Menu
I am trying to use Gitlab as my new private npm package registry. I can publish my npm package (a library) to the projects registry using the CI_JOB_TOKEN. The problem: I can't read that package using npm ic in a Gitlab ci job of another project.
The hierarchy of groups/sub-groups/projects is
The error in the app-projects ci job is
npm ERR! code E404
npm ERR! 404 Not Found - GET https://my.gitlab.com/api/v4/projects/6/packages/npm/@group%2flib-project
npm ERR! 404
npm ERR! 404 '@group/lib-project@^1.0.1' is not in this registry.
When I try the URL https://my.gitlab.com/api/v4/projects/6/packages/npm/@group%2flib-project in my browser (logged in as the owner of those projects) I get info about the package, so the package is there.
When I try the same URL without being logged in I get {"message":"404 Project Not Found"}
So it seems it is a problem with the CI_JOB_TOKEN not having the permission to read from another project but it seems pretty common to use one GitLab project as registry (used by other projects). And it seems to be ok to use the CI_JOB_TOKEN to authenticate regarding to the GitLab docs. Any hint what I'm doing wrong?
606
You can configure the GitLab npm registry for the @group namespace using a .npmrc file:
@group:registry=https://my.gitlab.com/api/v4/projects/6/packages/npm/
//my.gitlab.com/api/v4/projects/6/packages/npm/:_authToken=${CI_JOB_TOKEN}
To avoid hard-coding the authToken value in the file, you can use the npm config set command to add the token to the file:
npm config set -- '//gitlab.example.com/api/v4/projects/6/packages/npm/:_authToken' "${CI_JOB_TOKEN}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
