DEV Community 👩‍💻👨‍💻

Cover image for Github private package with CI/CD
Julien for Monisnap

Posted on

Github private package with CI/CD

With the newly created Github Package Registry, you can store your private packages in the same place as your code.

Deploying packages and use them inside a package.json file is very simple. When it comes to use them in a CI/CD environment it's a bit tricky.

First, we need to provide our ci/cd environment a secure way to retrieve packages from our private repositories. Using the classic npm login is secure but not very handy. So the TOKEN approach is what I chose. See more info about creation here. You only need to provide read access to packages.

Then we need to set a reference to our private repositories for npm to resolve and find it. The easiest way is to set an .npmrc file at the root of your project and put things this way :

registry=https://registry.npmjs.org/
@owner:registry=https://npm.pkg.github.com/
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}

The trick here is to indicate the default registry (registry.npmjs.org) for all other public packages you want to use.

Be sure to replace owner by your organisation name. The GITHUB_TOKEN is stored as environment variable (you have many ways to hide it on your machine and in some ci/cd tools, don't need to hardcode it).

Hope it helps !

Top comments (2)

Collapse
 
tristan profile image
tristan

amazing ! u rock 🤘

Collapse
 
monisnapjonathan profile image
Jonathan BROSSARD • Edited on

Great ! Many thanks Julien

Update Your DEV Experience Level:

Settings

Go to your customization settings to nudge your home feed to show content more relevant to your developer experience level. 🛠