why ??
did the gitlab runner doesn't use my npm config on the local machine ?
also, i use nrm to switch the npm registry, i got the same result
Try moving your npm config set registry https://custom-registry.example.com inside your job specification instead of on your host. So for example:
npm_dependencies:
stage: npm
before_script:
- npm config set registry https://custom-registry.example.com
script:
- npm config get registry
- npm install

Do I have to npm install in every step in a bitbucket pipeline that I need to use an npm command

I have a bitbucket pipelines yml that I have step for running my test script and a step to run a serverless deploy script. Do I need to npm install at each step or will the first npm install carry through and suffice for each subsequent step. Further than that, what is happening under the hood? I know Docker container is created; does each step just update the container?
- step:
name: Test and Build
script:
- npm install --no-package-lock
- npm run test
- step:
name: Deploy Serverless
script:
- npm i serverless -g
- npm install --no-package-lock
- npm run deploy
Can you implement it like the documentation: https://confluence.atlassian.com/bitbucket/caching-dependencies-895552876.html
The functionality is there. Let me know if it doesn't work for you still.
Each step in the pipe creates a separate docker container which pulls in your branch. Using the cache option will allow your pipe to skip the install when building the container for the second step by pulling node_modules from the cache. You must still include the npm install line in each step to tell the pipe to use the cache if it exists.

CircleCI: $ npm test fails and doesn't find installed package

For some reason Circle is not able to use ts-mocha installed with npm install in a previos step in the building process.
It used to work, but for some reason it doesn't anymore out of a sudden.
This is the CircleCI build job result:
All tests are running fine locally:
This is the script in the package.json that I run with npm test:
"test": "env NODE_ENV=test ts-mocha ./test/**/*.spec.ts --timeout 10000"
The package version is "ts-mocha": "^6.0.0",
This is my CircleCI job configuration (which hasn't changed in a month):
jobs:
build:
docker:
- image: circleci/node:10.13.0
steps:
- checkout
- restore_cache:
keys:
- v1-dependencies-{{ checksum "package-lock.json" }}
- v1-dependencies-
- run: npm install
- save_cache:
paths:
- node_modules
key: v1-dependencies-{{ checksum "package-lock.json" }}
- run: npm test
- run: npx tsc
It seems that something broke from the Circle side, as there were no changes in the code.
Even though I tried rerunning old successful builds, they fail with this same error.
Things I tried:
Runningnpm ci && npm test in the same step but it yields the same result.
Removing package-lock.json
Updating package-lock.json
Running npm install --no-package-lock
Updating npm
Running npm update
Running npm audit fix
Cleaning npm cache
Also tried using npx instead of relying on the previously installed ts-mocha package and this is the result:
I noticed that the CircleCI NODE_ENV environment variable was set to production, therefore any devDependencies were not getting installed (even with npm install --save, because it was already listed as a devDependency in the package.json).
I don't know when the environment variable was changed to that value, but the odd thing is that it started breaking from one day to another (although it should've been breaking since the moment that env variable was set) so it was extremely hard to debug, but it was a simple fix: changing the NODE_ENV environment variable in CircleCI to something different than production.

Azure Devops: Cannot Build an Image using NPM private registry even after setting NPM Authenticate

I am always getting an error on npm install after setting NPM Authenticate. I would like to authenticate to my npm private registry during image build and install all the dependencies I need. Maybe I misunderstood how this authentication process works but this is what I am doing:
Build pipeline
I tried establishing a service connection from the project settings page as in Service connections for builds and releases
After that, I also set up my NPM Authentication task following the steps in With a Task Runner (e.g. make gulp work)
But this is not working. These are the errors I am getting:
During 'NPM Authenticate' phase:
[warning]Found and overrode credentials for the
myregistry.pkgs.visualstudio.com registry in the selected .npmrc file.
Remove credentials from the file and store them in an npm service
connection instead (recommended), or remove the npm Authenticate task
from your build to use credentials checked into an .npmrc.
During 'Build an Image' phase:
Step 4/7 : RUN npm install --production ---> Running in 8724f713f1db
[91mnpm ERR! code[0m[91m E404 [0m[91mnpm [0m[91mERR! 404[0m[91m Not
Found: #myregistry/service-logging#latest npm ERR![0m[91m A complete
log of this run can be found in: npm ERR!
/root/.npm/_logs/2018-09-11T04_20_00_513Z-debug.log [0mThe command
'/bin/sh -c npm install --production' returned a non-zero code: 1
[error]The command '/bin/sh -c npm install --production' returned a non-zero code: 1 [error]/usr/local/bin/docker failed with return
code: 1 [section]Finishing: Build an image
This is my .npmrc file:
unsafe-perm=true
package-lock=false
registry=https://myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/
always-auth=true
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:_authToken=${NPM_TOKEN}
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/:_authToken=${NPM_TOKEN}
And this is my Dockerfile:
FROM node:8.9-alpine
ARG NPM_TOKEN
WORKDIR /usr/src/srv/
COPY package.json package.json
COPY .npmrc .npmrc
RUN npm install --production
RUN rm -f .npmrc
COPY . .
EXPOSE 8080
CMD npm start
Any help to unblock me from this issue will be highly appreciated! Thanks!
I finally resolved this issue in my pipeline by removing the last two lines in my .npmrc file. the last line was causing an issue. After the NPM Authenticate task, my .npmrc file was being modified to:
unsafe-perm=true
package-lock=false
registry=https://myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/
always-auth=true
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/:_authToken=${NPM_TOKEN}
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:username=VssToken
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:_password=***
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:email=VssEmail
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:always-auth=true
Somehow, the following config was being taken into consideration and the config the NPM Authenticate inserted was being ignored, causing the pipeline error:
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/:_authToken=${NPM_TOKEN}
Also, no need to include the following line since NPM Authenticate will do the job for you:
//myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/:_authToken=${NPM_TOKEN}
By removing the line above, this warning disappeared:
[warning]Found and overrode credentials for the
myregistry.pkgs.visualstudio.com registry in the selected .npmrc file.
Remove credentials from the file and store them in an npm service
connection instead (recommended), or remove the npm Authenticate task
from your build to use credentials checked into an .npmrc.
So, to conclude, just keep your .npmrc file as simple as this:
unsafe-perm=true
package-lock=false
registry=https://myregistry.pkgs.visualstudio.com/_packaging/myregistry/npm/registry/
always-auth=true
Everything was fine with the Dockerfile.
I encountered this recently, Posting what I found out here in case it helps folks (or myself) in the future.
I was trying to authenticate against a private NPM feed during an Azure DevOps Pipeline build using the NpmAuthenticate task runner.
My initial pipeline looked like this:
- task: npmAuthenticate#0
displayName: Authenticate Npm Feed
inputs:
workingFile: './source/WebApplication/.npmrc'
customEndpoint: ExternalFeedServiceConnection
- task: Npm#1
inputs:
command: 'install'
workingDir: ./source/WebApplication #path to package.json
customRegistry: 'useNpmrc'
displayName: Install NPM Packages
The Npm#1 task would continually fail with a login error. No matter what permutation was attempted. What finally worked was replacing it with a script step instead:
- script: 'npm install'
workingDirectory: ./source/WebApplication
displayName: npm install
The script step appears to be executing the exact same command as the Npm#1 task, but is able to authenticate fine.
The npmAuthenticate azure devops task documentation vaguely suggests this, but it's unclear why it would work with a script step but not the Npm#1 task.
You need to include the token in .npmrc file or update this file before run npm install command.

Resources