Verdaccio-GitLab
Use GitLab Community Edition as authentication provider for the private npm registry verdaccio, the sinopia fork.
The main goal and difference to other sinopia/verdaccio plugins is:
- no admin token required
- user authenticates with Personal Access Token
- owned groups (no subgroups) are added to the user
- publish packages if package scope or name is an owned group name
This is experimental!
Use it
git clone https://github.com/bufferoverflow/verdaccio-gitlab.git
cd verdaccio-gitlab
npm install
npm start
verdaccio is now up and running, now configure the following within
your ~/.config/verdaccio/config.yaml
to use this plugin
auth:
gitlab:
url: https://gitlab.com
packages:
'@*/*':
# scoped packages
access: $all
publish: $authenticated
proxy: npmjs
gitlab: true
'**':
access: $all
publish: $authenticated
proxy: npmjs
gitlab: true
restart verdaccio and authenticate with your credentials:
- gitlab username
- Personal Access Token
on the web ui http://localhost:4873 or via npm
npm login --registry http://localhost:4873
and publish packages
npm publish --registry http://localhost:4873
NOTE: you need a fresh login, so that verdaccio recognizes your owned groups
Docker
git clone https://github.com/bufferoverflow/verdaccio-gitlab.git
cd verdaccio-gitlab
docker-compose up --build -d
- login with user
root
and passwordverdaccio
on Gitlab via http://localhost:50080 - create a Personal Access Token
- login to the npm registry http://localhost:4873 via browser
- publish your packages via command line
Development
Setup development environment, npm start
will do:
cd node_modules/verdaccio
npm link ../../
cd ../../
Run one of the following command to create a release:
npm run release:major
npm run release:minor
npm run release:patch
finally run
npm publish
Todo
- [x] authenticate with personal access token
- [x] compare provided user name and GitLab username
- [x] get user groups from GitLab
- [x] authorize publish based on group ownership
- [x] Docker Compose setup of GitLab and Verdaccio
- [ ] how to handle group owner ship changes? timeout?
- [ ] use openid connect for web ui
- [ ] improve linting, eslint vs. jshint vs. babel ,etc.
- [ ] pass repolinter
- make it perfect ;-r