search

renovatebot / config-help

Please use the Discussions feature of https://github.com/renovatebot/renovate instead
https://github.com/renovatebot/renovate/discussions
MIT License
27 stars 16 forks source link

Configure renovate to work with GitHub Packages #935

Closed ddavydov closed 4 years ago

ddavydov commented 4 years ago

Which Renovate are you using?

WhiteSource Renovate App

Which platform are you using?

GitHub.com

Have you checked the logs? Don't forget to include them if relevant

artifactErrors(branch="renovate/expose-loader-1.x")
{
  "artifactErrors": [
    {
      "lockFile": "yarn.lock",
      "stderr": "error An unexpected error occurred: \"https://npm.pkg.github.com/download/@netronixgroup/phoenix-streams/1.1.5/705d05b4230d33945c01a5b40641290699785f8c50dc4988ac96a59f50fe0545: Request failed \\\"401 Unauthorized\\\"\".\n"
    }
  ]
}

What would you like to do?

How to configure renovate to work with GitHub Packages?

rarkins commented 4 years ago

Do you have any npm authentication configured for Renovate currently? e.g. hostRules, npmrc, npmToken, or .npmrc in the repo itself?

ddavydov commented 4 years ago

I have encrypted npmToken in renovate.json

{
  "encrypted": {
    "npmToken": ...
  },
rarkins commented 4 years ago

@viceice I recall you researched different formats of .npmrc based on package manager used plus platform? Looks like we need yarn + GitHub packages in this case

viceice commented 4 years ago

https://github.com/renovatebot/renovate/issues/5646#issuecomment-595071930

rarkins commented 4 years ago

@viceice so in this case would we recommend the following?

  "npmrc": "//npm.pkg.github.com/:_authToken=$NPM_TOKEN\nregistry=https://npm.pkg.github.com/@netronixgroup\nalways-auth=true",
  "encrypted": {
    "npmToken": ...
  },

BTW I notice in your example your username in the registry, after https://npm.pkg.github.com/. But in the URL above it's https://npm.pkg.github.com/download/@netronixgroup/phoenix-streams/1.1.5/705d05b4230d33945c01a5b40641290699785f8c50dc4988ac96a59f50fe0545:. Is that still ok? I'm not sure if I have the registry string correct above, e.g. with an @ or not

viceice commented 4 years ago

I would recommend using a hostRule instead of npmToken

{
  "hostRules": [
    {
      "baseUrl": "https://npm.pkg.github.com",
      "encrypted": {
        "token": "XXX"
      }
    }
  ],
  "npmrc": "registry=https://npm.pkg.github.com/netronixgroup\nalways-auth=true"
}
viceice commented 4 years ago

The @ must be removed from registry

viceice commented 4 years ago

also yarn has the limitation of credentials per host, not per baseUrl! So you can't use different token for different npm registries under same hostname

ddavydov commented 4 years ago

@viceice thanks for update! My use case is next we have few packages that hosted privately as Github Packages, originally they're hosted as private NPM packages and everything worked well with npmToken, but then we decided to move to Github Packages. The example that you've provided is supposed to use one npm registry for all packages, right? because after applying it I'm getting another Artifact update problem

File name: yarn.lock
error Couldn't find package "eslint" on the "npm" registry.
viceice commented 4 years ago

ok, so maybe you need to use a scoped registry:

{
  "hostRules": [
    {
      "baseUrl": "https://npm.pkg.github.com",
      "encrypted": {
        "token": "XXX"
      }
    }
  ],
  "npmrc": "@netronixgroup:registry=https://npm.pkg.github.com/netronixgroup\nalways-auth=true"
}

maybe you need a packagerule for assigning @netronixgroup/* packages to https://npm.pkg.github.com/netronixgroup registry.

ddavydov commented 4 years ago

thanks! It worked with encrypted npmrc

  "encrypted": {
    "npmrc": "....."
  },