I have been able to login to my npm registry manually, ie: on my local machine - but for some reason it's not working when it goes through the CI. The problem here is that after I execute the npm login command, the program is waiting for the manual user input (username, password, email) and I couldn't find a way to send these inputs in the pipeline (where I can't make manual user input):
These different approaches I tried:
1. Copy the npm auth token from my local machine into the environment variables of the gitlab CI/CD Settings, and then just copy them into the global .npmrc at the root directory: This results in an error (unauthenticated):
$ cd ~ $ pwd /root $ echo "//<my_registry_url>:_authToken=$NPM_AUTH_TOKEN" > ~/.npmrc $ cat .npmrc <my_registry_url>:_authToken=[MASKED] //<-- the masked value is correct, I had it unmasked before once by mistake... $ npm whoami npm ERR! code ENEEDAUTH npm ERR! need auth This command requires you to be logged in. npm ERR! need auth You need to authorize this machine using `npm adduser` npm ERR! A complete log of this run can be found in: npm ERR! /root/.npm/_logs/2021-03-02T14_29_00_728Z-debug.log Cleaning up file based variables 00:00 ERROR: Job failed: exit code 1
2. Install npm-cli-login and pass the username, password and email in one line with the npm login command
$ npm install -g npm-cli-login
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
added 567 packages, and audited 568 packages in 46s
33 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
// trying to login now
$ npm-cli-login -u $USERNAME -p $API_KEY -e $EMAIL -r $REPOSITORY
info attempt registry request try #1 at 6:17:19 AM
http request PUT [MASKED]-/user/org.couchdb.user:<my correct username>
http 201 [MASKED]-/user/org.couchdb.user:<my correct username> // the login seems to have worked, at least I don't get an error
// then I go to the home directory to check the .npmrc file
$ cd ~
$ pwd
/root
$ cat .npmrc
//<my_registry_url>:_authToken=<eyJ...rest of token> // <-- so this was created correctly at my npm-cli-login command
// then I go back to the angular project folder
$ cd /builds/<my path>/app/src/main/ui
$ ls
README.md
angular.json
browserslist
debug.log
e2e
package.json
src
tsconfig.app.json
tsconfig.spec.json
// and when I now run npm install, it says I'm not authenticated
$ npm install
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated axios@0.20.0: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/reques/request/issues/3142
npm WARN deprecated fsevents@2.1.3: "Please update to latest v2.3 or v2.2"
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="Artifactory Realm" // <-- HERE IT FAILED
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T06_44_42_972Z-debug.log
Cleaning up file based variables
00:01
ERROR: Job failed: exit code 1
3. Using a here document like this in my gitlab-ci.yml:
- npm login --registry=<my_registry_url> << EOF
- $USERNAME
- $API_KEY
- $EMAIL
- EOF
This results in:
$ npm login --registry=<my_registry_url> << EOF
Username: npm WARN Name may not contain non-url-safe chars
Username: (echo $'\x1b[32;1m$ <my_username>\x1b[0;m') npm ERR! cb() never called!
npm ERR! This is an error with npm itself. Please report this error at:
npm ERR! <https://npm.community>
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-03-02T13_54_12_317Z-debug.log
ERROR: Job failed: exit code 1
The methods above were maybe not wrong at all, but somehow it only worked for me after using _auth instead of _authToken value in the .npmrc file.
This method is described here and on the jfrog confluence site.
After running this curl command I received everything that I needed to put into my global .npmrc file:
curl -u ${JFROG_USER}:${JFROG_ENCRYPTED_PASSWORD} https://${JFROG_ORG}.jfrog.io/artifactory/api/npm/auth
For anyone who's interested, the full script in my gitlab ci pipeline stage now looks like this:
script:
- npm -v
6.14.10
- node -v
v14.15.4
- cd ~
- pwd
/root
# install angular globally
- npm i -g @angular/cli
# create the config file '.npmrc' for authenticating at jFrog when running 'npm install'.
- cat > .npmrc
- echo _auth = ${NPM_AUTH_TOKEN} >> .npmrc <- This is the token that I received after running the curl command from the tutorial / link above
- echo always-auth = true >> .npmrc
- echo email = ${EMAIL} >> .npmrc
# the next line makes npm look for the packages that are annotated with @<my-private-repo> at the JFrog Repo.
- echo @<my-private-repo>:registry=${UI_JFROG_REGESTRY} >> .npmrc
# change back to the project folder.
- cd /builds/<my-project-folder>/ui
# install all packages + the <my-private-repo> package from JFrog.
- npm install