NPM Publish Straight from Travis CI

by Michael Szul on

No ads, no tracking, and no data collection. Enjoy this article? Buy us a ☕.

I've been attempting to do more and more with Travis CI lately, in order to align my personal and community projects with the sort of continuous integration/continuous delivery that you would expect from more enterprise software. This has particularly been an avenue of pursuit because I have developed several projects that are actually NPM modules now, which means that when I check in new code that I want others to have, I need to version it, tag it, and get it up on NPM.

Being exposed to Travis CI, I've found that although the documentation is pretty strong, it can occasionally be difficulty to track down the right process or configuration for your needs. For me, I wanted to be able to publish straight to NPM on successful main branch builds. The configuration is simple enough. Here's the .travis.yml file from Metron:

language: node_js
      
      script:
        - npm run postinstall
      
      deploy:
        provider: npm
        email: "michael@szul.us"
        api_key:
          secure: APthh7/Un+6qM8FkT4rLQs2BGGi8lB+A1sy8KP8vqZd2iwHFtDMb3Yxlup4rGhEnrqp6fqSei8ugDH0UGX8QxBvMYwK8Ei6CCtlbUxCXrEA0hr9paD9Nmc93bo5BRMVjSFIMg5pSizydX6O5IDOrBzH4EIrD/tfAhLWrpL774U/o2jZ2jmDR01e66wkqkrCpazv5RNNzQmJPw8wQNGUkYNiKmJXEpxapmWvcensf2wIypdYEvTaD93Gb8Abgvn7zBIye4tCxPf+OaHKmFsuaLqwJnX3tJm75B4D9U2mPzHLP5P+9oZcQHgKVkYX6cb9+bMw97sljkUoR0YqOycq3C3s+9haYbWW0uDcaPN45OmYDSNuXj5RT/6Tb6Yo5EVQI3YkWmRaT+bUCbtBmEYR1XZ5HHmKj7INXaXfQUziS6dbdm3pNR3zzVK/mLyR2BX+h/gOfNwXRsqII6LlobjFxm80/ewm04/h+mZO6vH3yoWIxBztjRJ/oJW/hQY2dic351icbIWWaThM5fF3auHGyXFZ56tgOSLMKXdYjvUjJPTIbjl7U9UemIpBGbZz3tT7zlntRC1GSZN/Dmmlw6oWvjFMMYZKKsqLQ9O05co4YCxteMi8AD8G/zq13WXS3ViNYn64IZJ8y2xBT7wSmWA9GtEXgXAHCuKXjYACNjaF6OoY=
        on:
          tags: true
      

The important bits of this deal with deploy. Notice the entries for provider, email (which identifies the account), and then api_key. This is going to be configurable depending on the provider you are publishing to. The "secure" property is an access token you acquire from your NPM account. This particular one is encrypted.

How do you encrypt your access token? You'll need to download the Travis CI CLI tool. Don't get confused by download the Travis CLI from NPM, and installing it globally. This is not the same thing, and definitely not the tool you need.

Instead, you need the RubyGems Travis tool. Travis CI is built on Ruby, which means you will need to have Ruby installed, and the RubyGems package manager. If all you are doing is encrypting your access token, this makes it very heavy handed. Feel free to uninstall both after you encrypt your data, if you aren't going to be using Ruby at all for anything in the future.

You can find instructions on installing the Travis CL CLI on the Travis documentation on GitHub. If you have Ruby and the RubyGems package manager installed, it's as simple as gem install travis.

Once this is installed, navigate into your application's root directory from the command line, and then run:

travis encrypt YOUR_ACCESS_KEY --add deploy.api_key
      

Once you do, your .travis.yml file should be updated with an encrypted version of your access key.