Gatsby Cloud supports working with private packages that are listed on the npm and yarn registries, as well as other custom registries. This is the recommended method of working with private packages. You can also install from a private git repo directly. Both methods are described below.
Working with Private Registries
This is the recommended method of working with private packages.
Gatsby Cloud will respect any
.npmrc files included in your repository.
To avoid committing authorization token to your git repository you can use
NPM_TOKEN and optionally
NPM_REGISTRY environment variables:
- Navigate to the Site Settings page, then click on the Environment Variables tab
- Add a custom npm auth token by adding
NPM_TOKENas an environment variable.
- Set a custom registry by adding
NPM_REGISTRYas an environment variable.
Keep in mind that we have separate variables for Builds and for CMS Preview - you will need set those environment variables for both.
Private packages hosted on the npm registry
Because NPM registry is default one, it's enough to define just the
NPM_TOKEN environment variable in your site settings, you don't even need an .npmrc file.
Private packages hosted on Github Packages
You will need to declare package repository in
.npmrc in root directory of your site - for GitHub Packages:
NPM_REGISTRY environment variables
Installing from a private git repo
You can install a private package directly from a private git repo using https and a token from Github.
- Go to https://github.com/settings/tokens
- Generate a new token with "repo" access
- Add the package to package.json like so: "package-name: "git+https://token:firstname.lastname@example.org/org-name/repo-name.git"
Gatsby Cloud does not support setting an SSH key and installing that way at this time.