How to set npm credentials using `npm login` without reading from stdin?

docker node.js npm npm-publish npm-login

I'm trying to automate npm publish inside a Docker container, but I receive an error when the npm login command tries to read the username and email:

npm login << EOF
username
password
email
EOF

It works in a Bash terminal, but in a container (without stdin) it shows error:

Username: Password: npm ERR! cb() never called!
npm ERR! not ok code 0

According to npm-adduser:

The username, password, and email are read in from prompts.

How can I run npm login without using stdin?


TL;DR: Make an HTTP request directly to the registry:

TOKEN=$(curl -s \
  -H "Accept: application/json" \
  -H "Content-Type:application/json" \
  -X PUT --data '{"name": "username_here", "password": "password_here"}' \
  http://your_registry/-/user/org.couchdb.user:username_here 2>&1 | grep -Po \
  '(?<="token": ")[^"]*')

npm set registry "http://your_registry"
npm set //your_registry/:_authToken $TOKEN

Rationale

Behind the scenes npm adduser makes an HTTP request to the registry. Instead of forcing adduser to behave the way you want, you could make the request directly to the registry without going through the cli and then set the auth token with npm set.

The source code suggests that you could make a PUT request to http://your_registry/-/user/org.couchdb.user:your-username with the following payload

{
  name: username,
  password: password
}

and that would create a new user in the registry.

Many thanks to @shawnzhu for having found a more cleaner approach to solve the problem.


npm set //<registry>/:_authToken $TOKEN

Example for Github Package Registry:

npm set //npm.pkg.github.com/:_authToken $GITHUB_TOKEN

This is the simplest solution that I have found.


I took a slightly different approach that seems to work great still. To begin with, you will need an auth token. This is easily obtainable by locally running npm adduser and then grabbing the generated token from your ~/.npmrc located in your user folder. In order to be authenticated on your ci server this auth token needs to be appended to the registry URL in the user's .npmrc (similar to how it was locally), not the .npmrc located in the repo, so these worked great as script steps in my CI configuration

- echo "//<npm-registry>:8080/:_authToken=$AUTH_TOKEN" > ~/.npmrc
- npm publish

where AUTH_TOKEN is stored as a secret variable in your settings. A good way to test this is to replace npm publish with npm whoami to test and make sure it successfully logged you in.

Here is my entire publish configuration

publish:
  stage: deploy
  only:
    - tags
  script:
    - yarn run build
    - echo "//<npm-registry>:8080/:_authToken=$NPME_AUTH_TOKEN" > ~/.npmrc
    - npm publish
    - echo 'Congrats on your publication!'

I'm using gitlab-ci but I don't see why this wouldn't apply to any ci application.


npm-cli-login allows you to log in to NPM without STDIN.

In order to install run:

npm install -g npm-cli-login

Example usage:

npm-cli-login -u Username -p Password -e [email protected] -r https://your-private-registry-link

Related

Changing The value of struct in an array
react native get TextInput value
jQuery select a div with a certain class, that doesn't have another class
Compiling and Running Java Code in Sublime Text 2
PXE boot of 18.04 ISO
Cannot disable automatic update checks on Kubuntu 18.04
Comprehensive books on Linux?
How can I make usual phone calls using a connected mobile phone?
Does Ubuntu One follow symlinks if synchronizing a folder?
Set encrypted home passphrase
List of addons/extensions for gnome-shell
How do I make a key on the keyboard do *nothing*?