Skip to content

Instantly share code, notes, and snippets.

@tgmarinho

tgmarinho/private-npm-in-gh-actions.md

Forked from nandorojo/private-npm-in-gh-actions.md
Created December 22, 2022 13:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tgmarinho/624c237244acc9323f3119ccbfebbd7e to your computer and use it in GitHub Desktop.
Save tgmarinho/624c237244acc9323f3119ccbfebbd7e to your computer and use it in GitHub Desktop.
Download ZIP
Use private NPM packages in your GitHub actions
Raw
private-npm-in-gh-actions.md

1 NPM_TOKEN

Add an NPM_TOKEN secret on GitHub. Get your secret key from the NPM dashboard.

2 Add a step to your action

- name: Authenticate with private NPM package
  run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc

A full example might look like:

name: Install cached packages
jobs:
  install-with-cache:
    name: Create new build on EAS
    runs-on: ubuntu-latest
    steps:
      - name: Setup repo
        uses: actions/checkout@v2
      - name: Setup node
        uses: actions/setup-node@v1
        with:
          node-version: 14.x
      - name: Find yarn cache
        id: yarn-cache-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
      - name: Restore cache
        uses: actions/cache@v2
        with:
          path: ${{ steps.yarn-cache-path.outputs.dir }}
          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
          restore-keys: |
            ${{ runner.os }}-yarn-
      - name: Authenticate with private NPM package
        run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc
      - name: Install dependencies
        run: yarn install --frozen-lockfile --check-files
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment