'TeamCity and NPM login via OAuth token

I'm trying to integrate TeamCity Server (Windows) with my private NPM repo. I have create an OAuth token. But I can't find any examples how to use the token in regards to NPM login alone or via TeamCity?

npmoauthteamcity


Solution 1:[1]

SOLVED!

  1. In a PowerShell (run as ADMIN) run this:

    npm login --registry=https://registry.npmjs.org/ --scope=@your_npm_handle

(NB. Replace the your_npm_handle in the command above with YOUR private NPM handle!)

  1. Enter your username, password and NPM e-mail when prompted

You should now see a successful login to NPM

  1. Now run:

    npm config set always-auth true

  2. If you now run:

    npm config edit

you should see something like this / 3 lines of code in the file .npmrc

@your_npm_handle=https://registry.npmjs.org/
//registry.npmjs.org/:_authToken=xxxx-xxxx-xxxx-xxxx
always-auth=true

  1. Please remember: To use a placeholder to your AUTH token ID and place the actual AUTH token in an .env file and only ref. to it in the .npmrc file). Replace this: authToken=xxxx-xxxx-xxxx-xxxx with this: authToken=${NPM_TOKEN} and in your .env file add this: NPM_TOKEN=xxxx-xxxx-xxxx-xxxx

  2. Add this .npmrc file in the ROOT of your project.

  3. Commit and publish the .npmrc file to source control (not the .env file!)

  4. TeamCity will now download the .npmrc file together with the rest of your source code and run with success because it will use the NPM config file and thereby be able to access your private NPM repo and download all you private @packages.

  5. Remember to activate F2A to your NPM account + to your NPM AUTH tokens.

Be aware this solution ONLY works on multiple machines as long as none of the machines don't invalidate this single AUTH token. In this case use a separate AUTH token setup for each machine or simply use NPM LOGIN instead each time.

Solution 2:[2]

I stumbled upon this while dealing with something similar and i thought sharing a bit, cause the accepted answer is pretty insecure:

a) You should not push your token/keys into a version control. Period. This is a security flaw.

b) You don't need to log in via npm login to retrieve your key. You should log in to npmjs.com where you will see a section called "Access Tokens". There you can create tokens to use for this situation and mark them as read-only as well. (or you can use command line to create tokens as well)

c) Teamcity offers "parameters". You can set up a secret there to use during the build. You can do this at root or project level. Create an "environment" parameter and mark it as read-only and as a password so it is secure.

d) For example if you have a docker build, pass it in as a --build-arg NPM_TOKEN=%env.yourTokenName% as additional parameter, then ${NPM_TOKEN} can be used in your .npmrc file if you set it up in your Dockerfile correctly (ARG NPM_TOKEN)

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1
Solution 2 Dharman

Related Questions

how to setup Teamcity (2021.2.2) deploy app with clickonce

how to setup Teamcity (2021.2.2) deploy app with clickonce

Problem referencing transitive dependencies when building a specific .NET Core project in TeamCity

TeamCity Build with mixed (.Net Framework + .Net Core) projects solution - Is it possible?

How Do I set a Teamcity Trigger on a Particular Folder for Git VCS trigger

TeamCity doesn't pick up result of xUnit tests when testing .NET Core project

Teamcity - CI/CD - iOS - xcodebuild - signing - No signing certificate "iOS Development" found

Run Jasmine tests (coupled to DOM/jquery etc) via command line for CI

Failed to perform checkout on agent: Unable to delete conflicting workspace

How to use TeamCity DSL versionedSettings feature?

TeamCity / Bitbucket Server pull request with multiple VCS roots

Unable to start TeamCity Build agent on Docker

How to install specified framework in Teamcity server as a build step

How to enable upload key option in teamcity

How to integrate Gitversion