If I understand your question correctly, you want your CI pipeline which runs npm to be able to pull a private project from your gitlab as a dependency.

In that case, you can use the deploy keys mechanism in gitlab for that (see here).

First generate a SSH key pair. You can use ssh-keygen -t rsa for that.

Then go to the private repository's gitlab page and locate the Deploy Keys setting. There you should paste the public key you just generated.

Then go to the project that runs npm in its CI and locate the Variables page. Create a new private variable with the name SSH_PRIVATE_KEY for instance and paste the private key you generated there.

Finally, in your .gitlab-ci.yml file add the following so that your private key will be available to your CI environment:

- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'

Your CI environment should now be setup so that in can pull your private repository.