Publishing npm packages with Semaphore

Publishing npm packages with Semaphore CI

Every software developer should know the importance of Continuous Integration (CI). Not only does it enable teams to automatically run tests for each new code check-in, it also allows them to build and deploy the latest version of the application to users.

Semaphore CI is the Continuous Integration service of choice for us at OK GROW!. In this post I will show you how to set it up for publishing an npm package. I assume that you already have an npm package and that you are already automatically running its tests so let’s proceed!

Even though this post focuses on the configuration on Semaphore CI, the concept can definitely be applied to any other CI service.

npm login

To understand how to set up a CI environment to publish our packages, we need to understand what happens when we log in to npm.

Assuming that you already have an npm account, when you finally decide to publish your package, your first step is to log in to npm. This is done by running npm login on the command line. The login script will ask for your username, password, and email. If you filled them out correctly, you will be logged in and able to publish your package.

When that process is finished, the script will write information to the .npmrc file located in your home folder. This is what you need to allow Semaphore account to publish packages.

Take a look at your .npmrc file and you should see this:


Setting up a new deployment server

We are going to think of the npm registry as our production server. Our next step is to create a new Semaphore deployment and set it up to create an .npmrc file automatically.

Open the main page of your project in Semaphore and click on Set Up Deployment and select the Generic Deployment option from the list.


Next, you can choose between two deployment strategies: Automatic, where Semaphore will deploy automatically every successful build of a specific branch, or Manually. I’ll leave that decision up to you!

Let’s keep moving. Now we enter the deploy commands. You might have some other commands here related to your package, but in general all you need are these two commands:


We don’t need to add ssh keys, so let’s move on to the next step which is naming the server. You can name it anything you’d like, but in this particular example let’s name the server simply npm.


That’s it! Well, almost. If we tried deploying our package now, it would fail for not having an authorization.

Authorizing Semaphore to publish

With our deployment server ready, go to the project settings, choose Configuration Files tab and click on the green Add First Configuration File button.

Let’s tell Semaphore to add an .npmrc file to the runners home folder. Your File Path should then be /home/runner/.npmrc. For the content, copy the contents of your .npmrc file to the text box.


But careful, you don’t want other people to be able to see your token! To avoid this, there are 2 choices.

The first one is to encrypt the contents of this file. This can be accomplished simply by checking the Encrypt File checkbox above the contents area.

Or maybe, you might want to be more transparent about this file to other developers, while still being able to hide your token information. In that case, you could use Environment Variables. Changing the contents of your .npmrc file to use these should leave it looking like this:


Select the Environment Variables tab and click on the green Add First Environment Variable button. Specify NPM_TOKEN for the name. Add your token to the contents, and don’t forget to check the Encrypt Content checkbox.


Finally, you can test to see if Semaphore will successfully publish your package to npm.


And now you’re all set!

Let's stay connected. Join our monthly newsletter to receive updates on events, training, and helpful articles from our team.