-
-
Notifications
You must be signed in to change notification settings - Fork 959
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use NPM_TOKEN and NPM_AUTH_TOKEN authentication #3141
Comments
This doesn't seem to be supported by the npm CLI. I could not find these variables in their docs. Currently, you can workaround this by creating a
|
A quick search yields: https://docs.npmjs.com/using-private-packages-in-a-ci-cd-workflow#set-the-token-as-an-environment-variable-on-the-cicd-server Yeah thats what I did. |
So is it solved then? This information was added to our docs: https://pnpm.js.org/npmrc#url_authtoken |
I mean it works if you want to leave it at that, I would go one step further and just use the token directly instead of forcing the user to setup the URL. Meaning this should work: - run: pnpm -r publish --no-git-checks --access public
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} |
NPM's .npmrc syntax for env variables is |
@venikx for pnpm the dollar sign should be used as well. So it is the same for pnpm as for npm. |
Just ran into this issue but with github package registry. Nothing here or in the docs worked. In my case I was installing a private package. What I tried, that failed: # workflow file
- name: Install dependencies
run: pnpm recursive install
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} # .npmrc at root of directory
//npm.pkg.github.com/:_authToken=${NPM_TOKEN}
@my-scope:registry=https://npm.pkg.github.com So yea this doesn't work. What worked for me was changing the setup-node action: # workflow file
- name: Setup Node
uses: actions/setup-node@v2
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
registry-url: 'https://npm.pkg.github.com' // Key part
- name: Install dependencies
run: pnpm recursive install
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} This works without having to specify |
@zkochan I'd like to revisit using an environment variable by default, without additional user setup. While it's not particularly burdensome for CI environments, it can be a royal pain in Dockerfiles where the "how" of setting that up depends on the base image, and requires a lot of intrinsic knowledge. |
I don't have objections. |
Facing the same issue here |
any updates? |
no updates on this? |
If you want an issue to be more noticeable it is better to upvote it. Posting new messages is not effective as there are tens of messages every day that I don't have capacity to read. |
- --token is not possible with pnpm, so we need this workaround (pnpm/pnpm#3141) - also capture log output for easier debugging
It appears that this is already possible. You can use the
This also works:
|
It appears that these env settings currently don't work because we run npm under the hood but we don't send private settings to it. EDIT: The reason it didn't work for me was that I was calling |
@zkochan Good to know :) |
Yes, for instance, if you add a release script that runs |
So, did this work at some point but not anymore? My previous script, similar to your previous, broke my ci. - name: Publish
run: pnpm publish --tag latest --filter bootstrap-vue-3 --access=public
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} This worked before, but no longer works correctly. And using |
|
Ok, I'll try to continue to figure out the issue. Thanks |
For me neither of the recommended env variables
For github action writing to the npmrc file is a workaround: - name: Config npm
run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Publish to npm
run: pnpm publish --access public --no-git-checks |
For anyone that cares. I managed to solve all of my issues. Read this reading helped here . The issue stemmed from the removal of - name: Set publishing config
run: pnpm config set '//registry.npmjs.org/:_authToken' "${NODE_AUTH_TOKEN}"
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
- name: Publish
run: pnpm publish --tag latest --filter bootstrap-vue-3 --access=public |
- --token is not possible with pnpm, so we need this workaround (pnpm/pnpm#3141) - also capture log output for easier debugging
- --token is not possible with pnpm, so we need this workaround (pnpm/pnpm#3141) - also capture log output for easier debugging
- --token is not possible with pnpm, so we need this workaround (pnpm/pnpm#3141) - also capture log output for easier debugging
Follows instructions on [this](pnpm/pnpm#3141) issues to resolve pnpm publish issue with tokens.
Follows instructions on [this](pnpm/pnpm#3141) issues to resolve pnpm publish issue with tokens.
Coming from yarn, I would have expected it to support the environment variables out of the box but it doesn't.
I did lose a lot of time on this. I also tried to put the registry in the
with
of theaction-setup
, but it doesn't work.pnpm version: 5.17.1
Code to reproduce the issue:
Expected behavior:
It can publish successfully.
Actual behavior:
It errors out with a 404:
npm ERR! code E404
npm ERR! 404 Not Found - PUT https://registry.npmjs.org/@graphmetrics%2fcore - Not found
npm ERR! 404
npm ERR! 404 '@graphmetrics/core@0.1.1' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
Additional information:
The text was updated successfully, but these errors were encountered: