How should I set _auth in .npmrc when using a Nexus https npm registry proxy?
After having looked at registry-client
code I found the answer, here it is. I post it as it may help other people:
base64Encode(<username>:<password>)
By the way, there is an URL encoding, but it's authify.js
that takes care of it.
The "socket hang up" problem I'm facing is due to the fact that if a proxy is set in Windows configuration, when launching npm
from CLI (and not from a Maven build) all ```.npmrc`` proxy settings seem to be ignored while native proxy exclusions (for corporate urls) are ignored by npm. I'll open a ticket to report this weird behavior.
Sources: https://help.sonatype.com/repomanager3/nexus-repository-administration/formats/npm-registry/npm-security & https://help.sonatype.com/repomanager3/nexus-repository-administration/formats/npm-registry/publishing-npm-packages
Configure registry (its important doing this before configuring the authentication in step 2, because the authentication settings will be based on the registry):
npm config set registry="http://localhost:8081/repository/npm-internal/"
Configure authentication using a line like the following example:
npm config set _auth="$(echo -n 'username:password' | base64)"
Check the current configuration using the following:
npm config ls
Publish your npm package:
npm publish --registry http://localhost:8081/repository/npm-internal/
If you have authorization token you should not use username:password. I suggest you:
Generate token
- Delete your ~/.npmrc or rename it.
- Make sure your env settings like $NPM_CONFIG_* are unset.
- Verify that email and other settings are unset by using:
npm config list
- Log into the npm using:
npm login --registry=https://nexus.whatever.registry/respository/npm-whatever-group/
- Once you are logged - you are logged. The npm should generate a token for it in your ~/.npmrc. It will look like:
//nexus.whatever.registry/respository/npm-whatever-group/:_authToken=NpmToken.YOUR-LOVELY-TOKEN-IN-HEX
- You can use that token in your project, CI pipeline, and other ones. Make sure in your project .npmrc there is:
//nexus.whatever.registry/respository/npm-whatever-group/:_authToken=NpmToken.YOUR-LOVELY-TOKEN-IN-HEX
email = <EMAIL_USED_FOR_TOKEN_GENERATION>
always-auth = true
registry = https://nexus.whatever.registry/respository/npm-whatever-group/
If you have problems with authentication/certs:
- add env variable (also to your CI/CD pipline) $NODE_EXTRA_CA_CERTS to point to /home/wherever/is/your/cert.pem
For CI/CD pipelines (like gitlabs or jenikins):
- consider replacing actual values from your .npmrc project file with
${RELEVANT_ENV_VARIABLES}
. This way you will make them less visible and always self-updating on change of pipline.
- consider replacing actual values from your .npmrc project file with
Hope this help.