Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Private npm - What can you do with your own npm registry
Search
Szabolcs Szabolcsi-Toth
November 19, 2014
Programming
0
90
Private npm - What can you do with your own npm registry
My talk for the NodeBp meetup, November 2014
Szabolcs Szabolcsi-Toth
November 19, 2014
Tweet
Share
Other Decks in Programming
See All in Programming
An adventure of Happy Eyeballs
coe401_
1
210
TypeScriptコードの漸進的改善 / Progressive Improvement of TypeScript Code
medley
1
440
Powerfully Typed TypeScript
euxn23
3
1.7k
JavaScript Closure
asoluka
0
2k
AmperとFleetを使ったAndroidアプリ
yoppie
0
300
HonoのRPCで真の型安全が欲しかった
kosei28
1
140
『WordPressコミュニティで学ぶ』OSS貢献の多様性
ippey
0
260
Long journey of Ruby standard library RubyKaigi 2024
andpad
2
230
GitLab CI/CD で C#/WPFアプリケーションのテストとインストーラーのビルド・デプロイを自動化する
hacarus
0
620
Exploring Type-Informed Lint Rules in Rust based TypeScript Linters
unvalley
3
640
Direct Style Effect Systems The Print[A] ExampleA Comprehension Aid
philipschwarz
PRO
0
410
CQRS meets modern Java
simas
PRO
2
470
Featured
See All Featured
Into the Great Unknown - MozCon
thekraken
15
1.1k
Build your cross-platform service in a week with App Engine
jlugia
226
17k
Building an army of robots
kneath
300
41k
Rebuilding a faster, lazier Slack
samanthasiow
74
8.3k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
15
1.6k
Docker and Python
trallard
35
2.7k
The Mythical Team-Month
searls
217
42k
How STYLIGHT went responsive
nonsquared
92
4.8k
Producing Creativity
orderedlist
PRO
338
39k
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.7k
Robots, Beer and Maslow
schacon
PRO
155
8k
Unsuck your backbone
ammeep
664
57k
Transcript
PRIVATE NPM What can you do with your own npm
registry
HELLO I'm Szabolcs Szabolcsi-Toth Senior Front-end Engineer @ Ustream @_Nec
NPM
NPM Public and open ecosystem of open source modules Has
several public mirrors
NPM IS GREAT but "what if" you want to do
sensitive stuff you want to do proprietary stuff you want to use npm, but internally distribute modules you don’t trust availability
PRIVATE NPM REGISTRY
“Don’t run your own registry, use ours” Laurie Voss
PRIVATE NPM REGISTRIES Full mirror Caching GBytes of data Only
what needed
OUR USECASE AT USTREAM
SYSOP REQUIREMENT “what happens when an npm install dies during
a major deployment?” “we're f**ked”
SINOPIA github.com/rlidwka/sinopia
SINOPIA caching registry use with chef/docker simple storage
WORKING WITH SINOPIA
AUTHENTICATION simple adduser publisher/reader rights since npm 1.5-alpha (v2.0.0) users
can scope credentials to different registries
PER-PROJECT CONFIGURATION .npmrc per project registry configuration since v1.4.11 package.json
use ‘publishConfig’
PUBLISH - UNPUBLISH n p m p u b l
i s h - - r e g i s t r y h t t p : / / y o u r - o w n . r e g i s t r y . u r l m o d u l e n a m e n p m u n p u b l i s h - - f o r c e - - r e g i s t r y h t t p : / / y o u r - o w n . r e g i s t r y . u r l m o d u l e n a m e
SECURITY Ours only accessible from a well defined domain /
ip pool
USECASES
YOU CAN DO... private modules (obviously)
YOU CAN DO... Versioned modules for deployment Configuration management and
distribution
YOU CAN DO... Not just backend modules Front-end module registry
YOU CAN... Prepare for the open source world Test, use,
then go open source Get used to the tools, workflow and mindset
EXAMPLES
CONFIGURATION MANAGEMENT AND DISTRIBUTION This is how we distribute configurations
for our node apps
BUILD & DEPLOYMENT GIT FEATURE BETA LIVE FEATURE BETA LIVE
BUILD & DEPLOYMENT GIT NPM FEATURE BETA LIVE FEATURE BETA
LIVE MODULE v0.2.4 MODULE v0.1.2 MODULE v0.2.1 MODULE v0.1.1
BUILD & DEPLOYMENT GIT NPM FEATURE BETA LIVE FEATURE BETA
LIVE MODULE v0.2.4 MODULE v0.1.2 MODULE v0.2.1 MODULE v0.1.1
BUILD & DEPLOYMENT GIT NPM FEATURE BETA LIVE FEATURE BETA
LIVE MODULE v0.2.4 MODULE v0.1.2 MODULE v0.2.1 MODULE v0.1.1
BUILD & DEPLOYMENT GIT NPM FEATURE BETA LIVE FEATURE BETA
LIVE MODULE v0.2.4 MODULE v0.1.2 MODULE v0.2.1 MODULE v0.1.1
BUILD & DEPLOYMENT GIT NPM FEATURE BETA LIVE FEATURE BETA
LIVE MODULE v0.2.4 MODULE v0.1.2 MODULE v0.2.1 MODULE v0.1.1
BUILD & DEPLOYMENT GIT NPM FEATURE BETA LIVE FEATURE BETA
LIVE MODULE v0.2.4 MODULE v0.1.2 MODULE v0.2.1 MODULE v0.1.1
CONFIGURATION MANAGEMENT AND DISTRIBUTION Works with Modules, or even better:
Configurations
FRONT-END MODULES Internal ‘bower’ using our private npm registry Flat
dep tree cli, or package.json This is also a problem at npm
FINALLY
DRAWBACKS Feature lag Deal with securing and hosting and backup
THE FUTURE npm is working on this! scoped packages (prefixed
with your org)
NPME npme (as enterprise) use it like npm you host
it selective mirror OAuth2, more is coming developed by npm - no feature lag still in trial
NPME It's not free Support npm, use a good solution
no price information yet
THANK YOU! @_Nec