Downloading packages to CI or deployment servers
In our last tutorial, we introduced private packages, what they are and who can have a private package.
The tutorial that you are about to read, will cover the download of packages to CI/deployment servers.
Downloading packages to CI/deployment servers
Whenever you are using deployment servers or when you are testing with Continuous Integration servers, you will have to download your private packages to those servers. The steps are to follow are outlined below:
- You will have to create a new auth token
- You should set up a .npmrc file that is specific to the project
- You should configure the ci/deployment server to provide the auth token
Creating a new authentication token
Lots of things has changed in npm, one of them is that npm now requires that you should use auth tokens to authenticate in the CLI. Whenever you need to generate an auth token, you should use npm token create.
token | d97a6e1f-cb87-0000-94e0-e06fe03c8a5c |
Cidr_whitelist | |
readonly | false |
created | 2019-11-21T16:57:25.427Z |
There are lots of things that you can do with the new token. Check our tutorial on working with tokens for more details.
Setting up a project-specific .npmrc file
To set up a project-specific .npmrc file, you should set up a custom .npmrc file in your project folder. You should this to authenticate the deployment or CI with npm.
Setting up environment variables
If you want to make this more secure when pushing it up to the server, this token can be set as an environment variable on the server.
You will also have to add this to your environment variables on your development machine. In Linux or OSX, you would have to add this line to your ~/.profile:
export NPM_TOKEN="00000000-0000-0000-0000-000000000000"
then, you will have to refresh your environment variables:
source ~/.profile
Checking in your .npmrc
Once you have set up your environment variables, you can then check in the .npmrc, and replacing your token with the environment variable.
//registry.npmjs.org/:_authToken=${NPM_TOKEN}
How to Invalidate a Token
Although, npm does not derive the token from your password, but when you change your password the token will become invalid. A token can also be invalidated when you log out from a machine that is logged in with that particular token.
`npm token revoke` will be a better choice (see our tutorial on working with tokens for more information on this )
Summary
In this tutorial, you have learnt:
- The steps required to download to CI/deployment server
- how to create a new authentication token?
- how to set up a project-specific .npmrc file
- how to set environment variables?
- how to check in your .npmrc
- how to invalidate a token?
Previous:
Working with private packages
Next:
Docker and private packages
- New Content published on w3resource:
- Scala Programming Exercises, Practice, Solution
- Python Itertools exercises
- Python Numpy exercises
- Python GeoPy Package exercises
- Python Pandas exercises
- Python nltk exercises
- Python BeautifulSoup exercises
- Form Template
- Composer - PHP Package Manager
- PHPUnit - PHP Testing
- Laravel - PHP Framework
- Angular - JavaScript Framework
- React - JavaScript Library
- Vue - JavaScript Framework
- Jest - JavaScript Testing Framework