0

We have a React application that builds via npm on Azure DevOps. For the time being I've excluded our package-lock.json from our repository because a few of the packages we use come from private npm registries and this installs and builds fine. However the other day latest version of a package broke our application (it was bound to happen). When running npm install from the npm DevOps task and a package-lock.json file is present it will only ever go to the npm public registry even though the package-lock.json points to a private npm registry. I don't want to lock down my package.json file as that is what package-lock.json is for. How can I get Azure DevOps build to use package-lock.json but also retrieve packages from private npm registries? Do I need to setup an Azure Artifact that points to a private npm registry?

Update:

The following is the error I receive during the install process (when package-lock.json is present):

Error: 404 Not Found - GET https://npm.sencha.com/@sencha%2fext-modern-treegrid/-/@sencha/ext-modern-treegrid-7.0.0.tgz verbose stack at C:\Program Files\nodejs\node_modules\npm\node_modules\npm-registry-fetch\check-response.js:104:15 verbose stack at runMicrotasks () verbose stack at processTicksAndRejections (internal/process/task_queues.js:97:5)

If I run npm install locally works fine.

user1015196
  • 617
  • 1
  • 7
  • 24
  • Did you get any error when running npm install with the package-lock.json file is present in azure devops pipeline? I create a package-lock.json points to my private npm registry for testing. I could see from the task log it indeed tried to download the package from the private registry. – Levi Lu-MSFT Apr 27 '20 at 09:29
  • @LeviLu-MSFT I've added an update, but essentially yes error is 404 – user1015196 Apr 27 '20 at 17:51
  • 1
    Did you create a npm service connection and setting up authentication using npm Authenticate task? You can check [Set up authentication in a build task](https://learn.microsoft.com/en-us/azure/devops/artifacts/npm/npmrc?view=azure-devops&tabs=windows#set-up-authentication-in-a-build-task). – Levi Lu-MSFT Apr 28 '20 at 08:50
  • If npm Authenticate task doesnot work, you can have a try setting up authentication by running `npm set ///:_authToken $TOKEN` and run `npm install ` command in a script task instead of using npm install task. Check [this thread](https://stackoverflow.com/questions/23460980/set-up-npm-credentials-over-npm-login-without-reading-input-from-interactively) for authentication with scripts – Levi Lu-MSFT Apr 28 '20 at 08:50
  • No using a file creator task I generate an .npmrc file with user name and token information that I securely store in task groups library. This .npmrc file is then picked up by npm install task. I'll try your recommended method and let you know. – user1015196 Apr 28 '20 at 15:52
  • @LeviLu-MSFT First off wanted to thank you for your help. Looks like changing my .npmrc file to be generated by service connection worked. I'm not sure why my manually created .npmrc file works when package-lock.json is not present and doesn't when it is but I'll take it. :) – user1015196 Apr 30 '20 at 07:18
  • Hi @user1015196 I am glad to hear it was fixed. So the solution is creating a npm service connection and select this service connection for `Credentials for registries outside this organization/collection` field of npm task to authenticate, right? Can you post out the steps you took to the answer of this case? – Levi Lu-MSFT Apr 30 '20 at 07:48
  • @LeviLu-MSFT looks like I may have spoken too soon. I was working on this late so I didn't pay close attention. All I saw was that the npm install task succeeded and so I assumed everything was working. However looking at the logs looks like quite the opposite. Now it doesn't even appear to go to the right URL node activate.js [platform-installer][stderr]: npm ERR! 404 Not Found - GET https://registry.npmjs.org/@sencha%2fcmd-windows - Not found – user1015196 Apr 30 '20 at 19:42

0 Answers0