How to install private package using Github Actions

2023.11.13

After deploying a package using GitHub Packages within the organization, I would like to install the package from another private repository within the same organization.

However, I encounter a 401 error in GitHub Actions when attempting to install the package. The error message is as follows:

error An unexpected error occurred: "https://npm.pkg.github.com/download/...: Request failed \"401 Unauthorized\"".

To address this issue and provide the necessary authorization, it is essential to add the .npmrc and .yarnrc files before the installation process.

First, you must create a token that grants read access to the package and add this token under the organization.

For example, you can name the token as GH_PACKAGE_PUBLISH_TOKEN.

- name: Use Node.js
  uses: actions/setup-node@v3
  with:
    node-version: 18.12.0
- name: Create NPMRC
  run: |
    echo "//npm.pkg.github.com/:_authToken=${{ secrets.GH_PACKAGE_PUBLISH_TOKEN }}" >> ~/.npmrc
    echo "[ORGANIZATION_NAME]:registry=https://npm.pkg.github.com" >> ~/.npmrc
    echo 'registry "https://registry.yarnpkg.com"' >> ~/.yarnrc
- name: yarn install
  run: |
    cd frontend && yarn install --frozen-lockfile

References:

setup-node/docs/advanced-usage.md at main · actions/setup-node

Installing private Github Package using yarn on Github Actions is Unauthorized with yarn.lock