With the newly created Github Package Registry, you can store your private packages in the same place as your code.
Deploying packages and use them inside a package.json file is very simple. When it comes to use them in a CI/CD environment it's a bit tricky.
First, we need to provide our ci/cd environment a secure way to retrieve packages from our private repositories. Using the classic npm login is secure but not very handy. So the TOKEN approach is what I chose. See more info about creation here. You only need to provide read access to packages.
Then we need to set a reference to our private repositories for npm to resolve and find it. The easiest way is to set an .npmrc file at the root of your project and put things this way :
registry=https://registry.npmjs.org/
@owner:registry=https://npm.pkg.github.com/
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
The trick here is to indicate the default registry (registry.npmjs.org) for all other public packages you want to use.
Be sure to replace owner by your organisation name. The GITHUB_TOKEN is stored as environment variable (you have many ways to hide it on your machine and in some ci/cd tools, don't need to hardcode it).
Hope it helps !
Top comments (2)
Great ! Many thanks Julien
amazing ! u rock 🤘