Example - Integrating services with Bytesafe

How to use external CI/CD or PaaS services with Bytesafe

Bytesafe private registries can be integrated as a package source (or destination) for external services. Providing a secure source for both private and public dependencies.

Use cases where Bytesafe adds value as a package source for other service:

Use Bytesafe with these services

Services that support custom configuration of the package registry together with an access token can be integrated with Bytesafe.

The list below includes a few examples as well as link to their documentation sites.

Setting up the integration

To setup the integration users need to provide a custom npm configuration.

Normally this is performed by providing a .npmrc file for the project on the service of your choice. The file contains the registry URL as well as the access token for the same registry.

Creating the access token for the Bytesafe registry

Two actions are required to be able to create a new access token to use with the external service. These steps are normally run from a developers own terminal (as they relate to authentication and creation of tokens for the Bytesafe registry).

Note: If you have previously authenticated to the Bytesafe registry from your terminal, you can skip step 1.

  1. Login to Bytesafe. Run npm login together with the registry URL. This automatically stores a token for further requests with Bytesafe servers. Required password can be obtained from the Bytesafe web app.

# Replace example registry URL with the url for the registry of your choice and remember the trailing /

$ npm --registry https://workspace.bytesafe.dev/r/example-registry/ login

  1. Create the token for the integration. Create a new access token with npm token create

# Replace example registry URL with the url for the registry of your choice and remember the use of a trailing /

$ npm --registry https://workspace.bytesafe.dev/r/example-registry/ token create

Save the output of the command for later use. The full token is only displayed on creation.

Getting Unauthorized / Access Denied errors? See the Troubleshooting section for more info.

Configuring the .npmrc file

Create a project .npmrc file that can be deployed together with the package.json (and package-lock.json).

The .npmrc file can identify Bytesafe as the registry to use for all packages or for a specific @scope:

# Example .npmrc file where all packages are fetched from Bytesafe

registry=https://workspace.bytesafe.dev/r/example-registry/

//workspace.bytesafe.dev/r/example-registry/:_authToken=${NPM_TOKEN}

always-auth=true

# Example .npmrc file where ONLY SCOPED packages are fetched from Bytesafe

@scope:registry=https://workspace.bytesafe.dev/r/example-registry/

//workspace.bytesafe.dev/r/example-registry/:_authToken=${NPM_TOKEN}

always-auth=true

Replace the registry URLs in the examples above with the registry URL for the Bytesafe registry of your choice.

If applicable, replace @scope with the specific scope for the project. More details on how to use @scope can be found in the npmjs documentation.

The file also specifies always-auth=true. This forces npm clients to always send authentication information as part of the request to Bytesafe servers.

Providing the access token

The required access token for the Bytesafe registry can be stored either directly in the .npmrc file or as environment variable (recommended).

# Example of .npmrc file entry where the authToken is stored as environment variable

//workspace.bytesafe.dev/r/example-registry/:_authToken=${NPM_TOKEN}

To finalize configuration, upload the .npmrc file and provide the access token to the external service.

Integration completed! Congratulations, the service should now be able to request packages from or publish packages to Bytesafe!

Package flow example

Simple flowchart showing a package flow when both public and private packages are provided by Bytesafe.

graph BT
  A{Bytesafe registry} --> Paas1((PaaS/CiCD service));
  B[fab:fa-npm registry.npmjs.org] --> | public packages | A
  C(fa:fa-user Developers) --> |  private packages | A;
  Paas1 --> D>App Deliverable];
  • Private packages are published directly to Bytesafe.
  • Public packages are provided by a public registry upstream (like registry.npmjs.org).
  • Downstream service is configured (registry URL + access token) to fetch private and public packages from Bytesafe.