Ask A Question

View Question

Hi!
I'm trying to publish my private npm package to the private npm feed in PROGET.
According to the article (https://inedo.com/support/documentation/proget/feeds/npm), i've created API key, give him all API permissions (Native API, Package promotion,Webhooks, Feed API). Then I converted this this string - api:{MYPRIVATEAPIKEY} to base 64. Also, i created a user API and associate this key with user API. on my pc, I added it with commands:

npm config set always-auth=true
npm config set _auth={ENCODEDBASE64STRING}

When I'm trying to publish, i've got an error:

D:\Work\npm_test>npm publish --registry https://MYNPM_REGISTRY_IN_PGOGET/
npm notice
npm notice package: npm_test@1.0.0
npm notice === Tarball Contents ===
npm notice 227B package.json
npm notice === Tarball Details ===
npm notice name: npm_test
npm notice version: 1.0.0
npm notice package size: 257 B
npm notice unpacked size: 227 B
npm notice shasum: ...cb8bd...
npm notice integrity: sha512-...9GHz4...H[...]1gmhAQQ...w==
npm notice total files: 1
npm notice
npm ERR! path C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz
npm ERR! code EPERM
npm ERR! errno -4048
npm ERR! syscall unlink
npm ERR! Error: EPERM: operation not permitted, unlink 'C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz'
npm ERR! { [Error: EPERM: operation not permitted, unlink 'C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz']
npm ERR! cause:
npm ERR! { Error: EPERM: operation not permitted, unlink 'C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz'
npm ERR! errno: -4048,
npm ERR! code: 'EPERM',
npm ERR! syscall: 'unlink',
npm ERR! path:
npm ERR! 'C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz' },
npm ERR! isOperational: true,
npm ERR! stack:
npm ERR! 'Error: EPERM: operation not permitted, unlink 'C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz'',
npm ERR! errno: -4048,
npm ERR! code: 'EPERM',
npm ERR! syscall: 'unlink',
npm ERR! path:
npm ERR! 'C:\Users\user\AppData\Local\Temp\npm-708012-82004fd9\tmp\fromDir-96abcd90\package.tgz' }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It's possible that the file was already in use (by a text editor or antivirus),
npm ERR! or that you lack permissions to access it.
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator (though this is not recommended).

npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\user\AppData\Roaming\npm-cache_logs\2019-05-21T08_42_02_681Z-debug.log

What's wrong?

Product: ProGet
Version: 5.2.1

HI Taras,

Please try to either:

Run this in a cmd.exe window with administrator permissions.
Use npm login--registry https://MYNPM_REGISTRY_IN_PGOGET/ before npm publish.
Hope this helps!

Thanks,
Jason

Hi, Jason!
Thanks for your reply.
I need to login automatically (from CI, TeamCity)
So, when i'm trying use npm login, its asking user and password

This seems to be a known limitation for automating a publish command. Some recommend using npm-cli-login in order to provide login credentials.

Thanks,
Jason

And there are no way to publish npm packages with tokens and without any additional plugins?

Here is what we have documented for publishing npm packages to proget from a command line..

To configure npm to use the npm ProGet feed, run the following command:

npm config set [@scope]:registry http://progetaddress/npm/npm
If your feed does not allow anonymous access, you will also need to run this command:

npm config set always-auth true [--scope:@scope]
To log in to ProGet using npm, run the adduser command and specify a ProGet user account and password:

npm adduser --registry=http://progetaddress/npm/npm [--scope:@scope]

These commands will need to run before trying the publish command. Once this configuration is set up, it shouldn't be required again. But that would need to be confirmed on your end.

Yes, I read documentation already.
When I try to login, i've got an error:
Username: (api)
Password: (<default hidden>)
Email: (this IS public) MyEmail@mycompany.com
npm ERR! code E403
npm ERR! Registry returned 403 for PUT on https://MyProgetServerl/npm/-/user/org.couchdb.user:api

npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\user\AppData\Roaming\npm-cache_logs\2019-05-23T09_27_00_415Z-debug.log

run:
npm config get registry

if you don't see the correct registry

try:
npm config set regist <urltoregistry>

npm registry configured properly

I'm trying to do this:
npm Token Authentication
In order to interact with your private registry without using the npm adduser command you will need to follow these steps:

Create an API Key - you can create an API Key in ProGet (Admin > API Key & Access Logs) with Feed Access. you can further restrict this key by associating it to a user you've already given specific permissions
Encode The API Key - Once the key has been generated you will need to encrypt the key along with the username api. This needs to be encoded in base64 format. Your string prior to encoding should be: api:{APIKEY}
Once you have this token you will need set your _auth value with it using npm. It is also recommended that you set always-auth to true.

[~]$ npm config set always-auth=true
[~]$ npm config set _auth={ENCODEDAPIKEY}

https://inedo.com/support/documentation/proget/feeds/npm

Does it works in proget ? or I cant login with auth token?

Hi Taras,

This has been tested in ProGet, in order to publish with Token authentication:

  • You need to create a user in proget
  • give that user the Add Package role
  • create a new token that impersonates that user.
  • encrypt the token to base64

Hi!
Som i've genereate a token like this : FHGDSFREG-3FrF
Then, accroding to documentation, i need to encrypt this key with user API
Before encryption should be like this:
api:{FHGDSFREG-3FrF}
after encryption with base 64 will be string: YXBpOntGSEdEU0ZSRUctM0ZyRn0g
Then, I need to add this with command:
npm config set _auth={YXBpOntGSEdEU0ZSRUctM0ZyRn0g}
Correct?

Hi! Any updates ?

Taras,

try encrypting without the brackets {}

so encrypt this first:

api:FHGDSFREG-3FrF

your command should exclude {} as well

npm config set _auth=YXBpOntGSEdEU0ZSRUctM0ZyRn0g__newtoken

Answer Question