Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

.npmrc is not created #249

Closed
adamhenson opened this issue Apr 1, 2021 · 14 comments
Closed

.npmrc is not created #249

adamhenson opened this issue Apr 1, 2021 · 14 comments

Comments

@adamhenson
Copy link

Expected

When registry-url input is set with env.NODE_AUTH_TOKEN an .npmrc file should be created in project root.

Actual

When registry-url input is set with env.NODE_AUTH_TOKEN an .npmrc file is not created.

Reproduction

.github/workflows/publish.yml

name: Publish
on:
  push:
    branches:
      - master

jobs:
  publish:
    runs-on: ubuntu-latest
    env:
      NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
    steps:
      - uses: actions/checkout@v2
      - name: Setup Node
        uses: actions/setup-node@v2
        with:
          node-version: '12.x'
          registry-url: 'https://registry.npmjs.org'
          scope: '@foo-software'
      - name: Publish Packages
        run: |
          cat .npmrc

package.json

{
  "name": "root",
  "private": true,
  "keywords": [
    ...
  ],
  "scripts": {
    ...
  },
  "husky": {
    ...
  },
  "lint-staged": {
    ...
  },
  "devDependencies": {
    ...
  }
}

Note: My project is a Lerna based monorepo, so the above package.json has minimal fields. Perhaps, this functionality requires certain fields / values, but I'm not sure why and what those fields would be.

GitHub Action output and linked here.

Screen Shot 2021-03-31 at 11 03 29 PM
@adamhenson
Copy link
Author

For anyone who's come across this, my workaround is below, but it feels like a hack since this functionality supposedly exists in actions/setup-node.

      - name: Publish Packages
        run: |
+         echo '//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN  }}' > ${{ github.workspace }}/.npmrc
          cat .npmrc

@adifelice-godaddy
Copy link

I'm not sure .npmrc is created on repo dir, why don't you check the variable NPM_CONFIG_USERCONFIG:

      - name: Publish Packages
        run: |
-         cat .npmrc
+         cat $NPM_CONFIG_USERCONFIG

@adamhenson
Copy link
Author

adamhenson commented Apr 3, 2021
edited
Loading

Thanks @adifelice-godaddy - interesting. Why would it create it anywhere but the repo directory... would you know? The output strangely is the below (with echo $NPM_CONFIG_USERCONFIG):

/home/runner/work/_temp/.npmrc

Do you have a recommendation of how to make this be added to the root directory? If it's more than setting an environment variable, then I'll probably just keep my hack. As in, I don't want to write a line that runs a mv command, because that would be more effort and add more mystery to the code (anyone reading would wonder why I have this mv command. My hack would be more explicit).

@adamhenson
Copy link
Author

adamhenson commented Apr 3, 2021
edited
Loading

I tried this:

mv $NPM_CONFIG_USERCONFIG ${{ github.GITHUB_WORKSPACE }}/.npmrc

But, there's a file permission error which makes sense, but beyond my understanding of how to fix.

Run mv $NPM_CONFIG_USERCONFIG /.npmrc
mv: cannot move '/home/runner/work/_temp/.npmrc' to '/.npmrc': Permission denied
Error: Process completed with exit code 1.

I'm leaning towards just keeping my one line hack, since in order to get this to work with setup-node it seems like I would need a more complex hack. Please do let me know if I'm missing something... or not understanding the expected functionality. Also, if my expectation is wrong... feel free to close this. It's difficult to tell what the expectation is from the docs or lack thereof in the README.md.

@cdrini
Copy link

cdrini commented Apr 13, 2021
edited
Loading

Out of curiosity, why do you need the .npmrc file in the repo? I was having an issue with the auth token not working (resulting in 404 errors, of all things!), and went down the path of trying to modify the npmrc, but it turned out that the npm token I'd generated was no longer valid, because they added 2FA or something, and I had to generate a new token for "Automation" :/ Once I updated the token everything worked without manual npmrc mods.

@kenniaa
Copy link

kenniaa commented May 19, 2021

Out of curiosity, why do you need the .npmrc file in the repo?

Sometimes you want to include an .npmrc in a docker container as part of the build step.

@adamhenson
Copy link
Author

adamhenson commented May 19, 2021
edited
Loading

In a GitHub Action I am publishing to NPM from CI. This issue isn't about answering why I'm doing a thing. This ticket was opened because a documented feature of action/node_setup is not working as expected.

@adifelice-godaddy
Copy link

adifelice-godaddy commented May 19, 2021
edited
Loading

Sometimes you want to include an .npmrc in a docker container as part of the build step.

action/node_setup allows you to do that, but setup is done globally in container environment. In most cases it will work as expected. It would be helpful to have more details why it's needed locally in repo's directory. Thanks.

@adamhenson
Copy link
Author

adamhenson commented May 19, 2021
edited
Loading

Please stop adding comments that are not helpful in resolving this issue. For now I'm just using my workaround. I'm thinking about closing this since it hasn't gotten attention from actual contributors. I'm simply reporting a feature of this project that is broken.

My use case isn't very relevant, but since people have been inquiring and for context: it is simple and standard - I have a repo that includes the code for packages to be published to NPM. I'm using actions/setup_node to setup the Node.js environment which includes NPM and authorizing NPM.

The README for this project states that it can be used for configuring authentication for GPR or npm.

In the usage section of the README it provides an example that you might use to setup and environment to publish packages for NPM. See Publish to npmjs and GPR with npm example.

This is the example from the README.

steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
  with:
    node-version: '10.x'
    registry-url: <registry url>
- run: yarn install
- run: yarn publish
  env:
    NODE_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }}
- uses: actions/setup-node@v2
  with:
    registry-url: 'https://npm.pkg.github.com'
- run: yarn publish
  env:
    NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

And this setup isn't actually working.

@adamhenson
Copy link
Author

I'm going to close this due to lack of helpful comments and this project has bigger problems.

@lkostrowski
Copy link

I run on this thread and this is related
#130

So, the problem is that actions adds scope, by default your github name. However, the package name doesn't include scope.

I fixed it by

  1. Changed package name, to include my name @nick/repo
  2. Added repository key to package.json, because otherwise it mismatched repo name and package name

anyway, its a bug, scope shouldn't be added right?

@longility
Copy link

longility commented Oct 3, 2021
edited
Loading

For docker scenario, I ended up

  1. cp $NPM_CONFIG_USERCONFIG .npmrc
  2. docker build --build-arg NODE_AUTH_TOKEN .
  3. Then in Dockerfile
ARG NODE_AUTH_TOKEN
ENV NODE_AUTH_TOKEN=$NODE_AUTH_TOKEN

@bblanchon
Copy link

Thanks, @longility, your comment really help: I forgot to include the scope in the package name.

@Jaykob
Copy link

Jaykob commented Nov 8, 2022

For docker scenario, I ended up

  1. cp $NPM_CONFIG_USERCONFIG .npmrc
  2. docker build --build-arg NODE_AUTH_TOKEN .
  3. Then in Dockerfile
ARG NODE_AUTH_TOKEN
ENV NODE_AUTH_TOKEN=$NODE_AUTH_TOKEN

Your code gives me a mv: cannot create regular file '/.npmrc': Permission denied as already stated by the author.

deining pushed a commit to deining/setup-node that referenced this issue Nov 9, 2023
@dependabot
chore(deps-dev): bump @typescript-eslint/parser from 4.28.4 to 4.28.5 (
078c8c0 
…actions#249)

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 4.28.4 to 4.28.5.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.28.5/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
cmahnke added a commit to cmahnke/docs that referenced this issue Jul 6, 2024
@cmahnke
Update publishing-nodejs-packages.md
63df6c7 
The provided example doesn't work as acknowledged by the `setup-node` team, as of [github#926](actions/setup-node#926 (comment)). This is also a long known problem, see [github#249](actions/setup-node#249). 

This is considered to be a drastic measure to make sure the `setup-node` team takes responsibility for the problem.
@cmahnke cmahnke mentioned this issue Jul 6, 2024
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@longility @adamhenson @Jaykob @bblanchon @cdrini @lkostrowski @kenniaa @adifelice-godaddy