I want to publish a private npm package with Gitlab CI.

I've created an auth token for my npm user and set it as a variable NPM_TOKEN in my Gitlab CI settings.

The job then creates an .npmrc file with the registry and the auth token.

- npm run build && npm run build:es6
- echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}'>.npmrc
- npm publish

The job fails with this message:

npm ERR! code ENEEDAUTH
npm ERR! need auth auth required for publishing
npm ERR! need auth You need to authorize this machine using `npm adduser`

Is it possible to publish with only an auth token?

As @Amityo said, rather than manually editing the npmrc file,

npm config set //registry.npmjs.org/:_authToken ${NPM_TOKEN}

is the way to go, because otherwise you may be editing the wrong npmrc file.

If you are still getting an authentication error, and are certain that the token is correct, check your registry URL. You can run

npm publish --verbose

whose output will includes lines like

npm verb getPublishConfig { registry: 'https://.......' }
npm verb mapToRegistry no registry URL found in name for scope @boxine
npm verb publish registryBase https://.......

If you are publishing to npmjs.org, the URL (....... above) should be https://registry.npmjs.org/ .

If this registry URL does not fit, look in your npmrc file for a different one. Also make sure you didn't override the registry in your package.json file! You can search for publishConfig in that file.

To elaborate slightly on @phihag's answer, forward slashes are very important.

At first I kept getting 404 not found

$ npm publish
...
...
npm ERR! code E404
npm ERR! 404 Not Found - PUT https://gitlab.company.com/api/v4/packages/npm/%2fmypackage - 404 Not Found
npm ERR! 404 
npm ERR! 404  '@scope/[email protected]' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

I am using 2FA so as the gitlab docs state, I need to use a personal access token set to api to authenticate. In another part of the gitlab docs it states

Some features such as publishing a package is only available on the project-level endpoint.

So in console I tried to publish to and authenticate at the project level

$ npm config set @scope:registry https://gitlab.company.com/api/v4/projects/123/packages/npm
$ npm config set //gitlab.company.com/api/v4/projects/123/packages/npm:_authToken 'MyGeneratedAccessToken'

Which eliminated my first issue of 404 not found, but now I couldn't authenticate. For hours.

$ npm publish --verbose
npm verb cli [ '/usr/local/bin/node', '/usr/local/bin/npm', 'publish', '--verbose' ]
npm info using [email protected]
npm info using [email protected]
...
...
npm verb publish [ '.' ]
npm notice
npm notice 📦  @scope/[email protected]
npm notice === Tarball Contents === 
npm notice 214B  README.md   
npm notice 1.1kB package.json
npm notice === Tarball Details === 
npm notice name:          @scope/mypackage                            
npm notice version:       0.1.0                                   
npm notice filename:      @scope/mypackage-0.1.0.tgz                  
npm notice package size:  764 B                                   
npm notice unpacked size: 1.3 kB                                  
npm notice shasum:        c22a42756de43e282da01f33c7d5da4940c7d1d7
npm notice integrity:     sha512-l/P2cr52Lle7h[...]isu3rDME3lYuQ==
npm notice total files:   2                                       
npm notice
npm verb stack Error: This command requires you to be logged in.
npm verb stack     at Publish.publish (/usr/local/lib/node_modules/npm/lib/publish.js:104:29)
npm verb cwd /home/user/Workspace/mypackage
npm verb Linux 5.8.0-43-generic
npm verb argv "/usr/local/bin/node" "/usr/local/bin/npm" "publish" "--verbose"
npm verb node v15.11.0
npm verb npm  v7.11.2
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
npm verb exit 1
npm timing npm Completed in 352ms
npm verb code 1

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/user/.npm/_logs/2021-05-12T11_23_19_273Z-debug.log

As you can see, npm publish --verbose isn't being helpful in telling me the URL i'm trying to publish to. Checking the documentation again showed I was missing the trailing slashes after 'packages/npm'.

With the trailing slashes, I was able to publish to the gitlab npm package repository for that project

$ npm config set @scope:registry https://gitlab.company.com/api/v4/projects/123/packages/npm/
$ npm config set //gitlab.company.com/api/v4/projects/123/packages/npm/:_authToken 'MyGeneratedAccessToken'

And for all packages I use

$ npm config set @scope:registry https://gitlab.company.com/api/v4/packages/npm/
$ npm config set //gitlab.company.com/api/v4/packages/npm/:_authToken 'MyGeneratedAccessToken'

For me, the docs on "Publishing a package by using a CI/CD pipeline" didn't work. I had to use the following in my .gitlab-ci.yml:

publish-npm:
  stage: deploy
  script:
    - echo "@${CI_PROJECT_ROOT_NAMESPACE}:registry=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/npm/" > .npmrc
    - echo "${CI_API_V4_URL#https?}/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=${CI_JOB_TOKEN}" >> .npmrc
    - npm publish

I had the same issue for npm publish. I tried with yarn publish and it also failed.

It was successful when I ran:

yarn publish --non-interactive

Also, I had an issue related to .husky (cannot install husky) and it was solved running before yarn publish this command with npm:

npm set-script prepare ''