在 CI/CD 工作流中使用私有包
您可以使用访问令牌通过持续集成 (CI) 系统测试私有 npm 包,或使用持续部署 (CD) 系统部署它们。
创建新的访问令牌
创建一个仅用于从 CI/CD 服务器访问 npm 包的新访问令牌。
持续集成
在生成用于持续集成环境的访问令牌时,我们建议使用具有有限访问权限的粒度访问令牌以提供更高的安全性。
如果您改用遗留令牌,则默认情况下,npm token create
将生成具有读写权限的令牌。我们建议创建一个只读令牌:
npm token create --read-only
有关创建访问令牌(包括 CIDR 白名单令牌)的更多信息,请参阅 "创建访问令牌"。
持续部署
CZP1k3QfAbGpM6niBbmEFcvBmCLRmx795xZh8/jlhPGaofnZx9W/dWYCmseEdJREBwlu5Xb51jXxyX24VMeKjE0rqnwgL4wQpGFEX3UZeG7eAspkG7FQKzmmAj4WS0/PQRV05EhN/SAFpP/MB651j5rKuzJG7q5rEpWy9wyV7uXD+r2eL1o8oLC90vwEmOlZl7UycmbYSk8MKzRmgjLpbJSVldybzbTCdJl57bi02jcUggsYT4028rZCmk43JslO5oCdUuQN+7ZRHkKDYVEOLwLaNhXhPq2oLhhYUbEJsgpOATr1/QBFMFtdRj/4TM0+YMqhuhK4Y5WAkFCkZuX05A==
交互式工作流程
v9xW6V4ofQ8zlavEM2gWmhMBj49ausw0qxRACt7zptYlZVgXOFVAcggVTXu+lQsdJSDp60eFb/I7dlO6Ewr+wOOJ9B7Do8RvbvBfo202IjPmRfKMVuf/ICOOZBjylVECe5OoAPh+snPjoZgYZyzllFvT0wfkOefVzGxX/jKH1g4dsmuFlejIiBO8zo1KAqkrAlb8lVJ4OVa+0jVQjZGalVRSbO9rRM8rJ1X2ATZJjH9d1z5bCx9yK8TTw5ndQ4PRbHr26oWK1GadUzIcU7wuug==
npm token create
CIDR白名单
rD07T4KYSqgtq9MRnNzjGgwT2WXq+8Y27y4LhVDw9GSfx3KdSw350KdvdlNyyRC/ZpJOj+3XUtpnu5xelLDI6Y8KlzRUqaxXTaQWqua2r4LqHumw5As6U1eNiJ2Y+YYas7Mo/4jYYHXUkrk737tZWWIqlxBey2eAjhJaCpl6p2TcVfbSLL18sc4C6qF1WOKAT7OvLVWttvuIIvFrIuWA5Fyw+zkjnsJlKKOtP939LcEmui5LIb4I+UtCtESIpmCr
npm token create --cidr=[list]
npm token create --read-only --cidr=[list]
glP/0Y97LdLnWQTgcnPfrw==
npm token create --cidr=192.0.2.0/24
KvO44DTaXSSrpPbkol6TpgwllHDtOQOB7jYORvm+GLljuf3ePs507Z1rnZzKjVyT1P+b9pDUKkkBDvgdbWqzIZwcCYcy6LRsFcna1x+PRY6VQOMe6A37ODc8G/ekoJWQywambON6LNlGkp4OL6TeazTL7VyBDR+K8HPetz/Yw/E=
将令牌设置为 CI/CD 服务器上的环境变量
TG/MTsQzVoqTj1d29HglKtXNQXB1F4BmNeKx4Gh1z5oLs5nKoCycDc+DeinT8LKSjPe6z98ryBaHbSqt9sdaOOR9GI2JCqVhaT+/OxNPS0A=
rVLTJ3+AXMRb+1pmqleagrQ7LWGr4Jddi2BrIugwDkEcuvXZwtS7y5aoucwxdaNTOMbRUnm0Dgr0MjdPpjUrAQNIeV97wsySM7mEZeKiP35MLaMl4eU86H7sAGJK0sOSA9d3GUc2pCapfoutVo/dE1S67RPD0fuuTtUqxrD9IRMuKhlmgh042vQZySW5Hi+tVs4S8beImagVseBODN/DgffR/Hqi7LacwfrE7WksP7E=
U7bUbTCwwXsmUWZapAJWaEFemu09Z0uI/9BX0fsFEmtZGI/fbI1cdk8eXt0r1N66Lzc/TCil7F+7GFuyOz4XL/eK+spMwBe5W1lKR7E7drK5PHyIqeQRpwYBqzPmgHN2HFoUpwOh6ALOgBDqChxdk1PzMiY6TPhZYPYbMyCwwYqNm+orDvDWWOBpO9ZJMx3+
steps:
- run: |
npm install
- env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
kqFrM6H2hAAc1i8TBi4mJ7l5pqEHroiob1MSA2msL+sNehmD1H1m74Xc+CVSBm/egK4APOAleoQiTIob8yLODnJN6UDpWV2fdNouEo0frEg=
创建并签入一个特定于项目的 .npmrc 文件
kkeXZTpdBLj2X0uW+luKbbDfrNmPG6Fo+5IZ/+fopVV5GjAlZo8q9u4/4kQ3mRqInXspE5TClh/Eaa0nzE7dX7UcvYm0F2UNbMQiEscI1r9Q8VkFdDqkPpjghmgCPbmFuiZ0Pw5x9EZ/yyBs4llESm20xXkXVCI42sdo7LmvmpI=
zlAWRiUueRHvAVhL1wUaF/pQ70mrYbNUdELJXuaGREGpkkpsOPcf5dH2Dg5zKUPPrVP513HZDmlGQ2bVlLbGWfOt9so/ZKiX4y+zmQ8SuiRTcZwrSFYsfIIgrqHYzvirB8DZPn56PgHlOMTj2VLuNw==
//registry.npmjs.org/:_authToken=${NPM_TOKEN}
/+702gAw25LttJwA/BsJORVmBwgfO7hxjMNi8Y1RlNLf0q9YBJcKUI8jv/J7cwiNn+VN1SOQ/NPYmAGTdM6NTTgD1XH1QUnC98dUCONiCb96UGOa+nb+zK/1YO3aJwvHCCWd2ks7gtRhvtYR4azwJNresx4ZS9oxpMPDR9lXcSxu9tsIkdjDMzNWSsGXs/wZfd8KH/Ffmq98JK1CWUL0xgCQg7/HixuKZyEFoMWTfRTbzGm5e6bRZhA+IbMsCQhnQZBteH7ERrhZNvH2h85FFg==
OBTyWFlJs4vKOAF+UjgaJsSArMtU417tGQdGW3bNE5lRNKINCKgkDD24KCcBdBeY
保护您的令牌
d+9Qc4ajrmvdspwO8TdG3bEub69EQnShE5SvtsFD5yeryY0I8hxJzrN+1GfKEXKz1jWuO2AzW+AUMv12rsHoE1sFd/Cloq3NhMU220gG0u3eevQsf4+/LIxXXPjS/IJaOnxuHdRLLdq3+CwGaw1ENOt9Zy12xmZ2461Nc5qe+3M=
wo9IDEsIaIMrvmHHWS5UeySpJoX2da2sD2oR3wSAi5jOBHAy18/Owfno0YzCrHCyMQHf5aiT9jQUT/OQdi7+7sOX8TIzL59KsSJEIlls59Q9D/IOqegg+oehVDu4TQ6hR/33x+0rGkBW2k3RRVrzjJtsx3/DES4AwqKUVClT3f7jFUrGm+S5peV1y36t3zgG4L/+GUTqB+usDOxAF/6xSbjWCs+0mP270K3qkD5bkxE=
siNmx9odVSQ4VaxHiypZsWxWV0tN01z/qYSVFqlxYdpu/B3aQC1Xy63EFdyFusMWURWMiBc+3z+4RXWUzqF20YyM7UICD9NSZ2CQQmOOkaDxPewkw8bhgXDGsX/qvV2xpSHWGqwwSeCXE0BsKEuHEfdU6DQ0JZih2cJLtVX2kVOhz6rmq3tsdflsFY6YAWj/DnDUgkIqyXbeuNFMTXtYzOZmA1mcIw4AYbi9sXkYTD/o7WIX9sCPYg/VFB2v4e5H0DAPwuM4a5bXIxNsQWGrbo9PqJYEH9AkMe3PdfSFgaI=