3

I'm trying to deploy a microservice to GCF, which has a dependency of a private GitHub-hosted package. To gain access to the package, I added a .npmrc file to the function as described here, the file looks like this:

registry=https://npm.pkg.github.com/OWNER
//npm.pkg.github.com/:_authToken=PERSONAL-ACCESS-TOKEN

Also tried using a NPM_TOKEN env variable in the Cloud Function

NPM_TOKEN=PERSONAL-ACCESS-TOKEN

Both result in the following error:

OperationError: code=3, message=Build failed: { error: { canonicalCode: "INVALID_ARGUMENT" }}

npm ERR! 404 Not Found: @packagescope/packagename

Installing locally works fine, so does deploying on Zeit Now.

Community
  • 1
  • 1
lobstertheremin
  • 41
  • 2
  • 5
  • Not a real answer, but maybe a troubleshooting idea - does the same work as expected for a private package hosted on npmjs? Easy to test (publish a dummy package to npmjs in a private scope), and if this is so, then Google Cloud Functions are likely not capable of supporting package registries other than npmjs. – Anton Drukh Nov 09 '19 at 16:48
  • 1
    An approach that would allow you to install packages from private GitHub repos, although with a security risk, is to have your app's package.json's dependencies section include `"your-package": "https://${access-token}@github.com/your-org/your-package#committish"` instead of the regular `"your-package": "^1.2.3"` specification. Consider the risk of adding an access token to your app! – Anton Drukh Nov 09 '19 at 16:50
  • When do you see the error? during deploy, or when invoking the function? What version of node? – Travis Webb Nov 09 '19 at 18:34
  • It happens in the CLI when deploying the function using the gcloud tool. Node is version 10. – lobstertheremin Nov 09 '19 at 20:25
  • Update: Node 8 does not solve the problem, using access-token@github.com/org/package does not help either, though I may have gotten that wrong with the commit-ish – lobstertheremin Nov 09 '19 at 20:48

1 Answers1

2

I just ran into this problem so I'm sharing the fix that works with node v8 and v10 Cloud Functions.

The following is required to use the .npmrc to install packages from a private Github packages registry:

  1. The .npmrc needs to be located in the functions folder at the same level as the package.json file
  2. A registry entry for the your account/org scope is required, including the url like so, assuming Anchorman uses Github: @ronburgundy:registry=https://npm.pkg.github.com/ronburgundy
  3. A Github personal access token is required for authentication, like so //npm.pkg.github.com/:_authToken=ronburgundypersonalaccesstoken
  4. Assuming you follow best practice and do not commit the .npmrc with secrets you will need to ensure that the file is transformed to include the personal access token prior to deploying via firebase cli, as there's no other way to inject the value at runtime.

So the original example would work if it looked like this:

@OWNER:registry=https://npm.pkg.github.com/OWNER
//npm.pkg.github.com/:_authToken=PERSONAL-ACCESS-TOKEN

While Github's docs seem to suggest that you should redirect ALL scoped and unscoped package installs to their registry it appears that Google Cloud Functions does not allow us to redirect all package installs to a private registry, only those that we configure based on scope.

arri.io
  • 556
  • 1
  • 5
  • 19