Skip to main content

Jenkins: Accessing Private NPM Repository

For a Jenkins build server to publish packages to an NPM repository, the jenkins user account must be able to authenticate to the NPM repository.

NPM repository authentication is normally performed with an authentication tokens.

The auth token is stored in this file: ~/.nmprc, of the user account.

So. Since our Jenkins build server executes pipeline steps as the jenkins user account, we need to somehow get an auth token into the HOME folder of that account.

We have a couple ways to do this:

  • Run a one-time pipeline step (that will create the jenkins user and retreive an auth token).
  • Run as a jenkins user in a shell, that will do the same.

For either method, we need to install a package, called: npm-cli-adduser.
This package will allow us to add users that can be used by npm publishing steps.

Here's how to install npm-cli-adduser, globally on a host:

npm install -g npm-cli-adduser

The above, will install the tool, globally.
So, there shouldn't be a need to install in a Jenkins user shell session.

Next, we need to decide which method we will follow, to create the new NPM repository user and get an authentication token for it.

Regardless of the choice, a successful outcome will create a new account on the repository, and give Jenkins an authentication token for publishing packages.

One-Time Pipeline Step

Doing this method involves creating a temporary Jenkins build job that includes the following pipeline step:

// NOTE: If you have to do this again, set the password to something valid.
stage('Add User')
  {
    // This step is enabled once, to add the jenkins user to the registry, under the jenkins service account context.
    steps
    {
        // NOTE: Make sure the user name is unique.
        // We don't really care about what it is, as we only want the auth token put in the jenkins ~/ folder.
        sh "npm-cli-adduser -u <username> -p <set-a-valid-password> -e LeeWhite187@gmail.com -r https://npmrepo.ogsofttech.com:4873/"
      }
    }

NOTE: Be sure to a username and password that Jenkins will use to authenticate to the NPM repository.

Running the above pipeline step in a build job will create the user on the NPM repository, and return an authentication token that will be stored in the Jenkins home folder "~/".

From a Jenkins Shell

Open an SSH connection to the Jenkins build server, and execute the following to gain a shell session as the jenkins system account:

sudo su jenkins

NOTE: If you haven't already modified the kjenkins account to have a defined shell and profile, follow the steps, here: Ubuntu: Converting a System Account to Interactive

With a shell open as the jenkins user, we can run the same command as the pipeline, above:

npm-cli-adduser -u <username> -p <set-a-valid-password> -e LeeWhite187@gmail.com -r https://npmrepo.ogsofttech.com:4873/

NOTE: Be sure to a username and password that Jenkins will use to authenticate to the NPM repository.

Success

Once we've done either of the above methods, the Jenkins build server will have an auth token that it can used to publish packages to the NPM repository.

The authentication token will be stored on a file, here: ~/.npmrc

If successful, we can open that file, and see the received auth token tied to the repository URL.

image.png

The above shows we have an auth token for our repository.
And, our NPM config points to our private repository.

 

No Comments
Back to top