Actions/setup-node
1
Fork 0
mirror of https://github.com/actions/setup-node.git synced 2025-10-31 16:13:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: Include warning when configuring token to install private packages

Browse Source 
The distinction between `secrets.GITHUB_TOKEN` and `secrets.NPM_TOKEN` cost myself and a colleague numerous hours when we were trying to fix a GitHub Actions workflow which needed to install a private package from a different repository from our GitHub organisation.

Given the issue dedicated to this point is closed, we should include a warning here to make it more clear why `secrets.GITHUB_TOKEN` will not work when passed to `npm ci`, in the presence of private packages from other GitHub Package repositories.
This commit is contained in:
James Ottaway 2022-06-27 09:28:13 +10:00 committed by GitHub
parent cdcc53e14f
commit 24301fe9fb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/advanced-usage.md
View File

@ -247,3 +247,5 @@ steps:
# `npm rebuild` will run all those post-install scripts for us.
- run: npm rebuild && npm run prepare --if-present
```
NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation.