10

I'm trying to install a package that exists on our private repo. The goal is to share the repo with a partner, but I need to make sure they can install it. In theory, it should work, but none of the documented solutions are working for me

I've tried adding the package to the package.json file

"dependencies": {
    "package_name": "git+https://<deploy-token-name>:<deploy-token>@gitlab.domain.com/group/repo.git"
}

And then installing with npm but it seems to fail on the deploy token, but it's hard to say because the log isn't very helpful and then our whole gitlab deployment goes down for a moment #fun 

29 error
29 error undefined
29 error exited with error code: 128

I've also tried with a private access token

"package-name": "https://oauth2:<access-token>@gitlab.domain.com/group/repo.git"

This results in an actual error that I can understand, except the error is saying there isn't a package.json in the repository, but there most certainly is

npm ERR! package.json Non-registry package missing package.json: package-name@https://oauth2:<access-token>@gitlab.domain.com/group/repo.git.
npm ERR! package.json npm can't find a package.json file in your current directory.

I've tried with ssh (with a ssh key setup that works for commits etc)

git+ssh://git@my-domain.com:my-project/my-repo#my-branch

And that results in an error

npm ERR! premature close

I've read through a dozen related issues and articles, but nothing is working for me

islalobo
  • 617
  • 2
  • 8
  • 22

3 Answers3

1

I've got the same issue and I managed to fix it. The gitlab repository that I wanted to install didn't have a package.json file.

erwamartin
  • 31
  • 1
  • 4
0

Check dependency package.json

On npm install, the error npm ERR! premature close seems common if there's any problems with depency package.json's...

  • Does a package.json exist?
  • Is everything inside absolutely correct?
  • Everything ok with dependencies dependencies?

In my case, I had an illegal version number ("1" instead of "1.0.0"). This was not an issue on my local environment, but only when deploying to remote production. Fixing this cleared the error right away.

For reference this is my dependency line:

"myCustomRepo" : "git+https://MyGithubUsername:MyGithubPublicAccessToken@github.com/MyGithubUsername/myCustomRepo"
Kalnode
  • 9,386
  • 3
  • 34
  • 62
-1

You should use Scopes if you want to install private npm packages.

You can define a scope in .npmrc file of your repository.

example .npmrc in your application repo: 

@scopeName:registry=http://private-npm-registry/
always-auth=true

So npm can handle a dependency like: @scopeName/yourprivateModule@version

The token to access this repo should not be included in your Repository in should be configured in your home folders .npmrc . Npm will first look in ther current folder for a .npmrc and later in your home folder. The configured options will be merged.

But this approach is only good for you if you publish your package to a private npm registry. https://docs.gitlab.com/ee/user/project/packages/npm_registry.html#authenticating-with-an-oauth-token

So to summarize this:

  • configure your scope in a .npmrc file of your repository
  • configure access token in .npmrc file of your environment user

  • add scoped dependency to your package.json

    e.g.

npm i @scopeName/yourprivateModule@version

straeger
  • 402
  • 3
  • 12
  • 1
    Thanks, I'm not publishing the package to a private npm registry but rather attempting to instal from a private gitlab repository – islalobo Jan 28 '19 at 15:43
  • Yes you have wrote that. I just wanted to point you to an easier solution. Maybe the error message is a little bit unclear. I can imagine that your dependency repo doesn't have a package.json.? I would check that at first. – straeger Jan 28 '19 at 15:52
  • The dependency repo does have a package.json - but it could be that it isn't recognized for some reason based on errors I see when trying to install with an access token – islalobo Jan 28 '19 at 16:03
  • I'm not sure how to ensure the package.json file is visible if it's there but not recognized by npm – islalobo Jan 28 '19 at 16:04
  • Also, it's cost money to publish private npm packages, whereas this ~should~ work according to the documentation – islalobo Jan 28 '19 at 18:38
  • I would suggest to install the dependend repo localy by file to check that the package.json is recognized correctly. Just to be sure that the repo/branch version is a valid npm module. npm install /path – straeger Jan 29 '19 at 08:13
  • Could also be a issue with the package-lock.json Maybe this can help you: https://github.com/coryetzkorn/state-svg-defs/issues/1 – straeger Jan 29 '19 at 09:14
  • I can install the dependency repo locally, which is the funny thing. So, I have the dependency in the package.json file and can install to the application ```"package-name": "file:../package-name",``` – islalobo Jan 29 '19 at 18:13
  • Thank you for the suggestions. I deleted the package-lock.json file and node_modules (I ran into that same ticket/issue while looking around for an answer). I added the dependency to my own github as a private repo and was able to install just fine, leaving me to suspect that it's an issue with how we have gitlab hosted (if not gitlab itself). Not sure, but still investigating. – islalobo Jan 29 '19 at 18:16