Access Configuration
As mentioned in previous section, release artifacts are available privately via GitHub Packages, and through GitHub Source Code Repositories.
If you are the project member that has been designated to move the release artifacts to your own artifact registry
and source code repository, you will need to have a GitHub account and have been granted access to AGIL Ops Hub's
private packages and code repositories.
You may refer to these instructions for detailed steps on creating an account on GitHub.
Once, you have a GitHub account, approach any AGIL Ops Hub member with your account details (email address /
username) to be granted access. You will then be able to download source code directly from
https://github.com/mssfoobar via your browser.
For Container Images and Node Packages, you will need to configure your Docker and npm as follows to access.
Setting Up
Create your personal access token
For GitHub, you will need to generate a personal access token with read:packages scope to download container images.
You can refer to GitHub's official instructions on how to generate personal access tokens here:
Creating a GitHub Personal Access Token
If you're using different software configuration management tools, please consult your configuration manager on how
to gain access to the relevant packages.
Configuring Docker to have access to pull Container Images
-
To check if you have access to the container registry, you can log in to your
GitHub accountand then browse for the required images here: https://github.com/orgs/mssfoobar/packages. If you are unable to see the container image you need, your account may not have the required access. Please approach an AGIL Ops Hub team member for assistance. -
Login to Docker with the token:
$ echo TOKEN | docker login ghcr.io -u USERNAME --password-stdin- Replace TOKEN with your token generated in step 2
- Replace USERNAME with your GitHub username
For more details on working with GitHub's container registry, you can refer to their official documentation.
Configuring npm to have access to pull packages
The simplest way to pull released node packages is to use the Web Base and Web CLI Tools to pull the packages required.
By default, Web Base will include an .npmrc file which points to npm.pkg.github.com for npm packages with
the @mssfoobar scope.
Run the following command to configure npm to have access to pull the packages.
$ npm set //npm.pkg.github.com/:_authToken=GITHUB_PERSONAL_ACCESS_TOKEN- Replace GITHUB_PERSONAL_ACCESS_TOKEN
Making Authenticated Service API Calls
When making calls to our backend services, all protected routes will require an access token. We use the Bearer
Authentication Scheme - you are expected to pass an Authorization header,
with the value "Bearer ACCESS TOKEN".
import type { ServerLoad } from "@sveltejs/kit";
import { env } from "$env/dynamic/private";
import { StatusCodes } from "http-status-codes";
export const load: ServerLoad = async ({ locals }) => {
if (!locals.authResult.success) {
return new Response(
JSON.stringify({
message: "Unauthorized",
}),
{
status: StatusCodes.UNAUTHORIZED,
}
);
}
const bearerAuthorizationString = `Bearer ${locals.authResult.access_token}`;
const headers = {
"Content-Type": "application/json",
Authorization: bearerAuthorizationString,
};
const interesting_data = await fetch(env.INTERESTING_URL + "/juicy_data", {
method: "GET",
headers,
});
const result = await interesting_data.json();
return {
my_interesting_data: result,
};
};
In the TypeScript example above, the access token is retrieved from via framework mechanisms
(locals.authResult.access_token), for more information, see the
Access Control section of the Web Framework.
Below is a curl example of making a request with an authorization bearer token.
curl -H "Authorization: Bearer ACCESS TOKEN" http://www.example.com Troubleshooting
Repository not found
git clone https://github.com/mssfoobar/web-base
Cloning into 'web-base'...
remote: Repository not found.
fatal: repository 'https://github.com/mssfoobar/web-base/' not found
If you don't have access to the repository and you attempt to clone it, you'll run into a Repository not found error.
This sample output is with trying to access our code directly from our GitHub repository without permissions. Your
configuration manager should be instructing you on how to configure your system to pull from your own code repository
(which could be GitHub, GitLab, Gitea, or some other solution entirely).
If you're trying to pull from our GitHub repositories directly - follow the instructions
here to ensure that your terminal has
git configured to have access to your GitHub account. If you still don't have access, it's possible your account has
not been granted read permissions (you should be able to see the repository online).
npm error code E404
npm error code E404
npm error 404 Not Found - GET https://registry.npmjs.org/@mssfoobar%2fcli - Not found
npm error 404
npm error 404 '@mssfoobar/cli@^1.0.3' is not in this registry.
This error stems from your npm configuration not being set to pull these private packages from the appropriate registry.
By default, there's a .npmrc file in the root folder of the Web Base that points @mssfoobar scoped packages to
our npm registry (https://npm.pkg.github.com). This configuration might have been overriden such it is now trying to
pull from https://registry.npmjs.org instead (the default npm registry).
Regardless, in your project, your configuration manager should have set up YOUR OWN PRIVATE registry to install
packages - check with your configuration manager what this should be.
npm error code E401
npm error code E401
npm error 401 Unauthorized - GET https://npm.pkg.github.com/@mssfoobar%2fcli - authentication token not provided
Whenever you try to access a private package with npm that you're not allowed to, you'll get a 401 Unauthorized error
- in the case of @mssfoobar-scoped packages, you might have configured npm to connect to the correct registry, but
you have not configured the _auth setting in npm.
When connecting to our packages in GitHub, the steps to remediate this is listed above:
Configuring npm to have access to pull packages. However, if you
are using your own project registry, you will have to check with your configuration manager what this should be.