英文:
How does a manual workflow differ from an automated Github workflow?
问题
I am attempting to reproduce as an automated GitHub workflow the steps which allow me to manually publish a package from my local console through an opportune .npmrc file.
If I do manually type (from the root folder of my Node.js project):
echo "@myorganization:registry=https://npm.pkg.github.com" > .npmrc
echo "//npm.pkg.github.com/:username=myname" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=xyz" >> .npmrc
npm publish
I succeed in publishing my package.
However, if I write in the .yml file:
on:
release:
types: [created]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 18
- run: npm ci
- run: npm test
publish-gpr:
needs: build
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 16
registry-url: https://npm.pkg.github.com/
- name: npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.MY_TOKEN}}
run: |
echo "@myorganization:registry=https://npm.pkg.github.com" > .npmrc
echo "//npm.pkg.github.com/:username=myname" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN:?}" >> .npmrc
npm publish
I get the error:
...
npm notice Publishing to https://npm.pkg.github.com
npm ERR! code E401
npm ERR! 401 Unauthorized - PUT https://npm.pkg.github.com/@myorganization%2fmyrepository - unauthenticated: User cannot be authenticated with the token provided.
...
So, I suppose, the problem comes from the conversion of the environmental variable NODE_AUTH_TOKEN to the explicit xyz secret value. However, I have not been able to solve such a problem. Can you understand what is wrong?
英文:
I am attempting to reproduce as an automated github workfow the steps which allow me to manually publish a package from my local console through an opportune .npmrc file.
If do manually type (from the root folder of my Node.js project):
echo "@myorganization:registry=https://npm.pkg.github.com" > .npmrc
echo "//npm.pkg.github.com/:username=myname" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=xyz" >> .npmrc
npm publish
I succed in publishing my package.
However, if I write in the .yml file:
on:
release:
types: [created]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 18
- run: npm ci
- run: npm test
publish-gpr:
needs: build
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 16
registry-url: https://npm.pkg.github.com/
- name: npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.MY_TOKEN}
run: |
echo "myorganization:registry=https://npm.pkg.github.com" > .npmrc
echo "//npm.pkg.github.com/:username=myname" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN:?}" >> .npmrc
npm publish
I get the error:
...
npm notice Publishing to https://npm.pkg.github.com
npm ERR! code E401
npm ERR! 401 Unauthorized - PUT https://npm.pkg.github.com/@myorganization%2fmyrepository - unauthenticated: User cannot be authenticated with the token provided.
...
so that, I suppose, the problem comes from the conversion of the environmental variable NODE_AUTH_TOKEN to the explicit xyz secret value. However, I have not been able to solve such a problem. Can you undestand what is wrong?
答案1
得分: 0
新引入的参数 NODE_AUTH_TOKEN 在环境中缺失。
只有在后来执行 npm publish 时才会注意到错误。
一些建议和示例:
当你将命令序列转换为工作流时,请将它们放在单个 run: 中,因为它们是相关的。
始终将 env: 放在 run: 之前,以便环境在前面可见(这样你可以更容易地发现缺失的参数)。
最后,在必需的参数为空时产生错误(${NODE_AUTH_TOKEN:?}),这样可以尽早生成错误并更容易定位。
- name: npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.MY_TOKEN}}
run: |
echo "@myorganization:registry=https://npm.pkg.github.com" >> .npmrc
echo "//npm.pkg.github.com/:username=myname" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN:?}" >> .npmrc
npm publish
为了使其更加安全,你可以将第一个写入 .npmrc 的操作更改为使用 > 而不是 >>,这样可以创建文件,而不是追加。如果文件已存在(构建不完整),你将不会遇到这样的问题。但严格来说,这并不是必要的。
英文:
Cause looks to me that the newly introduced parameter NODE_AUTH_TOKEN is missing in the environment.
This is noticed only later, when npm publish is invoked and errors.
Some hints and example:
When you convert into a workflow, start porting your command sequence into a single run: as it belongs together.
Also always put the env: before the run: so that the environment is visible upfront (and you spot missing parameters more easily).
Finally, error on required parameters if they are empty (${NODE_AUTH_TOKEN:?}), so it is as early as possible to produce the error and it is easy to localize.
- name: npm publish
env:
NODE_AUTH_TOKEN: ${{secrets.MY_TOKEN}}
run: |
echo "@myorganization:registry=https://npm.pkg.github.com" >> .npmrc
echo "//npm.pkg.github.com/:username=myname" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN:?}" >> .npmrc
npm publish
To make it even more failsafe, you could change the first write to .npmrc create that file by using > instead of >> which is appending. In case the file would exist (unclean build), you would not run into such a problem late. But strictly speaking this is not necessary.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论