npm install fails with CI_JOB_TOKEN in .npmrc
Summary
ZD: https://gitlab.zendesk.com/agent/tickets/139850 (internal)
npm install
with CI_JOB_TOKEN
in .npmrc
returns 401
Steps to reproduce
@namespace/package1
:
In - Publish
@namespace/package1
- Use
CI_JOB_TOKEN
in.npmrc
://gitlab.com/api/v4/projects/<your_project_id>/packages/npm/:_authToken=${NPM_TOKEN}
@namespace/package2
:
In - Add
@namespace/package1
as dependency inpackage2
'spackage.json
- Either create an
.npmrc
in the root directory, or create it in the.gitlab-ci.yml
- Create step in
.gitlab-ci.yml
to runnpm install
- Response is 401
Example Project
Output from my test project is a 401 when using CI_JOB_TOKEN
https://gitlab.com/sahbabou/npm-test-project/-/jobs/362215893
Success when using PAT:
https://gitlab.com/sahbabou/npm-test-project/pipelines/98809455
(If possible, please create an example project here on GitLab.com that exhibits the problematic behavior, and link to it here in the bug report)
(If you are using an older version of GitLab, this will also determine whether the bug is fixed in a more recent version)
What is the current bug behavior?
Unable to install packages when using CI_JOB_TOKEN
What is the expected correct behavior?
Users with the appropriate permissions should be able to install NPM packages with CI_JOB_TOKEN
Relevant logs and/or screenshots
npm ERR! code E401
27 npm ERR! 401 Unauthorized - GET https://gitlab.com/api/v4/packages/npm/@sahbabou%2ftest-package
28 npm ERR! A complete log of this run can be found in:
Output of checks
This bug happens on GitLab.com, GitLab Enterprise Edition 12.5.0-pre 9e0448ab