This repository contains tools to simplify the process of working with npm/yarn packages using Artifact Registry.
The Artifact Registry google-artifactregistry-auth module is an npm package which allows you to configure npm/yarn to interact with npm private repositories in Artifact Registry.
For more details, see https://cloud.google.com/artifact-registry/docs/nodejs/authentication
The module automatically searches for credentials from the environment and authenticates to Artifact Registry. It looks for credentials in the following order:
- Google Application Default Credentials.
- The current active account logged in via
gcloud auth login. - If neither of them exist, an error occurs.
NOTE: This module would update credentials for all Artifact Registry repositories. It would not be suitable if you use multiple account credentials in npmrc/yarnrc file.
To use the module:
-
Log in
Option 1: log in as a service account:
(1). Using a JSON file that contains a service account key:
`$ export GOOGLE_APPLICATION_CREDENTIALS=[path/to/key.json]`(2). Or using gcloud:
`$ gcloud auth application-default login`Option 2: log in as an end user via gcloud:
$ gcloud auth login -
Add settings to connect to the repository to .npmrc / .yarnrc.yml. Use the output from the following command:
2.1. For npm (and .npmrc)
`$ gcloud artifacts print-settings npm`
```
registry=https://LOCATION-npm.pkg.dev/PROJECT_ID/REPOSITORY_ID/
//LOCATION-npm.pkg.dev/PROJECT_ID/REPOSITORY_ID/:always-auth=true
```
Where
**PROJECT_ID** is the ID of the project.
**REPOSITORY_ID** is the ID of the repository.
**LOCATION** is the location of the repository.
2.2. For yarn (and .yarnrc.yml)
Add to
```
npmScopes:
workspace:
npmRegistryServer: 'https://LOCATION-npm.pkg.dev/PROJECT_ID/REPOSITORY_ID'
npmAlwaysAuth: true
npmAuthToken: 'empty'
```
Where
**PROJECT_ID** is the ID of the project.
**REPOSITORY_ID** is the ID of the repository.
**LOCATION** is the location of the repository.
-
Use one of these below options to run the script
-
Run the module outside of the directory containing the target npmrc file
npm:
$ npx google-artifactregistry-auth --repo-config=[./.npmrc] --credential-config=[~/.npmrc]yarn:
$ npx google-artifactregistry-auth --repo-config-yarn=[./.yarnrc.yml] --credential-config-yarn=[~/.yarnrc.yml] -
Include the command in the scripts in package.json
npm:
"scripts": { "artifactregistry-login": "npx google-artifactregistry-auth --repo-config=[./.npmrc] --credential-config=[~/.npmrc]", }yarn:
"scripts": { "artifactregistry-login": "npx google-artifactregistry-auth --repo-config-yarn=[./.yarnrc.yml] --credential-config-yarn=[~/.yarnrc.yml]", }Where:
--repo-configis the.npmrcfile with your repository settings. If you don't specify this flag, the default location is the current directory.--credential-configis the path to the.npmrcfile where you want to write the access token. The default is your user.npmrcfile.--repo-config-yarnis the.yarnrc.ymlfile with your repository settings. If you don't specify this flag, the default location is the current directory.--credential-config-yarnis the path to the.yarnrc.ymlfile where you want to write the access token. The default is your user.yarnrc.ymlfile.
If you want to skip checking for npm Artifact Registry domain and allow the auth token to be attached to any domains, add the flag
--allow-all-domainsAnd then run the script
$ npm run artifactregistry-login -
npxshould come withnpm5.2+. Ifnpxis not available:Install the module from npmjs.com as a dev dependency and include the command in the script
$ npm install google-artifactregistry-auth --save-devnpm:
"scripts": { "artifactregistry-login": "./node_modules/.bin/artifactregistry-auth --repo-config=[./.npmrc] --credential-config=[~/.npmrc]", }yarn:
"scripts": { "artifactregistry-login": "./node_modules/.bin/artifactregistry-auth --repo-config-yarn=[./.yarnrc.yml] --credential-config-yarn=[~/.yarnrc.yml]", }Run the script
$ npm run artifactregistry-login
-