bit icon indicating copy to clipboard operation
bit copied to clipboard
verified publisher icon teambit

Cannot install npm dependencies with bit in enterprise network

Open guy2002k opened this issue 4 years ago • 2 comments

Expected Behavior

bit install will install the dependencies from the private registry in enterprise network.

.npmrc

registry=https://my-private-registry/...
strict-ssl=false

Actual Behavior

  • Yarn package manager error: self signed certificate in certificate chain at ClientRequest.(C:\users\my-user\AppData\Roaming\npm\node_modules@teambit\bit\node_modules\got\dist\source\core\index.js;962:111)

  • Pnpm package manager error: Get https://my-private-registry/.../@testing-library/react: request to https://my-private-registry/.../@testing-library/react failed, reason: self signed certificate in certificate chain

Steps to Reproduce the Problem

  1. Have an internal network with a private registry
  2. Make a basic component in bit
  3. Create a .npmrc file, and set the npm registry to your private registry, and set strict-ssl to false.

.npmrc

registry=https://my-private-registry/...
strict-ssl=false
  1. Run the command: bit install

Specifications

  • Bit version: 0.0.595
  • Node version: 16.5.0
  • npm / yarn version: npm - 7.19.1 / yarn - 1.22.10
  • Platform: Windows 10
  • Bit compiler (include version):
  • Bit tester (include version):

guy2002k avatar Jan 10 '22 10:01 guy2002k

this is likely due to a firewall or vpn settings. you can either set the proxy settings for Bit or configure your in-house package registry to cache/proxy components (you can reference to this guide).

to set up a proxy for bit:

bit config set proxy http://proxy.example.com:8080
bit config set https_proxy https://proxy.example.com:8080

there are a bunch more settings:

PROXY_CA
PROXY_STRICT_SSL
PROXY_CERT
PROXY_KEY
PROXY_NO_PROXY

itaymendel avatar Jan 10 '22 10:01 itaymendel

I tried your solution and the same error had been raised. After trying your answer, I came up with an idea from your answer and bit docs, that is to add the configurations proxy/httpsProxy to the workspace.jsonc in the teambit.dependencies/dependency-resolver section, it solves the certificate problem but now when bit tries to get the packages from the registry, it returns a "404 not found" error, but I can clearly see them there when I try to send a GET request myself to the exact same address.

New problem:

  • Pnpm: GET https:/my-private-registry/....: Not found -404
  • Yarn: RequestError: tunneling socket could not be established, statusCode=302

I work in an offline enterprise network, so I can't connect to node.bitsrc.io or anything else in the regular internet and I installed bit using npm from my private registry. In addition, I want that bit will install my dependencies from this private registry

guy2002k avatar Jan 11 '22 15:01 guy2002k

workaround is to set NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt variable. but again this is issue with when using custom npm registry, with own CA. even if CA is trusted in system, using proxy it wont be trusted. without proxy, bit takes into account system CA store, but when using proxy it default to node CA files for some reason.

tomaxsas avatar Feb 09 '23 11:02 tomaxsas

#7062 solves the above issue

itaymendel avatar Mar 07 '23 08:03 itaymendel