Google Cloud Functions - Private Github repo in package.json

[mderazon]

Does GCF support private repo as a dependency in package.json ?

"dependencies": {
    "some-package": "git+ssh://git@github.com:myorg/myproject"
}

?

Today I am making sure the machine I run this from has ssh access to our organization GH account, but I am wondering how to achieve that via GCF.

[avinassh]

Any update on this? What would be the preferred way to access private repository dependencies?

[mderazon]

Response from Google in the cloud functions beta testers forum:

Installing npm modules from a private registry is indeed not supported in Cloud Functions at the moment. They are treated as public modules, and this is why you get the error.
The workarounds described in stackoverflow, including yours, are probably your best bet at the moment.
But thanks for reporting - we will consider adding the right support for private modules in the near future so that they could work if you specify the .npmrc file.

[kirillgroshkov]

Also have this issue.

[erichiggins]

I was having this issue yesterday and found a reasonable workaround based in the linked StackOverflow answer. Hope it helps others that might be running into this!

[Yuripetusko]

Is this still not possible with firebase functions? I tried and I think it is failing

[hadiosbourne]

got the same question ^^

[jk89]

Same ^^ it does not seem to work in typescript if you have typescript dependancies which are of the form git+https://.... I couldn't get pack working as it dosent seem to working with nested packed tgz dependancies.

[avinassh]

Here is a solution what we use at my workplace. We use Google Cloud Builder to build the docker images and install the node packages over (git+ssh). However, accessing private Github repos in cloud builder is also an issue, cos your Github token might get leaked. So we wrote a tool for that.

link to tool: fidelius
a brief intro: link

[andrew-property-xyz]

Apologies, I know this issue is closed but I've not found anything else on the Internet that comes as close as this issue in relation to the fundamental issue I'm having, viz gcloud functions deploy simply won't work with modules from private repos (GitHub Packages in my case).

In my cloudbuild.yaml, I can use the bash entry point of gcloud builder to echo the necessary registry path and auth token to /builder/home/.npmrc and this allows the node builder to quite happily run install, test, etc. (bringing in the private module). However, as soon as gcloud functions deploy executes, the node_modules folder is zapped and (according to the docs) npm install --production is executed but although npm HOME does appear to be /builder/home (assuming this is the case because that's where the npm log gets written when the step fails), the .npmrc file I put there in the earlier step is completely ignored.

So, what gives? Either
a) gcloud functions deploy is running npm in an isolated/protected context so it has no access to /builder/home, or
b) it is running with it's own user config which overrides /builder/home/.npmrc, or
c) the /builder/home/.npmrc is explicitly removed (if so, why?), or
d) the entire environment is reset somehow, thereby getting rid of the .npmrc I created, or
e) something else...

Unfortunately, I've found no clues as to what exactly gcloud functions deploy does and it seems I cannot deploy a GCF any other way (so, no, it does not work from command line either).

In the meantime, I'm using the workaround (which does work, thank you), but surely it cannot be that difficult to somehow get the npm that is executed by gcloud functions deploy to honour an npm user config file (either in /builder/home/.npmrc or explicitly specified using --userconfig or the NPM_CONFIG_USERCONFIG environment variable).