Skip to content

Add npm-login goal to authenticate in private npm repository #1021

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add npm-login goal to authenticate in private npm repository #1021

wants to merge 1 commit into from

Conversation

@koden8
Copy link

@koden8 koden8 commented Jan 26, 2022

Hello. In our organization, we use Nexus as a private npm registry and maven repository. To simplify the initial project setup and to store the authentication settings in one place (~/.m2/settings.xml), we developed the "npm-login" goal, which is identical to the npm login command - getting an authentication token and writing it to ~/.npmrc

Running Npm Login

<execution>
    <id>npm login</id>
    <goals>
        <goal>npm-login</goal>
    </goals>

    <!-- optional: the default phase is "generate-resources" -->
    <phase>generate-resources</phase>

    <configuration>
       <npmRegistryURL>https://npm-registry.com</npmRegistryURL>
       <npmRegistryServerId>npm-registry</npmRegistryServerId>
    </configuration>
</execution>

and server section in ~/.m2/settings.xml

<?xml version="1.0"?>
<settings>
  ... 
  <servers>
    <server>
      <id>npm-registry</id>
        <username>username</username>
        <password>password</password>
    </server>
  </servers>
  ...

@nlahiry
Copy link

nlahiry commented Feb 22, 2024

i need this same thing , but what i want , is to use authtoken or username/password stored in my azure build servers when i run the pipeline

@codingWombat
Copy link

would be nice to get this feature, as we currently need to install npm manually for login

@PlasticGhoul
Copy link

+1

@liefke
Copy link
Contributor

liefke commented Sep 6, 2024

For all working with auth tokens: If you use an environment variable in your .npmrc file, you can add it next to your package.json in your git repository and keep the token in your settings.xml:

settings.xml

<profile>
	<id>npm-auth</id>
	<activation>
		<activeByDefault>true</activeByDefault>
	</activation>
	<properties>
		<NPM_AUTH_TOKEN>my-api-token</NPM_AUTH_TOKEN>
	</properties>
</profile>

.npmrc

registry = https://my-artifact-server/my-repository
//my-artifact-server/my-repository:_authToken=${NPM_AUTH_TOKEN}

pom.xml

<plugin>
	<groupId>com.github.eirslett</groupId>
	<artifactId>frontend-maven-plugin</artifactId>
	<configuration>
		<environmentVariables>
			<NPM_AUTH_TOKEN>${NPM_AUTH_TOKEN}</NPM_AUTH_TOKEN>
		</environmentVariables>
	</configuration>
</plugin>

That way there is no need to login in the build process.

@espen-j
Copy link

espen-j commented Sep 1, 2025
edited
Loading

You can use ENV variables and .npmrc next to your package.json as @liefke already pointed out.

Here's an example using a Jenkinsfile. (Stripped down to the essentials.)

    stages {
        stage('CI Pipeline') {
            environment {
                NPM_AUTH_TOKEN = credentials('npm-token')
            }
            steps {
               sh 'mvn clean verify -U'
           }

And the .npmrc:

registry=https://my-artifact-server/my-repository
//my-artifact-server/my-repository:_authToken=${NPM_AUTH_TOKEN}

No need to expose secrets clear text in any pom files.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@koden8 @nlahiry @codingWombat @PlasticGhoul @liefke @espen-j