Installing a GitHub Package in CircleCI

Question

For my project, I am trying to install (not publish!) a npm package from GitHub Packages. It is hosted on a private repository, which is in an org. I have made a personal access token with the required permission to read from that repo and org. All of this works locally with the following steps:

• Set the registry in the .npmrc file: registry=https://npm.pkg.github.com/OWNER
• Terminal login: npm login --registry=https://npm.pkg.github.com It will then prompt this:

> Username: USERNAME
> Password: TOKEN
> Email: PUBLIC-EMAIL-ADDRESS

• Username is your standard github username
• Token is the personal access token created with the right permissions
• Email can be random

After filling out, everything works and i can install the packge, alongside all the others hosted on the normal npm registry. Now onto the problem: I am trying to replicate the same on circleCI, but it doesnt seem to let me override the npm registry. The project includes a .npmrc file in the same folder that the package.json is located at. Here is part of the circle ci conf:

      - run:
          name: "Set NPM registry"
          command: npm config set registry https://npm.pkg.github.com/OWNER
      - run:
          name: "Authenticate with GitHub package registry"
          command: echo "//npm.pkg.github.com/:_authToken=${GITHUB_PACKAGES}" > web_ui/frontend/.npmrc
      - run:
          name: "Install frontend dependencies"
          command: npm run deps-frontend

GITHUB_PACKAGES is just an env variable stored in circleCI.

Now the error message tells me the following:

npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="GitHub Package Registry"

I tried googling for it, but nothing that worked came up.

Answer 1

Can you try moving the run steps in the pre steps? Like so:

pre:
  - npm config set registry https://npm.pkg.github.com/OWNER
  - echo "//npm.pkg.github.com/:_authToken=${GITHUB_PACKAGES}" > web_ui/frontend/.npmrc
  - npm run deps-frontend

Another thing to try could be to use a different version of npm.

Answer 2

You can't access private package, you need to dynamically create configuration in .npmrc for setting values:

{@your_scope}:registry={https://your.registry.domain.net/path/}
{//your.registry.domain.net/path/}:_authToken={your_git_token}

See orb source npm-config/set-registry

example of use:

 steps:
  - checkout
  - npm-config/set-registry:
      registry-prurl: //your.registry.domain.net/path/
      scope: '@your_scope'
      auth-token: your_git_token
  - run:
      name: Download depencies
      command: yarn

Source:

set-registry:
description: Sets a registry to .npmrc
parameters:
  registry-prurl:
    description: |
      protocol-relative URL (ex: //registry.domain.net/path/)
    type: string
  scope:
    description: registry scope
    type: string
  auth-token:
    description: authorization token for private repos
    type: string
    default: ""
steps:
  - run:
      name: Set NPM registry URL
      command: >
        scope=<< parameters.scope >>;
        registry_prurl=<< parameters.registry-prurl >>;
        npm config set "${scope}:registry" "https:$registry_prurl"
  - run:
      name: Set auth token for NPM registry if provided
      command: |
        if [ "<< parameters.auth-token >>" != "" ]; then
        registry_prurl=<< parameters.registry-prurl >>;
        auth_token=<< parameters.auth-token >>;
        echo "${registry_prurl}:_authToken=${auth_token}" >> ~/.npmrc
        fi;