- You have created the private, public and virtual NPM repos and associated blob stores.
- Created a user with access to be able to read and publish to npm repo
- You have added a npm bearer token realm to be able to do publish. Publish requires user authentication and realm config on server. Note: The default realm that is applied is called the Local Authentication and Local Authorization realm. They allow the repository manager to manage security setup without additional external systems.
- No npmrc to begin with, If you have one then rename it before going ahead.
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:48:15
$ cat ~/.npmrc
cat: /Users/kiran/.npmrc: No such file or directory
To allow self-signed certificate. Note: Ideally you should do - npm config set cafile ~/Downloads/nexusCACert.pem
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:48:17
$ npm config set strict-ssl false
Set registry to point to your private repo
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:48:23
$ npm config set registry https://nexus.company.com/repository/npm-private/
Check the ~/.npmrc file
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:48:41
$ cat ~/.npmrc
strict-ssl=false
registry=https://nexus.company.com/repository/npm-private/
Set Email for admin:
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:48:49
$ npm config set email admin@company.com
Add user for and authenticate so that the authtokens are created
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:49:01
$ npm adduser
Username: wwarnpmuser
Password:
Email: (this IS public) (admin@company.com)
Logged in as wwarnpmuser on https://nexus.company.com/repository/npm-private/.
Test publish
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:49:19
$ npm publish
npm notice
npm notice 📦 tulsi-node@1.1.21
npm notice === Tarball Contents ===
npm notice 1.0kB package.json
npm notice 192B .eslintrc.json
npm notice 1.7kB awsses-lib.js
npm notice 489B buildspec.yml
npm notice 5.9kB cache-lib.js
npm notice 927B dynamodb-lib.js
npm notice 1.0kB global.js
npm notice 13.2kB index.js
npm notice 1.7kB logger-lib.js
npm notice 1.4kB maria-lib.js
npm notice 51B README.md
npm notice 6.2kB request-handler.js
npm notice 2.5kB response-lib.js
npm notice 995B sequelize-lib.js
npm notice 1.6kB ses-lib.js
npm notice 3.9kB sns-lib.js
npm notice 8.2kB sqs-lib.js
npm notice 4.9kB other/log.md
npm notice 214B test/test.js
npm notice === Tarball Details ===
npm notice name: tulsi-node
npm notice version: 1.1.21
npm notice package size: 15.1 kB
npm notice unpacked size: 56.1 kB
npm notice shasum: 962bcb385931a89441419a217362cfadb4deb499
npm notice integrity: sha512-b0yQ3Q+bTy6yl[...]icYBiUFsKp9Tw==
npm notice total files: 19
npm notice
+ tulsi-node@1.1.21
Check contents of ~/.npmrc
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:51:42
$ cat ~/.npmrc
strict-ssl=false
registry=https://nexus.company.com/repository/npm-private/
email=admin@company.com
//nexus.company.com/repository/npm-private/:_authToken=NpmToken.MASKED
~/Documents/GIT/project/temp/tulsi-node on master! ⌚ 13:52:42
$
~/Downloads/Test ⌚ 12:00:17
$ rm ~/.npmrc
~/Downloads/Test ⌚ 12:00:19
$ npm config set strict-ssl false
~/Downloads/Test ⌚ 12:00:24
$ npm config set email admin@kisanagaram.com
~/Downloads/Test ⌚ 12:00:28
$ mkdir sampleApp && cd sampleApp
~/Downloads/Test/sampleApp ⌚ 12:00:31
$ npm init -y
Wrote to /Users/kiran/Downloads/Test/sampleApp/package.json:
{
"name": "sampleApp",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC"
}
~/Downloads/Test/sampleApp ⌚ 12:00:35
$ touch index.js
~/Downloads/Test/sampleApp ⌚ 12:00:38
$ vi package.json
~/Downloads/Test/sampleApp ⌚ 12:00:51
$ npm login --registry=https://nexus.kisanagaram.com/repository/npm-private/
Username: wwarnpmuser
Password:
Email: (this IS public) (admin@kisanagaram.com)
Logged in as wwarnpmuser on https://nexus.kisanagaram.com/repository/npm-private/.
~/Downloads/Test/sampleApp ⌚ 12:01:08
$ npm install
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN sampleApp@1.0.0 No description
npm WARN sampleApp@1.0.0 No repository field.
up to date in 0.859s
found 0 vulnerabilities
~/Downloads/Test/sampleApp ⌚ 12:01:16
$ npm publish
npm notice
npm notice 📦 sampleApp@1.0.0
npm notice === Tarball Contents ===
npm notice 321B package.json
npm notice 0 index.js
npm notice === Tarball Details ===
npm notice name: sampleApp
npm notice version: 1.0.0
npm notice package size: 339 B
npm notice unpacked size: 321 B
npm notice shasum: f5eedd450055c792c56d8962e91f0f706c33f3b7
npm notice integrity: sha512-GLLFQELCcZv2F[...]e2So8XIlt9EpA==
npm notice total files: 2
npm notice
+ sampleApp@1.0.0
~/Downloads/Test/sampleApp ⌚ 12:01:23
$