Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copilot Lvl 2
Message 11 of 16

Re: Installing npm packages from the GitHub package registry

- name: Authenticate with GitHub package registry
  run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > ~/.npmrc
- name: npm install
  run: npm install


This method did not work for me. Did you change something?

Do you have your packages on the same repo?

Highlighted
Copilot Lvl 2
Message 12 of 16

Re: Installing npm packages from the GitHub package registry

Hi, we have had the same issues with `yarn` and `npm` - We've just released a github action that should fix your problems here: https://github.com/onomondo/github-auth-javascript-action

 

EDIT: Woops, sorry I didn't see that this was for the GitHub package registry (which we don't use) - but perhaps the method used in the action might give you some insights? Sorry. I can't figure out how to delete this message 

Highlighted
Ground Controller Lvl 2
Message 13 of 16

Re: Installing npm packages from the GitHub package registry

I am using the approach which is described as working in the opening post:

 

- name: Authenticate with GitHub package registry
  run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > ~/.npmrc
- name: npm install
  run: npm install

Unfortunately that does not work using the GITHUB_TOKEN that's injected.

I tried a couple of things and ended up with using a personal access token instead of `secrets.GITHUB_TOKEN`. 

Now the install from Github Packages works, as well as the install of other npm packages.

 

It appears that the default injected token does not have the sufficient scopes but mine has?

 

Any help is appreciated, thank you in advance.

Highlighted
Ground Controller Lvl 2
Message 14 of 16

Re: Installing npm packages from the GitHub package registry

the GITHUB_TOKEN only access to its own repo, with an added personal access token to the "secrets" of the repo it works.

Highlighted
Ground Controller Lvl 1
Message 15 of 16

Re: Installing npm packages from the GitHub package registry

Thanks for this!

To clarify for future use what worked for me:
I added a personal access token (https://github.com/settings/tokens) that could "read:packages" only.

Copied the token and added as a secret in Travis CI called TRAVIS_GH_NPM_TOKEN

Then in my .travis.yml (the Travis config) I use it like this:

install:
  - npm config set registry https://npm.pkg.github.com/trustcruit
  - echo "//npm.pkg.github.com/:_authToken=${TRAVIS_GH_NPM_TOKEN}" > ~/.npmrc
  - npm install


Hope this helps any future webdev citizens that search for "github package registry private travis CI token"

Highlighted
Ground Controller Lvl 1
Message 16 of 16

Re: Installing npm packages from the GitHub package registry

 

I was facing the same issue then I followed below steps:

  1. Created a Personal Token from GitHub global settings( https://github.com/settings/tokens)
    1. Make sure this token have user, read and write permission for user and packages.
  2. Then added a new Environment variable 'MY_CUSTOM_TOKEN' pasted the generated token as its value.
    1. Reference the steps mentioned here https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted...
    2. TL;DR:
      1. Under you repo's setting (not github global settings)
        Repository settings button
      2. In the left sidebar, click Secrets.
      3. Type a name for your secret in the "Name" input box.
      4. Type the value for your secret.
      5. Click Add secret.
  3. Then in the action YML script added a command to remove any existing .npmrc file 'run: rm .npmrc'
  4. Then create a new file with the referenced customer token as _authToken=${{ secrets.MY_CUSTOM_TOKEN }}

 

Here is the whole code that I was using:

steps:
    - uses: actions/checkout@v2
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v1
    - run: rm .npmrc
    - run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.MY_CUSTOM_TOKEN }}" > ~/.npmrc
    - run: npm install
    - run: npm run build --if-present
    - run: npm publish
      env:
        CI: true

 

 

This did not had any issue in 'npm install' or 'npm publish'.