Search…
JavaScript Support FAQs

Do you support private NPM libraries during build?

Yes, but it might require some additional work on your part. Please read this excellent article for all the technical details which will be described briefly below.
  1. 1.
    Add a .nprmrc file to your code repository with the contents that look something like //registry.npmjs.org/:_authToken=${NPM_TOKEN} Do not actually fill in your token here! Use the variable which will be substituted later (this file is safe to check in to your code version system).
  2. 2.
    Add a Build Argument to your Dockerfile, preferably somewhere near the top (add a comment so you can remember why you put it there too!) The line looks like ARG NPM_TOKEN
  3. 3.
    Add a copy command so the file is copied into your docker container right below the argument, but above the npm install command that you use. The line looks like COPY .npmrc .npmrc
  4. 4.
    Push your changes to Github or Bitbucket on a branch.
  5. 5.
    Make sure you generate (or use an existing) token that is READ-ONLY and can be revoked safely without affecting your other pipelines as best practice. Anyone who is an owner of your Release account can see and change these build arguments.
  6. 6.
    Now add a Build Argument in the account settings in the builds tab and add your token to the build arguments. This looks like the next screen:
Once you've done these steps, your build should use the NPM token you supplied to pull private libraries. If it works, merge your changes to the default or main development branch for use with your Release process.

What About Github packages?

The same applies for most other npm repositories as above. For Github packages, ensure that your token has privileges for ['read:packages']
Also you will want your .npmrc file to look similar to:
1
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
2
@myorg:registry=https://npm.pkg.github.com/
Copied!
Instead of adding App-Level Build Arguments, (which do work, but are usually reserved for Docker images), you can instead use regular Environment Variables for ${GITHUB_TOKEN} (and remember to add secret: true for the token).

NPM install works as you described, what about YARN?

The instructions seem to be the same for NPM as described above, but have one extra step to add an additional .yarnrc file for the private repository. Please see this discussion for more details. Please let us know if this works or the documentation can be improved!