Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Adding npmrc for private registry with workflowBootstrapSteps fails on build.yml / package-js

See original GitHub issue

In reference to #1006, we added the following snippet to our .projenrc.ts:

const project = new awscdk.AwsCdkConstructLibrary({
  //...
  workflowBootstrapSteps: [
    {
      name: 'Login to GitHub npm registry',
      id: 'npm_auth',
      run: 'echo -e "//npm.pkg.github.com/:_authToken=${NPM_TOKEN}" >> ~/.npmrc',
      env: {
        'NPM_TOKEN': '${{ secrets.NPM_PULL_SECRET }}'
      },
    },
  ],
});

This will work for the initial jobs of the build.yml and release.yml workflows but will fail on the the following jobs as the $HOME directory is not shared between jobs. Therefore the Install Dependencies steps of build.yml/package-js and release.yml/release_npm workflows/jobs will fail.

Pleas advise if this is a bug or if we are using the wrong API for what we need to do.

Issue Analytics

State:
Created a year ago
Reactions:2
Comments:12 (4 by maintainers)

Top GitHub Comments

1reaction

rjmackaycommented, Nov 24, 2022

For anyone needing a workaround in the interrim, this works:

project.github!.tryFindWorkflow('build')!.file!.patch(
  JsonPatch.add('/jobs/package-js/steps/1', {
    name: 'Setup NPM Token',
    run: 'echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc',
    env: {
      NPM_TOKEN: '${{ secrets.NPM_TOKEN }}',
    },
  })
)

1reaction

roamingthingscommented, Nov 18, 2022

Can you confirm what you exactly mean by this?

I’m trying to build an AwsCdkConstructLibrary that publishes a JS (NPM) and Java (Maven) artifact to my (private) GitHub repository. The publishing itself is working fine. However, I’m also relying on another constructs library that is available in a private GitHub repository. For this reason each time that yarn install runs it requires a pointer and the credentials (GitHub token) to download the private dependency.

Initially I have been the same approach like @5nafu with the same issue. Release to npm/java didn’t get the workflowBootstrapSteps steps and yarn install failed.

Using the suggestion from @mpiltz I have now been able to have all yarn install steps successfully download the dependency. But I’m now at a point where maven in the java packaging task also requires the repository location and credentials to access the Java version of the private constructs dependency. I don’t know yet how to add a maven repository definition to the maven packaging task.

I assume that publishing a Python artifact would have a similar issue.