Unfortunately, even though I am using a private repo with npm, the first article doesn’t cover my situation.
The article is explaining what to do with a private NPM module hosted on NPM, while my dependecies are hosted on Bitbucket.
I’ve made the cleanest possible set up in order to debug better.
package.json
{
"name": "netlify-site",
"version": "0.0.1",
"repository": {
"type": "git",
"url": "https://github.com/ndr4/netlify-site.git"
},
"dependencies": {
"my-dep": "git+ssh://git@bitbucket.org/ndr4/my-dep.git"
}
}
Even if I set the Deploy key from Netlify to my Bitbucket account, this fails.
However if I set my dependency, in the package.json above, with an App Password, like this:
"my-dep": "https://ndr4:{MYAPPPASSWORD}@bitbucket.org/ndr4/my-dep.git"
it will install the dependecy but this will show the password in my public github repo “netlify-site”.
Plus this is a very simple situation. In reality this private dependecy has other private dependencies and as you can imagine I cannot use the APP-PASSWORD method for all my dependencies since they are also used in other cases other than Netlify.
It seems the build is not using the Deploy key and I am wondering why.