Skip to content

Installing dependencies from private github urls fails #124

@jsg2021

Description

@jsg2021

If you list a dependency from a private Github repository, the installation will fail. See actions/checkout#166 for reference. I've set a PAT secret and referenced it in my checkout.

I'm starting to wonder if the solution to this should be covered by this. npm needs git to be globally authenticated. (it clones into a random temp directory and copies/movies the package into node_modules afterward) Here is an example of failure:

npm ERR! code 128
npm ERR! Command failed: git clone --mirror -q https://github.com/NextThought/nti.lib.ntiids.git /home/runner/.npm/_cacache/tmp/git-clone-f168281b/.git

I'm wondering if we should add a command wrapper that can execute arguments with a private "global".

Something like:

exec-with-scope npm install

Idk. Just spitballing here.

If I add these lines to my npm install shell step:

auth_header="$(git config --local --get http.https://github.com/.extraheader)"
git config --global http.https\:\/\/github.com\/.extraheader "$auth_header"
git config --local --unset-all http.https\:\/\/github.com\/.extraheader

the install completes.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestquestionFurther information is requested

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions