Reputation: 17530
How to use private npm package feed on visual studio team services build and release management
I started usign a private npm feed on my visual studio team services account, following their guide and having added a .npmrc file
registry=https://ascend-xyz.pkgs.visualstudio.com/_packaging/AscendNPMFeed/npm/registry
always-auth=true
The problem is that the build pipeline dont work now since it require some packages from this private package.
What is the proper setup for telling npm that it can authenticate using the build access token on visual studio team services?
Do i need to set a environment variable, call npm login or someting as a build step?
Upvotes: 10
Views: 7284
Answers (1)
Reputation: 454
Update after some intense testing on our builds, for anyone having problems getting up and running with this, and in respect of the original question:
- Edit build definition => options => "Allow scripts to access OATH token"
When enabled, and VSTS encounters a .npmrc file, it will run the npm command
vsts-npm-auth for you, which means the .npmrc in source control only have to contain
registry=https://YOUR_DOMAIN.pkgs.visualstudio.com/_packaging/FEEDNAME/npm/registry
always-auth=true
This goes for builds that uses the VSTS Npm task, be it publish or install
Given that you set the environment variable NPM_TOKEN for the VSTS Build that is running, the npm publish command is able to substitute this in your .npmrc file.
http://blog.npmjs.org/post/118393368555/deploying-with-npm-private-modules
So your .npmrc that you check into source control should look like
registry=https://YOUR_DOMAIN.pkgs.visualstudio.com/_packaging/FEEDNAME/npm/registry
always-auth=true
//YOUR_DOMAIN.pkgs.visualstudio.com/_packaging//npm/:_authToken=${NPM_TOKEN}
A token can be produced by either running the vsts-npm-auth command https://www.npmjs.com/package/vsts-npm-auth
Note that on windows, it needs the full paths sometimes for both target and source rc files (where -T: write-token-to-this-target-file), e.g
vsts-npm-auth -config c:\mysrc\.npmrc -T c:\mysrc\.npmrc -V Detailed
or, it can be generated in the "Connect to feed" dialog inside your (web interface) VSTS account under "Packaging".
Also note that, if you'd like to publish this automated and continuously, you must also find a way to bump the version number, something like
npm version patch --force -m "Published new version"
Take a look at this thread for more update package.json version automatically
VSTS does checkout HEAD commit id by default, so it's not straight forward to just run the npm version command and push back to git since one is in detached state.
Upvotes: 13
Related Questions
- How to Push NPM Package to Azure Artifact Feed?
- Setup Private NPM feed and publish Packages
- npm Azure Artifacts feed doesn't install all dependencies from upstream source
- Azure Artifacts Private npm Feed Authentication Failed
- VSTS package feed: Cannot install public npm packages after configuring client to work with vsts feed
- Installing private dependencies via npm in a VS Team Services CI build
- How to consume Private Package Feed in Azure DevOps?
- How can I use the npm packages from feed in my VSTS task?
- How do I Properly run NPM Install in Visual Studio Team Services Build Agent
- Adding private Nuget package feeds to Visual Studio Online