Use private npm registry for Google App Engine Standard

For all the other stackoverflow questions, it seems like people are asking either about a private npm git repository or about a different technology stack. I'm pretty sure I can use a private npm registry with GAE Flexible, but I was wondering if it was possible with the Standard version?

From the GAE standard docs, doesn't seem like it is possible. Anyone else figure out otherwise?

Solution 1:

Google Cloud Functions allow you to access private NPM modules by providing credentials for the npm registry in a .npmrc file, as explained in the Using private modules section of the documentation.

However, this is not possible for App Engine Standard, and a Feature Request was already created for it, which you can follow via this link.

I recommend marking this request as affected, and leave a comment expressing how this is affecting you, as it will increase the visibility of the request.

Solution 2:

Google marked this feature request as "won't fix, intended behavior" but there is a workaround.

Presumably you have access to the environment variables during the build stage of your CI/CD pipeline. Begin that stage by having your build script overwrite the .npmrc file using the value of the environment variable (note: the value, not the variable name). The .npmrc file (and the token in it) will then be available to the rest of the CI/CD pipeline.

For example:

  - name: Install and build
    env:
      NPM_AUTH_TOKEN: ${{ secrets.PRIVATE_REPO_PACKAGE_READ_TOKEN }}
    run: |
      # Remove these 'echo' statements after we migrate off of Google App Engine.
      # See replies 14 and 18 here: https://issuetracker.google.com/issues/143810864?pli=1
      echo "//npm.pkg.github.com/:_authToken=${NPM_AUTH_TOKEN}" > .npmrc
      echo "@organizationname:registry=https://npm.pkg.github.com" >> .npmrc
      echo "always-auth=true" >> .npmrc
      npm install
      npm run compile
      npm run secrets:get ${{ secrets.YOUR_GCP_PROJECT_ID }}

Hat tip to the anonymous heroes who wrote replies 14 and 18 in the Issure Tracker thread - https://issuetracker.google.com/issues/143810864?pli=1

If you have a .npmrc file checked in with your project's code, you would be wise to put a comment at the top, explaining that it will be overwritten during the CI/CD pipeline. Otherwise, Murphy's Law dictates that you (or a teammate) will check in a change to that .npmrc file and then waste an unbounded amount of time trying to figure out why that change has no effect during deployment.

Sequence of norms

Vestrup Measure and Integration Exercise 5.1.6

Show that vector v is equal to the zero vector

$f$ analytic in $\overline{\mathbb{D}}$ s.t $\int_{|z|=1}|f(z)-z||dz|\leq\frac{1}{100}$. Prove that $f$ has at least one zero in $\mathbb{D}$.

Infinitely many imaginary quadratic fields in which p splits completely?

Prove that if $a_n \rightarrow L$ then the sequence $b_n = 1 / n^2 \cdot (a_1 + 2a_2 + 3a_3 + ... + na_n)$ converges to $0.5L$

$(X,\mathcal{O}_X)$ be a locally ringed space, $f\in\mathcal{O}_X(X)$. Show that $D=\{x\in X\mid f(x)\neq0\in\kappa(x)\}\subset X$ is an open subset [duplicate]

$f$ continuous s.t $|f|$ increasing and $|f|\le x$ then $f$ unifrmly continuous

ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255]

PHAR archive internals

How Virtual DOM works in React or Vue

Using Semantic MediaWiki for tabular data