How to use a private npm registry with Firebase/Google Cloud Functions

I recently ran into issues trying to use a private npm package hosted on Github packages within a Firebase Cloud Function. This post offers some quick insights.

Some quick notes

  1. Firebase/GCP does not allow the exclusive use of a private registry for every npm package for Cloud Functions.
  2. Each registry defined in the .npmrc file must include a scope. Otherwise, Firebase ignores the file during package installation and will try to find every package on https://registry.npmjs.org
  3. Given the above, ensure you are publishing scoped npm packages, e.g. @ownername/my-private-pkg

A valid .npmrc file

In my case, I’m using Github Packages to host my private npm registry.

ℹ️ Replace ownername with the user or org name of the repo that contains the private npm packages.

//npm.pkg.github.com/:_authToken=asecrettoken
@ownername:registry=https://npm.pkg.github.com/ownername

An invalid .npmrc file

Initially, I tried using Github packages for everything, only to see attempts to search for my private packages on https://registry.npmjs.org/

//npm.pkg.github.com/:_authToken=asecrettoken
registry=https://npm.pkg.github.com/

I hope this helps

At the time of this writing, the Firebase documentation only mentions the option of including an .npmrc file with the functions during deployment but does not clearly define the constraints.