6

There are a lot of similar issues already floating around:

However, our issue seems different, because:

  • yarn install runs fine on a local machine
  • the issue is only when using Github Actions
  • yarn install succeeds on GH Actions if we delete yarn.lock

Has anyone run into this before? Specifically with it not working with a yarn.lock file?

In case it matters, here's the setup:

build.yml:

    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-node@v1
      with:
        node-version: '10.x'
        registry-url: 'https://npm.pkg.github.com'
    - name: Install
      run: yarn install
      env:
        # GITHUB_TOKEN can't access packages hosted in private repos,
        # even within the same organisation
        NODE_AUTH_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
    - name: Build
      run: yarn build
    - name: Test
      run: yarn test --forbid-only

We also have a .npmrc file for local installs:

@<org>:registry=https://npm.pkg.github.com

But no .yarnrc file.

Alec
  • 2,432
  • 2
  • 18
  • 28
  • What's the error message you get? – smac89 May 16 '20 at 20:42
  • I have never had to run `yarn install`. When I [use yarn](https://github.com/Actions-R-Us/actions-tagger/blob/1cbce767f3858f11d48a7ba9fffc9c8cd45a83e1/.github/workflows/test.yml) on github actions, I run `yarn --frozen-lockfile` to do the install and force yarn to use the `yarn.lock` without checking for updates or anything. See this [answer](https://stackoverflow.com/a/58480279/2089675) also – smac89 May 16 '20 at 20:45
  • We're just told that the request is unauthorized: `yarn install v1.22.4 [1/4] Resolving packages... [2/4] Fetching packages... error An unexpected error occurred: "https://npm.pkg.github.com/download////: Request failed \"401 Unauthorized\"".` – Alec May 18 '20 at 07:25

2 Answers2

1

I'm create a file .npmrc and .yarnrc. Type:

name: Test

on: push
jobs:
  test:
    runs-on: ubuntu-latest

    strategy:
      matrix:
        node-version: [12.x]

    steps:
      - uses: actions/checkout@v2
      - name: Node ${{ matrix.node-version }}
        uses: actions/setup-node@v1
        with:
          node-version: ${{ matrix.node-version }}
      - name: Create NPMRC
        run: |
            echo "//npm.pkg.github.com/:_authToken=${{ secrets.PACKAGES_TOKEN }}" >> ~/.npmrc
            echo "@you-scope:registry=https://npm.pkg.github.com" >> ~/.npmrc
            echo 'registry "https://registry.yarnpkg.com"' >> ~/.yarnrc
      - run: yarn install

Replace @you-scope for you user of github or of your org in github in LowerCase.

Create a PACKAGES_TOKEN secrete token of your github access for this repository.

Marcon Willian
  • 119
  • 1
  • 7
  • 1
    Your note about requiring a PACKAGES_TOKEN proved helpful. I kept trying the GITHUB_TOKEN in the actions but that was leading to a 404 Not Found. I'm guessing the GITHUB_TOKEN in actions is only valid for the current repository and not for installing other packages, even if in the same organization. Thanks! – Sators Jan 27 '22 at 12:24
  • This worked for me. I was missing the step of creating NPMRC – navneetgulati Apr 12 '22 at 03:58
0

We managed to solve this by explicitly duplicating the .npmrc config in the build.yml config:

      - uses: actions/setup-node@v1
        with:
          node-version: '10.x'
          registry-url: 'https://npm.pkg.github.com'
          # These following two lines are the key:
          always-auth: true
          scope: '@reedsy'
Alec
  • 2,432
  • 2
  • 18
  • 28