Right now I’m using npm config set to configure the authentication token for my registry. However, I want to move away from running commands and instead use environment variables for everything. This would let me manage these settings at the project level instead of hardcoding them in the pipeline file.
I’ve successfully configured other settings like certificate and registry URL using the npm_config_ prefix pattern. But with authentication tokens, there doesn’t seem to be a direct config key that I can use with environment variables.
Using .npmrc file isn’t an option because it can’t resolve variables like $BUILD_ACCESS_TOKEN dynamically.
When I try using NPM_TOKEN environment variable, I get authentication errors saying the command needs login credentials.
Any suggestions for handling this through environment variables only?
Try creating a temporary .npmrc during build with echo commands to write the token dynamically. Something like echo "//$BUILD_SERVER_URL/api/repos/$BUILD_REPO_ID/packages/npm/:_authToken=$BUILD_ACCESS_TOKEN" >> .npmrc before npm publish. Not pure env vars, but it avoids hardcoding and lets the pipeline resolve variables at runtime.
Setting up authentication tokens with environment variables can indeed be challenging. Unlike other npm configurations, the auth token requires the full registry path as the variable name. You should format it like this: npm_config_//$BUILD_SERVER_URL/api/repos/$BUILD_REPO_ID/packages/npm/:_authToken=$BUILD_ACCESS_TOKEN. This matches what npm expects for the registry path and the token. I dealt with similar issues in CI/CD for private registries, and using this format resolved my authentication errors. If you encounter issues with special characters in variable names, consider URL encoding them, although most CI systems should handle it properly.
This is a common issue with scoped registries in CI. I fixed it by using the npm_config_ prefix with the encoded registry URL as the variable name. Since your registry path has special characters and slashes, replace them with underscores when creating the environment variable. Set npm_config___BUILD_SERVER_URL_api_repos__BUILD_REPO_ID_packages_npm__authToken with your token value. Just convert the registry URL to a valid environment variable name by swapping slashes and colons with underscores. This way you don’t need npm config commands and can handle auth through environment variables only. Double-check that your pipeline can substitute the BUILD variables within the environment variable names.