Auto: GitHub Action failing to find NPM_TOKEN
I'm trying to switch from publishing directly to npm (which worked fine) to using GitHub Packages with an organisation scoped package name.
I've changed my package name in package.json, added the necessary publishConfig e.g.
"publishConfig": {
"registry": "https://npm.pkg.github.com"
},
And changed my Action steps to use NODE_AUTH_TOKEN instead of NPM_TOKEN as per the docs, but when I merge a branch and trigger the action I get the following warning and the package is never published (though version tags and changelog are updated, so annoyingly it doesn't flag as a failed run):
✔ success Wrote authentication token string to /home/runner/.npmrc
⚠ warning Error: Failed to replace env in config: ${NPM_TOKEN}
NPM_TOKEN is set in my repository Secrets on GitHub.
Here's the Action setup:
name: Publish
on:
push:
branches: [main]
jobs:
release:
runs-on: ubuntu-latest
# this check needs to be in place to prevent a publish loop with auto and github actions
if: "!contains(github.event.head_commit.message, 'ci skip') && !contains(github.event.head_commit.message, 'skip ci')"
steps:
- uses: actions/checkout@v2
with:
# Needed for branch protection override
token: ${{ secrets.GITHUB_TOKEN }}
- name: Prepare repository
run: git fetch --unshallow --tags
- name: Use Node.js 12.x
uses: actions/setup-node@v1
with:
node-version: 12.x
- name: Cache node modules
uses: actions/cache@v2
with:
path: node_modules
key: node-modules-${{ hashFiles('package-lock.json') }}
restore-keys: |
node-modules-${{ hashFiles('package-lock.json') }}
- name: Create release
env
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
npm ci
npm run build
npm run release
theAdhocracy
All 6 comments
There are extra instructions for publishing to the GitHub package registry.
You need to use your GitHub token to publish since you're not publishing to NPM anymore
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
hipstersmoothie
on 22 Feb 2021
Here is an example repo where it's working.
hipstersmoothie
on 22 Feb 2021
@hipstersmoothie Many thanks for the help. I see the docs have been updated since I originally set up the Action, but it seems like they still don't include all the steps. I had to add these lines to my Node setup as well (noticed in your demo repo):
with:
node-version: 14.x
registry-url: 'https://npm.pkg.github.com'
scope: '@whiteorg'
I was also still seeing the NPM_TOKEN warning message. Adding it back in as an environment secret appears to have fixed that i.e.
- name: Create release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
Finally, with all that setup I was able to merge a PR and have Auto do it's thing, releasing a new package and updating version/changelog 🎉
However I had disabled branch protection whilst fiddling around; re-enabling it caused a new error where everytime Auto attempted to commit the version updates it would fail. I've worked around that by adding a new personal GitHub token and referencing that as a secret, instead of the default GITHUB_SECRET, like so:
- uses: actions/checkout@v2
with:
# Needed for branch protection override
token: ${{ secrets.GH_ADMIN_TOKEN }}
Doesn't seem like the best solution, so if anyone knows of a better one I'd appreciate it. Alternatively, I think the docs may need updating here: https://intuit.github.io/auto/docs/build-platforms/github-actions#running-with-branch-protection
theAdhocracy
on 23 Feb 2021
I've made a PR to improve those docs. Would you mind reviewing #1828?
hipstersmoothie
on 23 Feb 2021
Reviewed, couple of small suggestions but all looks good ☺Thanks again for all your help
theAdhocracy
on 24 Feb 2021
:rocket: Issue was released in v10.16.8 :rocket:
adierkens
on 24 Feb 2021
Related issues
hipstersmoothie
·
13Comments
zephraph
·
10Comments
reintroducing
·
14Comments
aleclarson
·
9Comments
thuringia
·
14Comments