Skip to content

Home

Jump to bottom
Jon Sharratt edited this page Jan 31, 2017 · 30 revisions

#Documentation

Overview

Yith is a serverless npm registry to allow companies that wish to keep their intellectual property. It allows sharing of npm modules within a company but additionally allows access to all of the modules on public npm. One other major difference is that it replaces npm login authentication to be via github / github enterprise. Users are always required to be authenticated when using yith as their npm registry.

It is currently compatible with the latest version of the npm cli.

Local Deployment

The quickest way to deploy your own npm registry from you local machine is to follow the following guide.

Prerequisites

  • A GitHub / GitHub Enterprise application is registered (e.g. for GitHub), you will need the Client ID and Secret.
  • You have AWS environment credentials setup with enough access to deploy Serverless resources on your local machine, you can follow the standard guide from Amazon here
  • Latest version of Serverless installed globally (npm install serverless -g or yarn global add serverless).

Steps

  • serverless install --url https://github.com/craftship/yith/tree/0.7.0 --name my-npm-registry - pick whichever name you prefer for your registry
  • cd my-npm-registry
  • npm install
  • Setup your environment variables:
export YITH_REGION="eu-west-1" # Set the AWS region you wish your registry to be deployed to
export YITH_ADMINS="" # Comma seperated list of github usernames (e.g. "jon,kadi"), these users will be the only ones able to publish
export YITH_REGISTRY="https://registry.npmjs.org/" # The NPM mirror you wish to proxy through to
export YITH_BUCKET="my-npm-registry-storage" # The name of the bucket in which you wish to store your packages
export YITH_GITHUB_URL="https://api.github.com/" # The GitHub / GitHub Enterprise **api** url
export YITH_GITHUB_CLIENT_ID="client_id" # The client id for your GitHub application
export YITH_GITHUB_SECRET="secret" # The secret for your GitHub application
  • serverless deploy --stage prod (pick which ever stage you wish)
  • npm set registry <url> - <url> being the base url shown in the terminal after deployment completes, such as: https://abcd12345.execute-api.eu-west-1.amazonaws.com/dev/registry/

Use in your Projects / Repositories

The easiest way to ensure developers are using the correct private repositories per project is to setup a .npmrc file. This contains default settings that npm will pick up on and will ensure the registry is set per project.

This is especially great for repositories you wish developers to publish and keep private. Here is an example .npmrc file:

registry=https://ab1cd3ef4.execute-api.eu-west-1.amazonaws.com/prod/registry

If a user is doing any npm operation for the first time in the repository then they will need to npm login.

Admins & Publishing

npm publish works as it normally does via the npm CLI. By default all users have read only access. If you wish to allow publish rights then you need to set YITH_ADMINS to a comma separated list of GitHub usernames suche as jonsharratt, kadikraman.

Setup with your CI

CircleCI

TBC

Jenkins

TBC

Clone this wiki locally