Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Verdaccio gitlab authentication #115

Open
manasatest opened this issue Apr 19, 2020 · 0 comments
Open

Verdaccio gitlab authentication #115

manasatest opened this issue Apr 19, 2020 · 0 comments

Comments

@manasatest
Copy link

I'm trying to get gitlab authentication and it always fails with following error. I'm using the PAT for the login. Verdaccio version -4.0.2. Can someone help with it?

0 info it worked if it ends with ok
1 verbose cli [ '/usr/local/Cellar/node/11.8.0/bin/node',
1 verbose cli '/usr/local/bin/npm',
1 verbose cli 'login' ]
2 info using [email protected]
3 info using [email protected]
4 verbose npm-session 5aea08a4889d50f8
5 verbose web login before first POST
6 http request → POST https://mycompany.com/verdaccio/-/v1/login
7 http 400 ← Bad Request (https://mycompany.com/verdaccio/-/v1/login)
8 verbose web login not supported, trying couch
9 verbose login before first PUT { _id: 'org.couchdb.user:myusername',
9 verbose login name: 'myusername',
9 verbose login password: 'XXXXX',
9 verbose login type: 'user',
9 verbose login roles: [],
9 verbose login date: '2020-04-19T21:19:44.739Z' }
10 http request → PUT https://mycompany/verdaccio/-/user/org.couchdb.user:myusername
11 http 400 ← Bad Request (https://mycompany.com/verdaccio/-/user/org.couchdb.user:myusername)
12 verbose adduser before first PUT { _id: 'org.couchdb.user:myusername',
12 verbose adduser name: 'myusername',
12 verbose adduser password: 'XXXXX',
12 verbose adduser email: 'email',
12 verbose adduser type: 'user',
12 verbose adduser roles: [],
12 verbose adduser date: '2020-04-19T21:19:44.971Z' }
13 http request → PUT https://mycompany/verdaccio/-/user/org.couchdb.user:myusername
14 http 400 ← Bad Request (https://mycompany/verdaccio/-/user/org.couchdb.user:myusername)
15 verbose stack Error: Registry returned 400 for PUT on https://mycompany/verdaccio/-/user/org.couchdb.user:myusername
15 verbose stack at fetch.defaults.catch.then.then.result (/usr/local/lib/node_modules/npm/node_modules/npm-profile/index.js:376:13)
15 verbose stack at processTicksAndRejections (internal/process/next_tick.js:81:5)
16 verbose statusCode 400
17 verbose pkgid org.couchdb.user:myusername
18 verbose cwd /Users/username/gitlab/npmtest
19 verbose Darwin 18.7.0
20 verbose argv "/usr/local/Cellar/node/11.8.0/bin/node" "/usr/local/bin/npm" "login"
21 verbose node v11.8.0
22 verbose npm v6.5.0
23 error code E400
24 error Registry returned 400 for PUT on https://mycompany/verdaccio/-/user/org.couchdb.user:myusername
25 verbose exit [ 1, true ]

config.yaml
storage: /verdaccio/storage

store:
s3-storage:
bucket: {{ with secret "PATH" }}{{ .Data.bucket_name }}{{ end }}
region: us-west-2 # optional, will use aws s3's default behavior if not specified
endpoint: {{ with secret "PATH" }}{{ .Data.endpoint }}{{ end }}
s3ForcePathStyle: false
accessKeyId: {{ with secret "PATH" }}{{ .Data.access_key }}{{ end }}
secretAccessKey: {{ with secret "PATH" }}{{ .Data.secret_key }}{{ end }}

a list of users

This is deprecated, use auth plugins instead (see htpasswd below).

users:

admin:

# crypto.createHash('sha1').update(pass).digest('hex')
# password: a94a8fe5ccb19ba61c4c0873d391e987982fbbd3

url_prefix: /verdaccio/

web:

WebUI is enabled as default, if you want disable it, just uncomment this line

#enable: false

title: company Verdaccio

logo: logo.png

auth:
gitlab:
url: http://gitlab.com

uplinks:
npmjs:
url: https://registry.npmjs.org/

packages:
'company-*':
# scoped packages
access: $all
publish: $maintainer
proxy: npmjs
gitlab: true

'**':
access: $all
publish: $maintainer
proxy: npmjs
gitlab: true

#####################################################################

Advanced settings

#####################################################################

Special packages publish configurations

#publish:

This will allow the publisher to publish packages even if any uplink is down.

allow_offline: true

if you use nginx with custom path, use this to override links

#url_prefix: https://dev.company.local/verdaccio/

You can specify listen address (or simply a port).

If you add multiple values, verdaccio will listen on all of them.

Examples:

listen:

- localhost:4873 # default value

- http://localhost:4873 # same thing

  • 0.0.0.0:4873 # listen on all addresses (INADDR_ANY)

- https://example.org:4873 # if you want to use https

- [::1]:4873 # ipv6

- unix:/tmp/verdaccio.sock # unix socket

Configure HTTPS, it is required if you use "https" protocol above.

#https:

key: path/to/server.key

cert: path/to/server.crt

ca: path/to/server.pem

type: file | stdout | stderr

level: trace | debug | info | http (default) | warn | error | fatal

parameters for file: name is filename

{type: 'file', path: 'verdaccio.log', level: 'debug'},

parameters for stdout and stderr: format: json | pretty | pretty-timestamped

{type: 'stdout', format: 'pretty', level: 'debug'},

logs:

  • {type: stdout, format: pretty, level: http}
  • {type: file, path: verdaccio.log, level: trace}

you can specify proxy used with all requests in wget-like manner here

(or set up ENV variables with the same name)

#http_proxy: http://something.local/
#https_proxy: https://something.local/
#no_proxy: localhost,127.0.0.1

maximum size of uploaded json document

increase it if you have "request entity too large" errors

max_body_size: 250mb

Notify Settings

Notify was built primarily to use with Slack's Incoming

webhooks, but will also deliver a simple payload to

any endpoint. Currently only active for publish / create

commands.

notify:

Choose a method. Technically this will accept any HTTP

request method, but probably stick to GET or POST

method: POST

Only run this notification if the package name matches the regular

expression

packagePattern: ^example-package$

Any flags to be used with the regular expression

packagePatternFlags: i

If this endpoint requires specific headers, set them here

as an array of key: value objects.

headers: [{'Content-type': 'application/x-www-form-urlencoded'}]

set the URL endpoint for this call

endpoint: https://hooks.slack.com/...

Finally, the content you will be sending in the body.

This data will first be run through Handlebars to parse

any Handlebar expressions. All data housed in the metadata object

is available for use within the expressions.

content: ' {{ "handlebar-expression" }}'

'example-package-1':
method: POST
# Only run this notification if the package name matches the regular
# expression
packagePattern: ^example-package-regex$
# Any flags to be used with the regular expression
# since verdaccio 2.2.2 this property has been disabled read #108
# it will be re-enabled after 2.5.0
# packagePatternFlags: i
# If this endpoint requires specific headers, set them here
# as an array of key: value objects.
# headers supports as well a literal object
headers: {'Content-type': 'application/x-www-form-urlencoded'}
# set the URL endpoint for this call
endpoint: https://hooks.slack.com/...
# Finally, the content you will be sending in the body.
# This data will first be run through Handlebars to parse
# any Handlebar expressions. All data housed in the metadata object
# is available for use within the expressions.
content: ' {{ "handlebar-expression" }}'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant