for developers
On this page, learn tips on how to improve the setup process for connecting your application to Fusion.
A .npmrc file is a configuration file for npm (Node Package Manager) that contains settings for how npm behaves when you install packages or interact with npm registries.
In general, it is recommended to use a .npmrc file to ensure the npm install script runs correctly.
Applications that require the installation of private npm packages can lead to some issues. Before running npm install there is additional scripting to correctly specify the package registry and authenticate to it.
For GitHub packages, begin by making changes to your existing local setup. After ensuring your local development process functions, you can then move on to integrating with Fusion.
First, create an Environment Variable called GITHUB_TOKEN:
export GITHUB_TOKEN=your_pat_hereThe value of this token is a Personal Access Token (PAT). Find your PAT on your GitHub profile, or read GitHub's documentation on PATs. Your token must have the read:packages and repo scopes.
Next, create a .npmrc file with the following contents, replacing this value:
@yourscopewith your scope, defined when the package was published
@yourscope:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}Make sure to commit this file to your repository and push your code to GitHub.
With this setup, you should be able to successfully run your application on your local machine.
After completing the steps above, do the following:
- Create a new GitHub PAT. The scope for this PAT only needs to include
read:packages. - Within Fusion, open up the options for your Project by clicking the three dots menu.
- Choose Project settings.
- Scroll down to Environment variables and click Add Environment Variable.
- Add a new environment variable, where the key is
GITHUB_TOKENand the value is your PAT. - Update your Setup Script, if needed. If you are able to run your project locally, you should only need to include
npm install. - Click the Save button.
If you wish to test out this process, you can include the following in your setup script, replacing the following value:
@yourscopewith your scope, defined when the package was published
printf "@yourscope:registry=https://npm.pkg.github.com\r\n//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}" > ./.npmrc
npm installThis option is less secure because your PAT token will be part of the .npmrc file created by the script.
For JFrog, begin by making changes to your existing local setup. After ensuring your local development process functions, you can then move on to integrating with Fusion.
First, create an Environment Variable called AUTH_TOKEN. To obtain a token for local development you can follow this guide from JFrog.
export AUTH_TOKEN=your_token_hereOne option for a token is to use a Basic Authentication token in the format of username:password. This token will need to be encoded with Base64:
echo "username:password" | base64Next, create a .npmrc file with the following contents, replacing the following values:
@yourscopewith your scope, defined when the package was publishedsubdomainwith your subdomain in JFrog Artifactoryyour-registorywith the name or URL of your registry, provided by JFrog
@yourscope:registry=https://subdomain.jfrog.io/artifactory/api/npm/your-registry
//subdomain.jfrog.io/artifactory/api/npm/my-registry/:_authToken=${AUTH_TOKEN}Make sure to commit this file to your repository and push your code to GitHub.
With this setup, you should be able to successfully run your application on your local machine.
After completing the steps above, do the following:
- Create a new authentication token suitable for CI environments.
- Within Fusion, open up the options for your Project by clicking the three dots menu.
- Choose Project settings.
- Scroll down to Environment variables and click Add Environment Variable.
- Add a new environment variable, where the key is
AUTH_TOKENand the value is your new authentication token. - Update your Setup Script, if needed. If you are able to run your project locally, you should only need to include
npm install. - Click the Save button.
If you wish to test out this process, you can include the following in your setup script, replacing the following values:
@yourscopewith your scope, defined when the package was publishedsubdomainwith your subdomain in JFrog Artifactoryyour-registorywith the name or URL of your registry, provided by JFrog
printf "@yourscope:registry=https://subdomain.jfrog.io/artifactory/api/npm/my-registry/\r\n//subdomain.jfrog.io/artifactory/api/npm/your-registry/:_authToken=${AUTH_TOKEN}" > ./.npmrc
npm installThis option is less secure because your authentication token will be part of the .npmrc file created by the script.