Use private NPM packages in your GitHub actions

private-npm-in-gh-actions.md

1 NPM_TOKEN

Add an NPM_TOKEN secret on GitHub. Get your secret key from the NPM dashboard.

2 Add a step to your action

- name: Authenticate with private NPM package
  run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc

A full example might look like:

name: Install cached packages
jobs:
  install-with-cache:
    name: Create new build on EAS
    runs-on: ubuntu-latest
    steps:
      - name: Setup repo
        uses: actions/checkout@v2
      - name: Setup node
        uses: actions/setup-node@v1
        with:
          node-version: 14.x
      - name: Find yarn cache
        id: yarn-cache-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
      - name: Restore cache
        uses: actions/cache@v2
        with:
          path: ${{ steps.yarn-cache-path.outputs.dir }}
          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            ${{ runner.os }}-yarn-
      - name: Authenticate with private NPM package
        run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc
      - name: Install dependencies
        run: yarn install --frozen-lockfile --check-files 

Thank you!

It works, thank you!

I’m glad that this niche gist helped some internet strangers haha

And so it rolls on. +1 @nandorojo

omg don't know how thankful I am to have found this gist ✨ Thank you so much!

🕺

A better way using GITHUB_TOKEN directly:

actions/setup-node#49 (comment)

Can someone help explain what this NPM_TOKEN is and how i can get it ?