How to set _auth for a scoped registry in .npmrc?
Solution 1
So, after some digging through the NPM source code, it turns out there is a way to do this.
My solution is below:
registry=https://registry.npmjs.org/
@test-scope:registry=http://nexus:8081/nexus/content/repositories/npm-test/
//nexus:8081/nexus/content/repositories/npm-test/:username=admin
//nexus:8081/nexus/content/repositories/npm-test/:_password=YWRtaW4xMjM=
email=…
Explanation:
The scope @test-scope
specifies that packages with the scope should be published to a different registry than the default registry=
when executing the npm publish
command.
The two lines starting with //nexus:8081/...
are used to specify the credentials to the scoped repository for both username
and _password
where _password
is the base64 encoded password component from the previously used _auth
credentials.
Using this approach, only scoped packages will be published and installed from the private registry and all other packages will be installed from the default registry.
Edit:
Additional to this, the password can be specified as an environment variable so that it is not stored in plaintext in the file.
For example:
registry=https://registry.npmjs.org/
@test-scope:registry=http://nexus:8081/nexus/content/repositories/npm-test/
//nexus:8081/nexus/content/repositories/npm-test/:username=admin
//nexus:8081/nexus/content/repositories/npm-test/:_password=${BASE64_PASSWORD}
email=…
Also, when using Nexus, the email=
line must be specified.
Solution 2
for some strange reason the _auth
is called _authToken
when used with scoped packages. If you are using this you don't have to store your plain text password in your .npmrc
registry=https://registry.npmjs.org/
@test-scope:registry=http://nexus:8081/nexus/content/repositories/npm-test/
//nexus:8081/nexus/content/repositories/npm-test/:_authToken=...
email=…
Willem van Ketwich
I code and administrate using a variety of languages and platforms using a variety of services including node.js, .net, php, powershell, javascript, c#, vb, ruby, python, java, angular, on linux, windows, android, using aws, and azure among others.
Updated on July 09, 2022Comments
-
Willem van Ketwich almost 2 years
I am wondering how to configure the
.npmrc
file so that I can have a default registry and a different scoped registry with authentication.I am using Nexus for the private repository and I am not sure how to set authentication for the scoped registry, only the default registry.
For example my
~/.npmrc
file is:registry=https://registry.npmjs.org/ @test-scope:registry=http://nexus:8081/nexus/content/repositories/npm-test/ [email protected] _auth="…"
If I do
npm publish
for a package scoped totest-scope
, I get an authentication error.AFAIK, the
_auth
only applies to theregistry=...
section. Is there a way of specifying an auth key for the@test-scope:registry=...
section?Thanks,
-
c0l3 over 5 yearssee my answer for the standard way without storing plan test passsord
-
Jnr over 4 years
-
Phil D. almost 4 yearsFinally something that helped get me over the line with Gitlab CICD when paired with Nexus! In my
.gitlab-ci.yml
file I setnpm config set 'nexusUrlHere/repository/npm-group/:_auth' "${NEXUS_TOKEN}"
, then I set NEXUS_TOKEN as a secret in Gitlab and then away we go :)