Adding the ability to create a .npmrc file using JFrog CLI for smoother integration with GitHub Actions.

[ashrithacjfrog]

Problem statement: When setting up GitHub Actions for continuous integration and deployment, there's currently no straightforward way to generate a .npmrc file using JFrog CLI other that using the curl command “-uadmin: http://<ARTIFACTORY_SERVER_DOMAIN>:8081/artifactory/api/npm/auth” .

Looking for an option to integrate GitHub with JFrog using OpenID Connect without requiring any user credentials on GitHub.

Feature Description: The goal is to allow developers to easily create the .npmrc file they need for accessing npm packages through JFrog Artifactory using JFrog CLI.

Expected Outcome: By implementing this feature, developers will be able to seamlessly create .npmrc files using JFrog CLI within their GitHub Actions workflows (without providing the credentials during the GitHub configuration).

[yahavi]

@ashrithacjfrog
I'm a bit unsure about the requirements. Using OpenID Connect should allow you to access the JFrog platform without needing credentials, so there shouldn't be a need for a new .npmrc file. I suggest checking out this blog post and the Setup JFrog CLI documentation to learn more about the OpenID Connect integration in GitHub Actions.

Feel free to reach out if you have any further questions or need clarification!

[skycaptain]

We have a comparable use case that may clarify the requirements, why this would be a very handy feature.

Our developers work on numerous projects simultaneously. Local development necessitates authentication and system setup for multiple package managers such as .netrc for generic artefacts and Python Wheels, .npmrc for private NPM packages, Conan remotes for Conan Packages, and docker login for registry authentication and so forth. Similar steps are required for CI. Moreover, it's considered best practice to use short-lived tokens. Therefore, it would be ideal if developers could authenticate just once using the jfrog-cli and let the cli generate short-lived tokens and automatically set up all the previously mentioned components, analogous to the "Set me up" instructions on Artifactory.

[yahavi]

@skycaptain
The JFrog CLI executes this API and sets up the .npmrc for you.

You can build an npm project in two steps:

1. Configure the npm repository/ies: jf rt npm-config --repo-deploy=... --repo-resolve=...
2. Execute npm install with the JFrog CLI: jf npm install

Behind the scenes, the JFrog CLI executes GET /api/npm/auth and places the .npmrc file in the working directory.

Read more about JFrog CLI integration with npm here.
Please let me know if this meets the requirements.

[so-jelly]

when building multiarch docker images, i typically would mount npmrc as a build secret. it would mae more sense to generate the npmrc once on the runner than to install jfrog cli in my builder and login there, potentially leaving sensitive artifacts behind.