npm git private repo auth

Our enterprise Github recently made a change so all anonymous access from work laptop are blocked. This causes problem as we have some private repo dependencies in our package.json like below:

dependencies {
 ...
 "sun": "git+https://github.kdc.capitalone.com/NeX/sun-ng2-nex.git",
 ...
}

Whenever I try to do npm install, it gives me authentication error. I can get it installed by add username password to the github url, however that would expose my plain corporate password.

After some research, it turns out  Git uses curl under the hood, you can use ~/.netrc file with the credentials. For GitHub it would look something like this:

machine github.com
  login <github username>
  password <password OR github access token>

This way, I can just have a github personal access token sitting in my .netrc file and it will always work. It is better than password as the corporate password get expired every 60/90 days and then the file need to be updated every time that changes.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s