FAQ
A high level architecture diagram of what is created can be found below:
Once you are using the private registry you are required to always be authenticated with npm. This ensures not just anyone can request private packages that are not to be shared with the outside world.
To login you can use the npm login cli command, if you have 2FA enabled you will need to enter the username in the format of your GitHub username.otp e.g. jonsharratt.123456. Once logged in it will store a long life token that will be used going forward.
You can manage your 2FA here in your GitHub security account settings.
-
npm login: is done via GitHub / GitHub Enterprise. -
npm publish: publishes to your own S3 bucket within Amazon AWS, never to the public npm registry. -
npm install: checks private registry S3 bucket, if it does not exist it will request it from public npm. -
npm info: checks private registry S3 bucket, if it does not exist it will request it from public npm. -
npm dist-tags ls: checks private registry S3 bucket, if it does not exist it will request it from public npm. -
npm dist-tags add: updates package in your own S3 bucket within Amazon AWS if it exists, never proxies to public npm registry. -
npm dist-tags rm: updates package in your own S3 bucket within Amazon AWS if it exists, never proxies to public npm registry.