Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Private npm repo auth failure in CI with lerna publish from-git
See original GitHub issueWhen run in our CI environment (Jenkins, using a fresh Docker container) our snapshot publish job works, but the release publish does not.
Expected Behavior
The job should succeed, as it does when run locally:
Local success: npx lerna publish from-git
lerna notice cli v3.10.6
lerna info versioning independent
Found 1 package to publish:
- @foo/bar => 2.2.1
? Are you sure you want to publish these packages? Yes
lerna info publish Publishing packages to npm...
lerna notice Skipping all user and access validation due to third-party registry
lerna notice Make sure you're authenticated properly ¯\_(ツ)_/¯
lerna WARN ENOLICENSE Packages @foo/bar are missing a license
lerna success published @foo/bar 2.2.1
lerna notice
lerna notice 📦 @foo/bar@2.2.1
lerna notice === Tarball Contents ===
lerna notice 2.2kB package.json
lerna notice 244.3kB bundle.css
lerna notice 1.9MB bundle.css.map
lerna notice 141.1kB bundle.js
lerna notice 517.9kB bundle.js.map
lerna notice 2.5kB CHANGELOG.md
lerna notice 775B README.md
lerna notice === Tarball Details ===
lerna notice name: @foo/bar
lerna notice version: 2.2.1
lerna notice filename: op-bar-2.2.1.tgz
lerna notice package size: 1.5 MB
lerna notice unpacked size: 7.1 MB
lerna notice shasum: d5aaf187086322f3690a1f421a416ef77695f699
lerna notice integrity: sha512-AVfVMPCo23QuK[...]gA36XY1PICbIQ==
lerna notice total files: 72
lerna notice
lerna http fetch PUT 201 https://artifactory.local/api/npm/npm-local/@foo%2fbar 5066ms
Successfully published:
- @foo/bar@2.2.1
lerna success published 1 package
Current Behavior
CI success: lerna publish prerelease --yes --no-push --dist-tag=snapshot --preid=snapshot.201901291031.gc6aa39e5
lerna notice cli v3.10.7
lerna info versioning independent
lerna info ci enabled
lerna info Looking for changed packages since @foo/baz@2.1.2
Changes:
- @foo/bar: 2.2.0 => 2.2.1-snapshot.201901291031.gc6aa39e5.0
lerna info auto-confirmed
lerna info execute Skipping git push
lerna info publish Publishing packages to npm...
lerna notice Skipping all user and access validation due to third-party registry
lerna notice Make sure you're authenticated properly ¯\_(ツ)_/¯
lerna WARN ENOLICENSE Packages @foo/bar are missing a license
lerna success published @foo/bar 2.2.1-snapshot.201901291031.gc6aa39e5.0
lerna notice
lerna notice 📦 @foo/bar@2.2.1-snapshot.201901291031.gc6aa39e5.0
lerna notice === Tarball Contents ===
lerna notice 2.2kB package.json
lerna notice 244.3kB bundle.css
lerna notice 1.9MB bundle.css.map
lerna notice 141.1kB bundle.js
lerna notice 518.0kB bundle.js.map
lerna notice 2.6kB CHANGELOG.md
lerna notice 775B README.md
lerna notice === Tarball Details ===
lerna notice name: @foo/bar
lerna notice version: 2.2.1-snapshot.201901291031.gc6aa39e5.0
lerna notice filename: foo-bar-2.2.1-snapshot.201901291031.gc6aa39e5.0.tgz
lerna notice package size: 1.5 MB
lerna notice unpacked size: 7.1 MB
lerna notice shasum: e28be7ae6d422dc42b28cdb3bfe66424934417e3
lerna notice integrity: sha512-lJubz0n/EZOQK[...]psIAk8mcPRUvg==
lerna notice total files: 72
lerna notice
lerna http fetch PUT 201 https://artifactory.local/api/npm/npm-local/@foo%2fbar 569ms
Successfully published:
- @foo/bar@2.2.1-snapshot.201901291031.gc6aa39e5.0
lerna success published 1 package
CI failure: npx lerna publish from-git --yes
lerna notice cli v3.10.7
lerna info versioning independent
lerna info ci enabled
Found 1 package to publish:
- @foo/bar => 2.2.1
lerna info auto-confirmed
lerna info publish Publishing packages to npm...
lerna notice Skipping all user and access validation due to third-party registry
lerna notice Make sure you're authenticated properly ¯\_(ツ)_/¯
lerna WARN ENOLICENSE Packages @foo/bar are missing a license
lerna http fetch PUT 401 https://artifactory.local/api/npm/npm-local/@foo%2fbar 134ms
lerna ERR! E401 Unable to authenticate, need: Basic realm="Artifactory Realm"
Build step 'Execute shell' marked build as failure
Finished: FAILURE
Possible Solution
Is lerna publish doing something subtly different depending on whether it’s called with from-git or not?
Does is matter that the CI env uses a global npmrc file for its configuration, including npm user authentication?
Steps to Reproduce (for bugs)
With apologies, I can’t even reproduce this on my local machine but only in the CI environment. The npm repo that’s used here is an on-prem JFrog Artifactory Professional 6.5.13 rev 60513900.
lerna.json
{
"packages": [
"packages/*"
],
"command": {
"bootstrap": {
"hoist": true
},
"publish": {
"allowBranch": "master",
"ignoreChanges": [
"README.md"
],
"message": "chore(release): publish",
"registry": "https://artifactory.local/api/npm/npm-local/"
},
"version": {
"conventionalCommits": true
}
},
"version": "independent"
}
Context
Running lerna publish in a Jenkins job to publish packages to a private npm repo.
Your Environment
| Executable | Version |
|---|---|
lerna --version |
3.10.7 |
npm --version |
5.6.0 |
node --version |
8.10.0 |
| OS | Version |
|---|---|
| Ubuntu | 18.04.1 |
Issue Analytics
- State:
- Created 5 years ago
- Reactions:2
- Comments:9 (2 by maintainers)
Top Results From Across the Web
Private npm repo auth failure in CI with lerna publish from-git
When run in our CI environment (Jenkins, using a fresh Docker container) our snapshot publish job works, but the release publish does not....
Read more >@lerna/publish - npm
Publish packages tagged in the current commit ( from-git ). Publish packages in the latest commit where the version is not present in...
Read more >@lerna/publish | Yarn - Package Manager
Your favorite tool is alive and well: https://blog.nrwl.io/lerna-5-1-new-website-new-guides-new-lerna-example-repo-distributed-caching-support-and-speed- ...
Read more >Automatic versioning in a Lerna monorepo using Github actions
Integrate Lerna in a CI flow to automatically version and publish packages ... dependencies from our private registry (in Github packages), ...
Read more >Bad request error 400 when publishing to npm packages
I'm trying to publish a private package to our gitlab repo. ... >:registry=https://gitlab.com/api/v4/packages/npm/ always-auth=true.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
This is still an issue for me, and I’d still be interested in a way to verbosely log Lerna’s network traffic to be able to figure out what’s happening here.
Finally found a workaround. For some reason, having a JS script that calls
require('child_process').exec('lerna publish ...')works, provided that it’s called from an npm script that in turn is called from a Jenkins execute-shell script.I have no idea why that particular level of detachment works, and how its running environment might be different from e.g. calling
npx lerna publish ...directly from the Jenkins script.