setup-node: registry-url config option Ignored when pushing to GPR and NPR

Registry url seems to be ignored here https://github.com/phillmac/orbit-db-managers/blob/a50a35fca7b0d1b79871428b39deb8ecb1293edf/.github/workflows/npmpublish.yml#L40 This differs from #52 in that there’s no.npmrcpresent in the repo. It results in an error in the GPR publish step: npm ERR! 401 Unauthorized - PUT https://registry.npmjs.org/orbit-db-managers - You must be logged in to publish packages.

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Reactions: 17
  • Comments: 35 (1 by maintainers)

Commits related to this issue

Most upvoted comments

Default template from GitHub Marketplace doesn’t work for me too. registry-url is ignored.

image

image

https://github.com/avdeev/vanilla-sharing/runs/323109179

+13
avdeev on Nov 27, 2019

I also encountered the same bug…

https://github.com/SachinShekhar/ss-ngrx-router-store/runs/438107309?check_suite_focus=true

This thread is 4 months old. Is GitHub Actions team aware of this issue?

+4
SachinShekhar on Feb 20, 2020

You can’t publish to jsite-parse and @lukesrw/jsite-parse from the same package.json as there is only one name field.

But that’s why I was so confused, as I was doing previously.

Writing to ~/.npmrc should be redundant, as the registry-url and scope parameters will cause setup-node to write .npmrc, which overrides ~/.npmrc

Ah, that makes sense! Thank you, that’s fixed the problem - it’s publishing to both now.

For anyone else having this problem, my workaround:

  • Your package.json can look the same as it would on NPM without a GitHub scope, publishConfig, etc.
  • You can write to .npmrc (thanks again @joebowbeer) to change the registry path - this should be done after npm install and before npm publish (as otherwise it will look to install dependencies from your scope):

I’m sure that some of these lines aren’t needed, but for now my yml is:

on:
    release:
        types: [created]

jobs:
    build:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v2
            - uses: actions/setup-node@v1
              with:
                  node-version: 12
            - run: npm ci
            - run: npm test

    publish-npm:
        needs: build
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v2
            - uses: actions/setup-node@v1
              with:
                  node-version: 12
                  registry-url: "https://registry.npmjs.org"
            - run: npm install
            - run: npm publish
              env:
                  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

    publish-gpr:
        needs: build
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v2
            - uses: actions/setup-node@v1
              with:
                  node-version: 12
                  registry-url: "https://npm.pkg.github.com"
                  scope: "@lukesrw"
            - run: npm install
            - run: echo "registry=https://npm.pkg.github.com/@lukesrw" >> .npmrc
            - run: npm publish
              env:
                  NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Make sure you’ve got an NPM_TOKEN secret setup, change the echo line to have your name instead of mine - and it should work.

+3
lukesrw on Jun 11, 2020

@phillmac you may need to add your scope to the package name in package.json i.e. "@phillmac/orbit-db-managers". That got the GPR publish working for me. The GitHub Packages docs mention you may need to do this and I see @affrae’s package is configured this way too.

Don’t ask me why npm defaults to https://registry.npmjs.org if the scope isn’t in the package name though 😜

+3
johnyherangi on Mar 15, 2020

@phillmac you’re missing the set scope. This has to do with how setup-node is working right now.

Here’s what should work:

  publish-gpr:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - uses: actions/setup-node@master
        with:
          node-version: 12
          registry-url: https://npm.pkg.github.com/ORG_OR_USERNAME/
          scope: '@ORG_OR_USERNAME'
          always-auth: true # required if using yarn
      - name: npm install
        run: npm install
      - name: Publish to GitHub Packages
        run: |
          npm config set scope "@ORG_OR_USERNAME"
          npm publish
        env:
          NODE_AUTH_TOKEN: ${{github.token}}

The npm config set scope lets npm know you want to publish to this scope and then it’ll look in the generated .npmrc file for the @ORG_OR_USERNAME:registry line. We’ll get this fixed but for now this will get you going.

Also your package MUST be named @ORG_OR_USERNAME/PACKAGE or you’ll hit errors trying to publish.

+3
clarkbw on Nov 6, 2019

Hi all - here is a workflow that publishes to both NPMJS and GPR, without needing .npmrc workarounds:

Just replace <@OWNER> with appropriate scope (eg for me it would be @affrae), and use your version of npm_token

Is working at https://github.com/affrae/fib-tools

name: Publish to NPMJS and GPR

on:
  push:
    branches:
      - master

jobs:
  publish-to-npm-and-gpr:
    runs-on: ubuntu-latest
    steps:
      
      # Checkout the repo
      - uses: actions/checkout@master
        
      # Update package version and set up git
      - uses: actions/setup-node@master
      - name: Update package version and setup git
        run: |
          git config user.name "Actions User"
          git config user.email noreply@github.com
          npm version 1.0.$(date +%s)

      # Publish to NPMJS
      - uses: actions/setup-node@master
        with:
          node-version: 12
          registry-url: 'https://registry.npmjs.org/'
      - name: Publish to NPMJS
        run: |
          npm config set //registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN
          npm config set scope "<@OWNER>"
          npm config list
          npm publish --access public 
        env:
          CI: true
          NODE_AUTH_TOKEN: ${{secrets.npm_token}}

      # Publish to GitHub Package Registry
      - uses: actions/setup-node@master
        with:
          node-version: 12
          registry-url: https://npm.pkg.github.com/
          scope: '<@OWNER>'
      - name: Publish to GitHub Package Registry
        run: npm publish
        env:
          NODE_AUTH_TOKEN: ${{github.token}}
+3
affrae on Oct 28, 2019

@affrae Changed it, still no dice. It doesn’t matter what token I use when its still pushing to entirely the wrong registry: i.e. NPM instead of GitHub https://github.com/phillmac/orbit-db-managers/commit/1b71f9739038578be275dcb939ef646c63c805a7/checks?check_suite_id=295521632#step:6:28

+2
phillmac on Nov 4, 2019

@xeptore Thanks. I agree. I just updated @joebowbeer/regsync

+1
joebowbeer on Feb 10, 2021

@joebowbeer, it seems it is not necessary to set the scope if registry-url is https://npm.pkg.github.com. All the checks and setting scope to repository owner is done here: https://github.com/actions/setup-node/blob/66dfac5/src/authutil.ts#L24-L33

+1
xeptore on Feb 10, 2021

Good question, I’m not sure. I’ll have to play around with that some more.

+1
clarkbw on Nov 6, 2019

I was not assuming you were fibbing 😜

Unless I am missing something fundamental, the only thing I can see different is the branch you are running from. let me try and replicate that when I get a chance.

+1
affrae on Nov 4, 2019
Read more comments on GitHub
← setup-node: publishing to npm fails after publishing to GPR
setup-node: `scope` `registry-url` with `yarn` does not work →