Install npm module from gitlab private repository

Question

We are using GitLab for our private project. There are some forked libraries from github, that we want to install as npm module. Installing that module directly from npm is

Answer 1

Gitlab now has a package registry where it's possible to build, deploy and host npm packages. With private repositories, it's possible to provide fine-grain access control over the repository contents and the packages.

NPM Packages can be installed from private Gitlab repositories by adding a .npmrc file alongside package.json. More info here. Although it gets complicated when using multiple deploy tokens for different repositories in the same codebase.

With Gitlab it's possible to access the package .tgz file directly with HTTPS and deploy token. Simply add the project dependency like this:

"@foo/bar": "https://:@gitlab.com/api/v4/projects//packages/npm/@foo/bar/-/@foo/bar-1.0.0.tgz"

@foo/bar is present twice in the URL. @foo is the project scope and bar is the module name and 1.0.0 is the module name. project-id (8-digit numeric) is the Gitlab project ID, which can be seen from the project page under the name. It's possible to even omit @foo from the module name(but not the link).

Using multiple modules with the same scope and different deploy tokens makes managing private repositories secure. Also Deploy tokens may only have access to package registry which means, the end-user will not be able to access the complete source code from the repositories.