ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

Private NPM Package With GitHub Packages

Share on whatsapp
Share on facebook
Share on twitter
Share on linkedin

In this short tutorial you will learn everything you need to know about creating a private NPM package using GitHub Actions. Before beginning you will need a basic knowledge of Git and GitHub

For those hearing this for the first time a NPM package is a JavaScript/Typescript library for used for Node.js sites. Private NPM packages are only available to a particular persons or personnel in an organization as the name implies, the allure of private NPM packages is the you may have a node package that you want to use on various projects and you want the code the remain private.

The standard way for doing this is to create a private NPM package on npmjs.com, but this will cost money a free alternaative is to use GitHub Actions and Packages, which is what I will be explaining.

There is something called a scoped NPM package, it simply means the package is installed with a name in front of it e.g

npm install @username/my_repository

All private packages have to be scoped but not all scoped packages are private

 

Step 1

Firstly let’s setup a simple package with JavaScript, to do this we first run

npm init - y

This will create our “package.json” file and accept all the default.

Add the following to your package.json file under the “main” attribute

"publishConfig": {
    "registry":"https://npm.pkg.github.com/@toluolatubosun"
  },

Ensure to replace @toluolatubosun with you GitHub username or your organization username

The name of the npm package should be in the format

"name": "@toluolatubosun/npm-private-package"

The we create our main js file in my case “index.js”

Create a “.npmignore” file and add this line

.github

This will prevent the GitHub actions we will add later from being pushed to the npm package repository.

 

Step 2

Create a GitHub repository and ensure the name of the repository is the same as the name of the NPM package, ensure the repository is set to private

The next thing to do is to push the package to the GitHub repository ( I explained how to do this in my GitHub tutorial )

 

Step 3

In this step we will setup the GitHub Actions, the GitHub Actions will automatically deploy our package anytime we push to the main branch.

Note that when pushing to the main branch update the version of the package, this is because the package will be deployed and it need an new version number. 

On the repository page click on the “Actions” tab and the select “set up a workflow yourself”

 

Paste this code to the “main.yml” file

name: Node.js Package


on:
  push:
    branches:
      - main


jobs:
  publish-gpr:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-node@v1
        with:
          node-version: 12
          registry-url: https://npm.pkg.github.com/
          scope: '@toluolatubosun'
      - run: npm install
      - run: npm publish
        env:
          NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}

Note replace @toluolatubosun with the appropriate username 

Then commit the changes

 

Step 4

Now lets talk about how to install a private package on NPM.

Firstly create a node project, then create a file in the root directory called “.nmprc” and add the following code snippet

@390labs:registry=https://npm.pkg.github.com/ 
//npm.pkg.github.com/:_authToken=$TOKEN

$TOKEN is an environment variable

On the top right corner on GitHub click your profile image and then select “setting”, then select “Developer settings” from the dropdown at the left

You then click on personal access token

Next Click on “Generate new token”, you will then be prompted to enter your password. Give the token at least read package access

Then set the TOKEN environment variable with the GitHub access token or replace $TOKEN with the access token directly in the .npmrc file

Now, to install the package run

npm install @toluolatubosun/npm-private-package

Note replace the scope and the repository name with the one of your

 

Congratulations you have setup and installed a private NPM package. I hope this article helped, if you have any questions feel free to send me an email.

 

ADVERTISEMENT

Other Blog Posts

GitHub Essentials

Every programmer at point in time must have heard about GitHub, maybe from a friend, colleague or during a tutorial. GitHub is basic a tool

Read More

Game Of Thrones Review

Game of Thrones is an HBO series which aired from 17th April, 2011 to 19th May, 2019. It is a fantasy drama television series based

Read More

Introduction To Git

Git is a distributed version control system (VCS). Simply put it is a system that tracks changes to files in a project, which enabling us

Read More