Example - Integrating services with Bytesafe
Bytesafe private registries can be integrated as a package source (or destination) for external services. A secure source for both private and public dependencies.
Use Bytesafe with external services
Services that support custom configuration of the package registry together with an access token can be integrated with Bytesafe.
The list below includes a few examples as well as link to their documentation sites.
Setting up the integration
To setup the integration users need to provide a custom npm configuration.
Normally this is performed by providing a .npmrc
file for the project on the service of your choice.
The file contains the registry URL as well as the access token for the same registry.
Creating the access token for the Bytesafe registry
Two actions are required to be able to create a new access token to use with the external service. These steps are normally run from a developers own terminal (as they relate to authentication and creation of tokens for the Bytesafe registry).
Note: If you have previously authenticated to the Bytesafe registry from your terminal, you can skip step 1.
- Login to Bytesafe. Run
npm login
together with the registry URL. This automatically stores a token for further requests with Bytesafe servers. Required password can be obtained from the Bytesafe web app.
# Replace example registry URL with the url for the registry of your choice and remember the trailing /
$ npm --registry https://{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/ login
- Create the token for the integration. Create a new access token in Bytesafe or with
npm token create
# Replace example registry URL with the url for the registry of your choice and remember the use of a trailing /
$ npm --registry https://{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/ token create
Save the output of the command for later use. The full token is only displayed on creation.
Getting Unauthorized / Access Denied errors? See Troubleshooting - resolving access denied error for more info.
Configuring the .npmrc file
Create a project .npmrc
file that can be deployed together with the package.json
(and package-lock.json
).
The .npmrc
file can identify Bytesafe as the registry to use for all packages or for a specific @scope
:
# Example .npmrc file where all packages are fetched from Bytesafe
registry=https://{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/
//{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/:_authToken=${NPM_TOKEN}
always-auth=true
# Example .npmrc file where ONLY SCOPED packages are fetched from Bytesafe
@scope:registry=https://{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/
//{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/:_authToken=${NPM_TOKEN}
always-auth=true
Replace the registry URLs in the examples above with the registry URL for the Bytesafe registry of your choice.
If applicable, replace @scope
with the specific scope for the project.
More details on how to use @scope
can be found in the npmjs documentation.
The file also specifies always-auth=true
. This forces npm clients to always send authentication information as part of the request to Bytesafe servers.
Providing the access token
The required access token for the Bytesafe registry can be stored either directly in the .npmrc file or as environment variable (recommended).
# Example of .npmrc file entry where the authToken is stored as environment variable
//{WORKSPACE}.bytesafe.dev/r/{REGISTRY}/:_authToken=${NPM_TOKEN}
Avoid publishing tokens in a readable format
Store the access token in a secret store and use environment variables instead. Refer to the documentation of the service of your choice for details on how to store access tokens as environment variables.
To finalize configuration, upload the .npmrc
file and provide the access token to the external service.
Integration completed! Congratulations, the service should now be able to request packages from or publish packages to Bytesafe!
Package flow example
Simple flowchart showing a package flow when both public and private packages are provided by Bytesafe.
graph BT
A{Bytesafe registry} --> Paas1((PaaS/CiCD service));
B[fab:fa-npm registry.npmjs.org] --> | public packages | A
C(fa:fa-user Developers) --> | private packages | A;
Paas1 --> D>App Deliverable];
- Private packages are published directly to Bytesafe.
- Public packages are provided by a public registry upstream (like registry.npmjs.org).
- Downstream service is configured (registry URL + access token) to fetch private and public packages from Bytesafe.