setup-node: Unable to publish to the GitHub Registry

I’ve been following this document (and the README): https://github.community/t5/GitHub-Actions/bd-p/actions, specifically the part about cross publishing between npmjs and the GitHub registry, but I can’t seem to get it to work. This is my workflow: https://github.com/JamesIves/github-pages-deploy-action/blob/dev/.github/workflows/publish.yml

The problem I’m having is that every time I publish it says I must authenticate, except it’s providing a URL related to the npmjs registry: 401 Unauthorized - PUT https://registry.npmjs.org/github-pages-deploy-action - You must be logged in to publish packages.

This is the full log. Am I missing something here or is this a bug?

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 15
  • Comments: 23 (2 by maintainers)

Commits related to this issue

Most upvoted comments

I’ve managed to resolve this with my actions with the following workflow file:

https://github.com/JamesIves/github-pages-deploy-action/blob/dev/.github/workflows/publish.yml

I also added the scope to the package.json file here: https://github.com/JamesIves/github-pages-deploy-action/blob/dev/package.json#L2

It now cross publishes between npm and GitHub correctly. Thanks to everyone for their help resolving this. I’ll leave this open as I still believe this is an issue with setup-node.

+21
JamesIves on Sep 11, 2020

My repo was having a similar issue to this one. Replacing the package name in package.json by adding the scope to it solved it for Github Package Registry.

// original
{
    "name": "traefikjam",
}

// fix for GPR publish
{
    "name": "@jojobyte/traefikjam",
}

My fix: https://github.com/jojobyte/traefikjam/blob/master/.github/workflows/node-build.yml#L40

jobs:
  npm-build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: '18.x'
          registry-url: 'https://registry.npmjs.org'
      - run: npm ci
      - name: Publish to NPM
        run: npm publish
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
      - uses: actions/setup-node@v3
        with:
          node-version: '18.x'
          registry-url: 'https://npm.pkg.github.com'
          scope: '@scope'
      - run: npm ci
      - name: Publish to GitHub Package Registry
        run: |
          sed -i 's+"name": ".*+"name": "@${{ github.repository }}",+gI' ./package.json
          npm publish
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

This lets you publish to NPM with an unscoped package name and GPR with a scoped package name.

+4
jojobyte on Jun 2, 2022

Amazing that this hasn’t been patched yet. Very misleading that the published actions is broken(for this particular use case) by default.

Please see @JamesIves post for remedy

+2
hpl002 on Apr 3, 2022

By scoping do you mean adding @repoowner/repo-name within the name field package.json or is there a specific scope field I’m not aware of?

Yes exactly. Just tried it and it started to work. You can then publish the same thing in NPM as well, as long as you add npm publish —access public. Otherwise scoped packages there are private by default.

+2
meister on Apr 27, 2020

Interesting, npmjs seems to pass for me when specifying registry-url: 'https://registry.npmjs.org', but only the GitHub registry seems to fail for me. I’m guessing that whatever mechanism that overrides the .npmrc file isn’t behaving correctly in my case.

+2
JamesIves on Mar 31, 2020

So, I don’t know if this applies to your situation or not, but I was having the exact same issue. I came across this doc

https://help.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-npm-for-use-with-github-packages#publishing-a-package-using-publishconfig-in-the-packagejson-file

I added this to my repo and it worked.

"publishConfig": { "registry": "https://npm.pkg.github.com/" },

Good luck

+1
chriskacerguis on Apr 27, 2020

Interesting, I can’t seem to get it to work for the life of me. Tried in several repositories now, the first publish to npmjs.org works. It goes wrong when I try and specify anything besides npmjs. I’ve even try separating this into separate steps incase there’s some form of conflict or permission issue.

   # Setup .npmrc file to publish to npm
    - uses: actions/setup-node@v1
      with:
        node-version: 12
        registry-url: 'https://registry.npmjs.org'

    - name: Configure git
      run: |
        git config user.email "iam@jamesiv.es"
        git config user.name "James Ives"
    - run: npm install
    - run: npm run-script build
    - run: npm version patch -m "Release %s 📣"
    - run: git push
    - run: npm ci

    # Publish to npm
    - run: npm publish --access public
      env:
        NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

    # Setup .npmrc file to publish to GitHub Packages
    - uses: actions/setup-node@v1
      with:
        node-version: 12
        registry-url: 'https://npm.pkg.github.com'
        scope: '@JamesIves'

    # Publish to GitHub Packages
    - run: npm publish
      env:
        NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

However it still doesn’t seem to be correctly overwriting the .npmrc file after the second call to setup-node as I get this error (the PUT request is still being made to npmjs.org instead of npm.pkg.github.com)

401 Unauthorized - PUT https://registry.npmjs.org/github-pages-deploy-action - You must be logged in to publish packages.

+1
JamesIves on Apr 2, 2020
Read more comments on GitHub
← setup-node: Unable to publish to GitHub Package Registry
setup-node: Upgrade to v2.3/v2.4 results in post-setup failure →