Background
I have two node.js projects for my websites. Different website. Those websites are using the same core component (colors, graphic elements, ...). All those components exist in 3'rd projects which are shared for my two websites.
The shared project is stored in a private GIT. I added the repository URL to my packages.json file. So, when I'm doing npm install, it is installing also my shared package.
The shared project containing Angular 8 components mostly.
The Problem
While running locally, everything works fine. The problem is when committing the websites to the server build. At this point, it stops working because the server doesn't have permission to access the shared private repository.
My build server works with DOCKER and being executing on a remote server.
Possible solution:
One possible solution, which I don't like, is to store the username and the password of my user on the docker file. Then, when pulling the GIT repo, it will use my credentials to pull the repo.
Of cause that this solution is exposing my username and password in clear text, which is not recommended.
The question
What is the best solution to solve this problem?