github action for npm publish fails

Asked 8/1, 2022 at 10:22 Answered 16/4 at 10:7

Goal

I have manually published an open source lib to registry.npmjs.org and I want future releases to be automatically published using GitHub Actions. I have no prior experience with GitHub actions.

What I have done so far

I have put the standard GitHub action into the repository which GitHub provides for that purpose (unchanged). In its last line, it takes the automation token from npmjs.com which I have defined on the repo as environment secret NPM_TOKEN. It shows up in the repo's secrects page.

The error that I face

Run npm publish
...
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/runner/.npm/_logs/2022-01-08T00_20_52_834Z-debug.log
Error: Process completed with exit code 1.

Despite extensive web search, I do not understand

is there a way to verify that the automation token is picked up at all?
why does npm publish require npm adduser, does it indicate that the automation token has not been properly picked up? After all, the action is executed on a CI node on which I couldn't npm login. And the npm-publish.yml or its documentation shows no hint that user details need to be provided for authentication.

Nunciature answered 8/1, 2022 at 10:22 Comment(0)

I had some endeavours and got a similar problem. Consider the following things to look at:

When creating the secret token at npmjs.com, select accessToken type as automation option not publish to bypass 2FA, otherwise ill not work.
When adding npm created accessToken secret to github: What I have found going to settings > secrets, there are two ways to add secrets: In the environment or to the repository. Adding secrets to the environment will not work. You need to add it as repository secret; please see the attached image.
Confirm the secret name in secrets matches the YML file.

Whirlybird answered 12/3, 2022 at 12:56 Comment(4)

You save my night, now i can sleep \o/ – Marrowbone 8/9, 2022 at 2:30

I'm running into similar issues. What do I assign to the NPM Token in environment secrets? A personal access token from Github? Any advice is appreciated. Thanks. – Synder 13/2, 2023 at 23:10

@CoreyBruyere , your question is not clear enough, for what you are trying to do. The thing in main question is using gitHub Actions as CD to auto publish npm package and to do so, you need to generate token from npm and put that generated token at github. basically start with going to npmjs.com and under profile find accessTokens and generate new one and that should be of type automation as in step 1 in my answer, hopefully this helps – Whirlybird 14/2, 2023 at 5:50

@CoreyBruyere see if that helps docs.github.com/en/actions/publishing-packages/… – Gaynell 30/4, 2023 at 16:56

For those who are getting the error even after using the Automation token. add registry-url in setup node

    - uses: actions/setup-node@v2
    with:
      node-version: '18'
      registry-url: 'https://registry.npmjs.org'

Hampshire answered 16/4 at 10:7 Comment(0)

Recommended topics

Hot tags