I'm trying to publish a package to the github package registry from Travis CI. Everything seems to work fine (build and tests succeed), but when it tries to publish, I'm getting a 401 error. I've added my github personal access token as a secure env var in the travis config, and I'm manually overriding the root .npmrc with an npmrc that includes the github registry and the access token, but I'm still getting permission issues. How am I supposed to grant lerna/npm permission to publish a github package?
Here is my .travis.yml
env:
global:
secure: "my encrypted GH_TOKEN value (github personal access token with package registry permissions)"
language: node_js
node_js:
- "12"
cache:
directories:
- "node_modules"
before_install:
- echo "@my-org:registry=https://npm.pkg.github.com/:_authToken=\${GH_TOKEN}" > .npmrc
install:
- npm ci
- npm run bootstrap
script:
- npm run test
- npm run build
deploy:
provider: script
script: "npm run publish"
skip_cleanup: true
on:
node: "12"
tags: true
When the travis deploy runs, it errors with this:
> lerna publish from-git --yes --npm-tag beta
WARN deprecated --npm-tag has been renamed --dist-tag
lerna notice cli v3.20.2
lerna info ci enabled
Found 1 package to publish:
- @my-org/example-pkg => 1.0.2-beta.8
lerna info auto-confirmed
lerna info publish Publishing packages to npm...
lerna notice Skipping all user and access validation due to third-party registry
lerna notice Make sure you're authenticated properly ¯\_(ツ)_/¯
lerna WARN ENOLICENSE Package @my-org/example-pkg is missing a license.
lerna WARN ENOLICENSE One way to fix this is to add a LICENSE.md file to the root of this repository.
lerna WARN ENOLICENSE See https://choosealicense.com for additional guidance.
lerna WARN lifecycle Skipping root "prepublish" because it has already been called
lerna http fetch PUT 401 https://npm.pkg.github.com/:_authToken=[secure]/@my-org%2fexample-pkg 153ms
lerna ERR! E401 Unable to authenticate, need: Basic realm="GitHub Package Registry"
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] publish: `lerna publish from-git --yes --npm-tag beta`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] publish script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/travis/.npm/_logs/2020-02-25T19_46_08_862Z-debug.log
Script failed with status 1
failed to deploy
What am I doing wrong here?
The issue ended up being I needed two lines in my .npmrc file. One to associate org @my-org with the github package registry: And one to provide an auth token for the github package registry. So the whole .npmrc looks like this:
@my-org:registry=https://npm.pkg.github.com/
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
Then I was able to just set the GITHUB_TOKEN environmental variable to my github personal access token (with package read permissions) and then I was able to run npm install @my-org/example-pkg.