Science and Nature

The model to Consume GitLab to Allotment Private ESLint Solutions With Your Team

James Walker

| 5 min read

Graphic showing the GitLab and ESLint logos side-by-side

ESLint statically analyses JavaScript to determine disorders earlier than the code is scurry. It will moreover uncover and fix stylistic discrepancies, helping your challenge align with any model guides you practice.

Growing a comprehensive ESLint config can possess just a few hours. Over one hundred tips may perchance be found in and or no longer it is a ways a ought to ought to guage which ones your group will use. ESLint ships with a “suggested” plot of simplest practice tips; many pretty about a famous tips are no longer turned on by default.

On this guide, we’ll designate be taught the option to write an ESLint config as soon as and portion it with your group utilizing a deepest npm registry in GitLab. You’ll be in a put aside to reuse your ESLint config at some stage in your whole projects by referencing your registry equipment. We’ll be skipping over the fundamentals – it’s assumed you’ve bought some expertise with creating unique GitLab groups and projects.

Getting Started

ESLint makes it easy to use shared tips. Any npm equipment is eligible to change into an ESLint plugin. The equipment’s entrypoint desires to export an ESLint configuration object.

Commence up by making a novel GitLab challenge to raise your ESLint configuration. Clone the repository down to your machine. Subsequent, add a equipment.json to picture your npm equipment:

    "title": "@instance-group/eslint-config",
    "creator": "Example Author",
    "description": "An instance description",
    "version": "1.1.0",
    "main": ".eslintrc.js",
    "peerDependencies": {
        "eslint": ">=7"

Clutch into consideration the format for the equipment title. This ought to match your challenge’s GitLab namespace title (@group/challenge). The @ symbol creates a equipment scope. We’ll use this later to dispute npm to fetch @group programs from our deepest npm registry. Whereas you’ve bought a fancy namespace title, consult with the GitLab documentation to determine the appropriate scope title to use.

The main field ought to quiet be plot to the file that will possess your ESLint configuration. We’re utilizing .eslintrc.js for this text. ESLint is specified as a witness dependency. This kind projects utilizing your library ought to consist of ESLint in their very dangle dependencies.

Growing Your ESLint Configuration

Scheme your right ESLint configuration file subsequent. Invent definite you make use of the file you specified as main in equipment.json.

Here’s a general instance:

module.exports = {
    "extends":  ["eslint:recommended"],
    "tips":  {
        "comma-dangle":  ["error", "never"],
        "indent":  ["error", "tab", {"SwitchCase": 1}],
        "max-classes-per-file":  ["error", 1]

This configuration is constant with ESLint’s constructed-in suggested tips. This presents you a correct starting designate layer your dangle tips onto. We’ve added three further tips to ban dangling commas, limit every file to 1 named class, and power the use of tabs rather than areas.

Authenticating to Your npm Registry

Now you’re prepared to publish your equipment to your deepest npm registry in GitLab. You’ll ought to create a GitLab API token first – click your profile icon within the tip-applicable, then the “Preferences” menu item. Capture out “Accumulate entry to Tokens” from the sidebar. Scheme a novel catch entry to token with the read_registry and write_registry scopes. Veil down the token value that may perchance be displayed – you received’t be in a put aside to retrieve it sooner or later.

Subsequent or no longer it is a ways a ought to ought to connect npm to your registry:

npm config plot @instance-group:registry
npm config plot -- '//' "$API_TOKEN"

Replace $API_TOKEN with the API catch entry to token you generated inside of GitLab. The necessary expose configures npm to fetch any equipment within the @instance-group scope out of your deepest registry. The 2d expose affords npm with the registry authentication token.

npm permits you so as to add any quantity of equipment scopes. Every deepest scope desires its dangle authentication token. Whereas you’re employed in multiple GitLab groups, you’ll ought to account for a scope for every.

Publishing to GitLab’s npm Registry

The authentication configured above applies to the instance-level GitLab npm registry. That is preferrred for installing dependencies as you may perchance be in a put aside to catch entry to programs in any group you’ve bought catch entry to to, without manually specifying challenge IDs.

To publish programs, or no longer it is a ways a ought to ought to use the challenge-level API endpoint. This requires separate authentication inside of npm. Chances are you’ll perchance well presumably reuse the identical API token, if it’s bought write_registry permissions on your challenge:

npm config plot -- '//

Replace within the registry URL with the ID of the GitLab challenge you’re publishing to. Chances are you’ll perchance well presumably uncover this on the challenge’s homepage, displayed subsequent to its title.

Subsequent, update your equipment.json with a publishConfig object. This instructs npm publish to post your equipment to your registry, rather than the public registry on

    "publishConfig": {
        "@instance-group:registry": ""

Bustle npm publish to publish your equipment to your GitLab registry! You ought to quiet explore your equipment designate up below “Programs & Registries” accurate by means of the GitLab interface.

Installing Programs From Your Registry

mpm instructions much like npm install, npm ci and npm outdated-customary ought to quiet work without extra configuration. npm will robotically seek the recommendation of GitLab to resolve the most modern version of your deepest programs. Recordsdata will then be downloaded straight out of your registry.

No authentication is known to install programs from public projects. In case your challenge’s deepest, you’ll ought to create npm with a GitLab API token as described within the earlier sections. The use of a challenge-level endpoint will can enable you put in that challenge’s programs; an instance-level endpoint permits you to install any equipment you’ve got catch entry to to.

Here’s an instance equipment.json for a challenge that consumes your ESLint config:

  "title": "demo",
  "version": "1.1.0",
  "devDependencies": {
    "@instance-group/eslint-config": "^1.1",
    "eslint": "^7.2"
  "scripts": {
    "lint": "eslint ."
  "eslintConfig": {
    "extends": [

Your ESLint equipment ought to quiet be added as a pattern dependency so it’s no longer put in unnecessarily. Add an eslintConfig block to configure ESLint with your equipment. Chances are you’ll perchance well presumably now scurry ESLint with your personalized configuration utilizing npm scurry lint.

The use of Your Programs In CI Builds

You don’t ought to realize one thing special to use your deepest programs in a CI pipeline. You’ll ought to update your CI script to login to your GitLab npm registry. It’s regularly simplest to generate a challenge-level catch entry to token with the registry scopes, rather than utilizing your dangle person-level token.

Consume the instructions confirmed above to setup npm authentication inside of your pipeline. Your map ought to quiet then be in a put aside to scurry npm ci to download your dependencies and scurry ESLint.

Here’s an instance .gitlab-ci.yml file:

  - lint

  stage: lint
  tell: node: 14
    - npm config plot @instance-group:registry
    - npm config plot -- '//' "${API_TOKEN}"
    - npm ci
    - npm scurry lint -- --cache
      - .eslintcache
      - node_modules/

The pipeline incorporates one stage which authenticates to the deepest registry, installs dependencies and at final invokes ESLint utilizing the lint script. This used to be setup earlier when creating the challenge’s equipment.json file. To catch the API_TOKEN value into your pipeline, create an surroundings variable in GitLab. This enables you to securely provide a token without hardcoding it into your file.

Whereas you intend to publish programs from CI, undergo in mind that every launch desires its dangle unfamiliar version quantity. You’ll ought to thought a methodology to update the version field on your equipment.json earlier than you npm publish. It’s no longer possible to overwrite existing equipment tags.


Combining ESLint’s plugin system with GitLab’s deepest npm registries permits you to portion one config with your whole group members. Chances are you’ll perchance well presumably stop duplicating your ESLint tips at some stage in your projects, bettering comfort and maintainability.

The handiest friction lies within the one-time npm authentication when a novel particular person desires to install your equipment. Defend in mind updating your challenge’s README to consist of guidance on logging into your deepest registry. Authentication will persist till your GitLab API token is deleted.

Related Articles

Back to top button