I have two private repositories in the same organization, say repository A and B, both of which are python packages. I have a "GitHub Actions workflow" to test repository B for each PR. However, repository B depends on repository A, so I would need to install it.
I tried following this GitHub document, however, it specifically states
GITHUB_TOKEN cannot install packages from any private repository besides the repository where the action runs.
How do I go about implementing this installation?
That just means, that you cannot use the predefined GITHUB_TOKEN. Create a personal access token (PAT) with read:packages scope and add it as a secret to your repository.
If you need a token that requires permissions that aren't available in the GITHUB_TOKEN, you can create a personal access token and set it as a secret in your repository:
- Use or create a token with the appropriate permissions for that repository. For more information, see "Creating a personal access token".
- Add the token as a secret in your workflow's repository, and refer to it using the ${{ secrets.SECRET_NAME }} syntax. For more information, see "Creating and using encrypted secrets".