Help
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copilot Lvl 2
Message 1 of 10

Package not found in the Github Registry

Solved! Go to Solution.

I have a nodejs workflow and of course I am trying to install dependencies. One of those dependencies is in another repository's package repo. I have the workflow authenticating just fine, but the problem is that it doesn't find the package. 

 

Am I mising something?  The package is under joekaiser/test and the workflow is running at joekaiser/ci-test

 

To be clear, I know the pacakge exists. The same project builds in AWS CodePipeline.

 

npm ERR! 404 Not Found - GET https://npm.pkg.github.com/@joekaiser%2ftest - npm package "test" does not exist under owner "joekaiser"

 

name: BuildDeploy

on:
  push:
    branches:
      - release

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v1
    - name: Setup Node.js
      uses: actions/setup-node@v1
      with:
        node-version: 12
        registry-url: https://npm.pkg.github.com/
        scope: '@joekaiser'
    - name: npm install and build
      env:
        NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
        CI: true
      run: |
        npm install
        npm run build

 

9 Replies
Highlighted
Solution
Copilot Lvl 3
Message 2 of 10

Re: Package not found in the Github Registry

At the moment you'll need a personal access token for that.

 

@Phanatic:

Ahh, that's what I figured. The GITHUB_TOKEN we generate is scoped to the repository that is running the Workflow. Unfortunately, this doesn't allow us to install or publish packages from/to other repositories. I'll bring this up in planning and we can figure out how to proceed here.

 

Related issue

Highlighted
Copilot Lvl 3
Message 3 of 10

Re: Package not found in the Github Registry

This issue is still happening regardless whether one uses the GITHUB_TOKEN or the PERSONAL_ACCESS_TOKEN when the repository is Private.

 

Steps to reproduce.

 

1. Create a Private repository "packages".

 

2. Add a folder for a basic package e.g. framework

 

3. Publish the package to GPR either using actions or from the terminal. (configure .npmrc) e.g.

 

package.json

 

{
  "name": "@YOUR_ORG/framework",
  "version": "1.0.0",
  "description": "framework package",
  "repository": {
    "type": "git",
    "url": "git://github.com/YOUR_ORG/packages.git"
  },
  "publishConfig": {
    "registry":"https://npm.pkg.github.com"
  },
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "dependencies": {
    "lodash": "^4.17.10"
  }
}

 

 

.npmrc

 

//npm.pkg.github.com/:_authToken=PERSONAL_ACCESS_TOKEN

 

index.json

console.log('framework');

 

4. Publish to GPR from with the framework folder.

 

 

npm publish

 

 

5. The publish will be successful but the package cannot be installed even when the token is used. e.g. a consumer with

 

.npmrc

 

//npm.pkg.github.com/:_authToken=PERSONAL_ACCESS_TOKEN
@YOUR_ORG:registry=https://npm.pkg.github.com/

 

 

package.json

{
  "name": "consumer",
  "version": "1.0.0",
  "description": "consumer",
  "main": "index.js",
  "license": "MIT",
  "scripts": {
    "start": "node index.js"
  },
  "dependencies": {
    "@YOUR_ORG/framework": "^1.0.0"
  }
}

index.json

console.log('consumer');

6. You will see Errors like below: (YOUR_ORG is your organisation)

 

npm ERR! code E404
npm ERR! 404 Not Found - GET https://npm.pkg.github.com/download/@YOUR_ORG/framework/1.0.0/SOME_HASH
npm ERR! 404 
npm ERR! 404  '@YOUR_ORG/framework@latest' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

 

You will also notice that the link to the Assets download on the packages page is "NOT FOUND when you hover over it"

 

https://notfound.pkg.github.com/

NOTE: this behaviour might not happen straight away in some cases, the NOT FOUND issue might start happening 30 to 45 minutes after the package has be published.

Highlighted
Copilot Lvl 3
Message 4 of 10

Re: Package not found in the Github Registry

Your .npmrc is incorrect. It should look like this:

//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_PERSONAL_TOKEN }}

Also you should do this only on the CI, because when someone checkouts the repo, it won't work obviously. I have a step in the CI for this:

- name: Set up NPM authentication
  run: echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_PERSONAL_TOKEN }}" >> ~/.npmrc
Highlighted
Copilot Lvl 3
Message 5 of 10

Re: Package not found in the Github Registry

@krystof-k  The instructions I wrote above are mearnt to be sudo code and just a minimum guide on what someone needs to do to reproduce the issue, there are not mearnt to be a copy paste 100% accurate source code. You will have to properly write the variables and so on, but this not the issue here.

 

To fully understand the problem, create a sample package that is private roughly as I outlined in the steps with your correct variable configs and you will end up with the issue I reported. It does not matter whether you do it through github actions or from your local. The problem still exists and needs to be addressed otherwise GPR is not useful if people cannot reliably host and consume PRIVATE packages.

Highlighted
Copilot Lvl 2
Message 6 of 10

Re: Package not found in the Github Registry

Did you manage to get this working? I am getting the eact same error?

Highlighted
Copilot Lvl 3
Message 7 of 10

Re: Package not found in the Github Registry

@wpitalloI am still having the problem, I contacted github support about it and took a week before some guy got back to me and told me that he escalated the issue and have not heard anything since then so I am just waiting for someone from there to respond either on this thread or in the support ticket.

 

I just don't get how something as critical as this issue slipped through their testing and quality assurance. At the very minimum, I would expect that if someone is providing a Package Registry, they ensure that it reliably satisfies both public and private use cases.

Highlighted
Copilot Lvl 2
Message 8 of 10

Re: Package not found in the Github Registry

Facing the same issue with a private repository, can't install the package and the assets link to https://notfound.pkg.github.com/. I changed the visibility to public and I was able to install the package. 

Copilot Lvl 3
Message 9 of 10

Re: Package not found in the Github Registry

Hmm, this is weird. In our repos it works fine (using the PAT). But we're using Yarn, may that be the reason?

Highlighted
Ground Controller Lvl 2
Message 10 of 10

Re: Package not found in the Github Registry

Since this issue evolved from the original question (and solution), see the new dedicated issue to here: https://github.community/t5/GitHub-API-Development-and/Github-package-registry-Private-package-not-f...