Npm Publish Secret

Drone Support
1

Hey there team Drone

I would like to publish my code to an npm registry after it passes all the tests. Except I need to obviously hide the npm credentials. I am trying the following, with little luck. Perhaps someone can push me in the right direction.

Thanks in advance

pipeline:
  build:
    image: node:8
    commands:
      - npm install
      - npm build
      - npm test

  npm:
    image: plugins/npm
    username: ${NPM_USERNAME}
    password: ${NPM_PASSWORD}
    email: ${NPM_EMAIL}

and

version: ‘2’

services:
  drone-server:
    image: drone/drone:0.8
    ports:
      - 8822:8000
      - 9000:9000
    volumes:
      - /var/lib/drone:/var/lib/drone/
    restart: always
    environment:
      - DRONE_HOST=asdf
      - DRONE_OPEN=true
      - DRONE_ADMIN=asdf
      - DRONE_ORGS=asdf
      - DRONE_GITHUB=true
      - DRONE_GITHUB_CLIENT=asdf
      - DRONE_GITHUB_SECRET=asdf
      - DRONE_SECRET=asdf
      - NPM_USERNAME=brenwell
      - NPM_PASSWORD=somepassword-34cg3g54ge
      - NPM_EMAIL=my@email.com
2

the ${variable} syntax is not valid for injecting secrets (it was in older version of drone, but not newer). You will therefore need to use secrets as described here:
http://docs.drone.io/manage-secrets/

pipeline:
  build:
    image: node:8
    commands:
      - npm install
      - npm build
      - npm test

  npm:
    image: plugins/npm
-   username: ${NPM_USERNAME}
-   password: ${NPM_PASSWORD}
-   email: ${NPM_EMAIL}
+   secrets: [ npm_username, npm_password, npm_email ]
3

Thank you, I worked out that it needs to be like

  npm:
    image: plugins/npm
    username: $NPM_USERNAME
    password: $NPM_PASSWORD
    email: $NPM_EMAIL

I read the secrets stuff but I wasn’t quite sure what it meant. Have I now done it the correct way or this secrets approach different?

4

Ok so it appears to be different. I tried to add a secret via the following command

drone secret add --repository brenwell/each-after --image plugins/npm --name npm_username --value brenwell

and got

json: cannot unmarshal array into Go value of type model.Secret

I must have misunderstood something from the docs, sorry.

5

the syntax in this example will not work. Drone will not replace $NPM_USERNAME or $NPM_PASSWORD with your secret values. Secrets need to be declared in the yaml as defined in https://docs.drone.io/secret/repository/

json: cannot unmarshal array into Go value of type model.Secret

are you using the correct server address with the CLI? We see this error frequently when someone using the HTTP address with the CLI instead of the HTTPS address. Also note that you can manage secrets in the user-interface if you do not want to use the CLI.

1 Like
6

Yep you were totally right on both accounts. Thanks

The syntax didn’t work it used them as strings so it appeared to work but of course my username and password aren’t “$NPM_USERNAME” & “$NPM_PASSWORD”.

And swapping from http to https did the trick

Also using the GUI is a nice tip, perhaps we should add that to the docs?

Thanks @bradrydzewski