Mani Shankar
Reputation: 63
using environment variable instead of PAT in .npmrc file
I am trying to not use my PAT stored in the .npmrc file that is checked into the root of my repository. Right now, I have a GitHub Actions workflow setup that publishes a package to our GitHub package registry. Everything works well as long as I have my Personal Access Token(PAT) saved in the .npmrc but when I try to replace it with an environment variable like ${NPM_TOKEN} or ${NODE_AUTH_TOKEN} or ${GITHUB_TOKEN}, it fails with a 401 error.
My .npmrc looks like this now and it is failing:
registry=https://registry.npmjs.com
@my-org:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
always-auth=true
My GitHub Action workflow looks like this:
name: component_4 publish
on:
push:
branches:
- main
jobs:
publish-gpr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 16
- run: npm ci
- run: npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
I tried to replace my hardcoded PAT with an environment variable and it fails to authenticate.
Upvotes: 3
Views: 1338
Answers (0)
Related Questions
- Environment variables in github actions
- How to set environment variable in node.js process when deploying with github action
- How do I use an env file with GitHub Actions?
- Use environment variable in github action if
- How to create and add a token to a .npmrc file on GitHub Actions unrelated with the Developers' token?
- How to set an environment variable in github actions
- How to use environment variables when running Next JS build command on Github Actions
- GitHub Actions: env: Use pre-defined environment variables on RHS within env section
- Environment Variables in a JavaScript Github Action
- How can you use an environmental variable with an npm package