Unable to publish to GitHub Package Registry

[esrathkkm]

yaml file

on:
  release:
    types: [created]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: oven-sh/setup-bun@v1
      - uses: pnpm/action-setup@v2
        with:
          version: 8
      - run: bun i
      - run: pnpm nx build test-library

  publish-gpr:
    needs: build
    runs-on: ubuntu-latest
    permissions:
      packages: write
      contents: read
    steps:
      - uses: actions/checkout@v4
      - uses: oven-sh/setup-bun@v1
      - uses: pnpm/action-setup@v2
        with:
          version: 8
      - uses: actions/setup-node@v3
        with:
          node-version: 20
          registry-url: https://npm.pkg.github.com/
      - run: bun i
      - run: pnpm nx build test-library
      - run: npm publish dist/packages/test-library --registry=https://npm.pkg.github.com/
        env:
          NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}

.npmrc

//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN} @esrathkkm:registry=https://npm.pkg.github.com/

but when i do npm publish in local termial dist/packages/test-library --registry=https://npm.pkg.github.com/ , its working fine .
But when i do as github actions . its throwing
npm ERR! code E403
npm ERR! 403 403 Forbidden - PUT https://npm.pkg.github.com/@esrathkkm%2ftest-repo - Permission permission_denied: write_package
npm ERR! 403 In most cases, you or one of your dependencies are requesting
npm ERR! 403 a package version that is forbidden by your security policy, or
npm ERR! 403 on a server you do not have access to.

[aparnajyothi-y]

Hello @esrathkkm, Thank you for creating the issue and we will investigate the issue :)

[aparnajyothi-y]

Hello @esrathkkm, Thank you once again for creating the issue.
We have investigated the issue and found that the issue is related to permission issue likely related to the NODE_AUTH_TOKEN. When running GitHub Actions, secrets are not passed to workflows that are triggered by a pull request. This is a security feature to prevent unexpected exposure of the secret tokens.

Please make sure the below settings mapped correctly.
Make sure you have accurately set up the NODE_AUTH_TOKEN as a secret in your repository settings.
In your GitHub Actions workflow file, ensure that you are correctly setting the secret. You should use the secrets context to access the NODE_AUTH_TOKEN.
The code is like below:
name: Publish
run: npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.NODE_AUTH_TOKEN}}

Please feel free to reach in case of any other concerns.

[aparnajyothi-y]

Hello @esrathkkm, Please let us know still you are facing the issue after providing the correct NODE_AUTH_TOKEN.
Still the issue continues with correct NODE_AUTH_TOKEN, please make sure
package.json file included the repository field pointing to the respective GitHub repository and the publishConfig field pointing to the GitHub Package Registry, like this:
{
"name": "@YOUR_GITHUB_USERNAME/test-library",
"repository": "https://github.com/YOUR_GITHUB_USERNAME/YOUR_REPOSITORY",
"publishConfig": {
"registry":"https://npm.pkg.github.com/"
}
}

[aparnajyothi-y]

Hello @esrathkkm, Please let us know if you are still facing the issue after updating the package.json file with the above fields for further assistance. Thank you in advance.

[aparnajyothi-y]

Hello @esrathkkm, Please let us know if you are still facing the issue after updating the package.json file with the above fields for further assistance.

[aparnajyothi-y]

Hello @esrathkkm, Closing this issue as we didn't hear anything from long time. feel free to reach us for any concerns to reopen this issue.