Multiple private registries with same encrypted token

[paksu]

Which Renovate are you using?

WhiteSource Renovate App

Which platform are you using?

GitHub.com

Have you checked the logs? Don't forget to include them if relevant

What would you like to do?

Our .npmrc looks like this

@ns1:registry=https://some-registry/npm/ns1/
@ns2:registry=https://some-registry/npm/ns2/
//https://some-registry/npm/ns1/:_auth=${NPM_TOKEN}
//https://some-registry/npm/ns2/:_auth=${NPM_TOKEN}

Does the renovate encrypted npm token mechanism support this if we placed the npmrc above in the renovate configurations with the encrypted npm token?

Is it possible to have multiple registries that share the same encrypted secret so they both get replaced properly?

[JamieMagee]

I think you want Encrypted entire .npmrc file into config from the docs. Take a look at that and see if it works for you.

[paksu]

I would but it's too long for the encryption as there is a length limit

[viceice]

You can alternative use a hostRule with hostType=npm to configure credentials

So you only need to encrypt the token

[viceice]

See #678

[paksu]

@viceice If I read that correctly it would hardcode the url parameter to _authToken= which won't work as we are using JFrog Artifactory were the token needs to be _auth= as in my example.

[paksu]

I was thinking if this replace should just be a global one https://github.com/renovatebot/renovate/blob/2515a89dabf88bd6d4cf06386053352ea4107f7e/lib/config/decrypt.ts#L56

[rarkins]

FYI: renovatebot/renovate#6431

Does not solve the problem on its own. Ideally, shouldn't it be that if the user configures npmToken then we pass it as NPM_TOKEN in env?

[paksu]

I think that should work for me as I have the .npmrc in the renovate configurations, not committed as a file to the repo

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed soon if no further activity occurs.