Open bonustrack opened 4 years ago
I cloned your repo and gave it a try: https://github.com/tonthanhhung/lock/commit/47e90f59884f7f3d5e212db13fdd734ff976045f#diff-25baab9465d5e5c1e21fff5a0cc4c5a9R26
Then I could successfully run the action and package published https://github.com/tonthanhhung/lock/runs/998942932?check_suite_focus=true#step:5:18 https://github.com/tonthanhhung/lock/packages/362351
@tonthanhhung Thank you so much for taking the time to try! I've changed NPM_AUTH_TOKEN
to GITHUB_TOKEN
and did another release and it go through without error. But, for some reason it's not being released on NPM. See:
https://www.npmjs.com/package/@bonustrack/lock
https://www.npmjs.com/package/@bonustrack/lock/v/0.1.0-rc4
When you tried was it visible on NPM after you did a release?
I'm a bit confused here. The error says
error Couldn't publish package: "https://npm.pkg.github.com/@bonustrack%2flock"
So do you want to publish it to GH packages (npm.pkg.github.com) or to NPM (npmjs.com)?
@pascalgn I want to publish it on both NPM and GitHub packages. It seem to work for GitHub but not for NPM.
The error output you've shown is for publishing to GH (URL is npm.pkg.github.com). If you're having problems with publishing to NPM, you need to post that output.
@bonustrack, there are something you could try to publish to NPM
npm-publish-action
so that it could automatically the process for you.I suspect that your want to publish to both registry at the same time, I think it's not trivial with this Action.
I am not sure this is still relevant. However, if you want to publish to GPR and NPM in one workflow you could look at the readme of actions/setup-node:
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '10.x'
registry-url: 'https://registry.npmjs.org'
- run: npm install
- run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- uses: actions/setup-node@v2
with:
registry-url: 'https://npm.pkg.github.com'
- run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
They set up node for publishing on NPM with NPM_TOKEN and publish. Once that is done they set up node for publishing on GPR with the GITHUB_TOKEN and publish.
I hope this helps.
Quick copy pasta for those interested in only publishing private package on github. You do not need to configure the token manually
name: Build and Deploy
on:
push:
branches:
- master
jobs:
publish-gpr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '10.x'
registry-url: 'https://registry.npmjs.org'
- uses: actions/setup-node@v2
with:
registry-url: 'https://npm.pkg.github.com'
- run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@hpl002 I believe you do not need to set up node twice. Your code example could be shortened:
name: Build and Deploy
on:
push:
branches:
- master
jobs:
publish-gpr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '10.x'
registry-url: 'https://npm.pkg.github.com'
- run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Note that you may wish to change the version of node depending on your projects needs. Again, for more details on this I refer to the Readme of actions/setup-node.
For anyone who has the same experience as me, and are getting the below error when attempting to publish their package to the Github Package Registry as part of their Github Actions workflow:
I was attempting to use a PAT for authenticating with the Github Package Registry (so named GPR_ACCESS_TOKEN
). I did not read the documentation properly. Though it says you may use a PAT of your liking, I could not get it to work and so fell back to using the automatically generated GITHUB_TOKEN
.
So, although I have not diagnosed the problem, if anyone is experiencing the same BS, I recommend using the documentation (and contributors to this issue too) told GITHUB_TOKEN
secret.
my workflows .yml file has the GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
I've got a secret in the repo called NPM_TOKEN, and I've got Workflow Permissions set to Read&Write, but I'm still getting the unauthorized error
package.json has "name":"ORGANISATION/repo-name"
and the publish config registry is "https://npm.pkg.github.com/"
Been pulling my hair out for hours now
name: Release
on:
pull_request:
push:
branches:
- main-v1
- alpha
- beta
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v2
with:
node-version: 'lts/*'
- name: Install dependencies
run: npm ci
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx semantic-release
@Willshaw do you want to deploy to both NPM and GPR?
I believe you have to pass the tokens as NODE_AUTH_KEY, which presents a problem if you want to deploy to both. If you want to release just to GPR try to pass the GitHub token under NODE_AUTH_TOKEN instead of GITHUB_TOKEN.
If you want to deploy to NPM and GPR in one workflow, then take a look at my first answer. Note that Node is set up twice, each time with a different registry-url and node auth key.
@cs-intellineers only trying to deploy to GPR, should I drop the NPM_TOKEN flag and change GITHUB_TOKEN to NODE_AUTH_TOKEN then?
Yes, I believe that would do the trick.
Like so:
name: Release
on:
pull_request:
push:
branches:
- main-v1
- alpha
- beta
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v2
with:
node-version: 'lts/*'
- name: Install dependencies
run: npm ci
- name: Release
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: npx semantic-release
Hey dude, thanks for sharing!
I'm using this configuration:
name: Release
on:
pull_request:
push:
branches:
- master
jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Node.js for GitHub
uses: actions/setup-node@v2
with:
node-version: 'lts/*'
registry-url: 'https://npm.pkg.github.com'
- name: Install dependencies
run: npm ci
- name: GitHub Release
run: npm publish --registry=https://npm.pkg.github.com/
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Node.js for NPM
uses: actions/setup-node@v2
with:
node-version: 'lts/*'
registry-url: 'https://registry.npmjs.org'
- name: NPM Release
run: npm publish --registry=https://registry.npmjs.org
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
Hello everyone, I am using this setup and everything seemed to be working fine, but today I am getting this error:
If I click on the link, then I get "authentication token not provided". What am I missing?
name: CI
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: npm ci
publish:
needs: build
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
registry-url: 'https://npm.pkg.github.com'
scope: '@[myorg]'
- run: npm ci
- run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@lSilvani Where are you using the NODE_AUTH_TOKEN
? Or is it an implicit placeholder for the token needed by npm publish
?
env: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
In all the proposals we always scope the ENV
variable to the npm publish
command, but I'm wondering if it wouldn't be easier to scope it to the whole job, or is this not supported by github?
@cs-intellineers Could you explain to me why the NODE_AUTH_TOKEN
is always by default set and when I'm trying to set my own token, this way:
- name: Create local npm config with auth token to publish to private repository
run: |
echo USERNAME@https://npm.pkg.github.com/ > .npmrc
echo '//npm.pkg.github.com/:_authToken=${{ PRIVATE_NPM_REGISTRY_TOKEN }}' >> .npmrc
cat .npmrc
env:
PRIVATE_NPM_REGISTRY_TOKEN: ${{ github.secret }}
It throws an error like this:
The workflow is not valid. .github/workflows/release-package-on-release.yml (Line: 37, Col: 14): Unrecognized named-value: 'PRIVATE_NPM_REGISTRY_TOKEN'. Located at position 1 within expression: PRIVATE_NPM_REGISTRY_TOKEN
Shouldn't it be obsolete how to name the env
variable?
I'm not able to publish a new package, for some reason it fail with "Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.". I've double checked the secret from NPM and all looks good. Here is the logs:
My token on NPM:
I tried to add a secret for "GITHUB_TOKEN" in the repo but GitHub would not allow me to do this. Here is the repo: https://github.com/bonustrack/lock
Any idea what's wrong? Can it be related to the tag i use "0.1.0-rc1" ?