github-actionsaccess-tokensecret-keyprivate-repository

Why is the checkout of a private repository on GitHub Actions returning "Error : fatal: could not read Username for 'https://github.com'"?


The project's local development environment makes it mandatory to have a .npmrc file with the following content:

registry=https://registry.npmjs.org/
@my-organization:registry=https://npm.pkg.github.com/
//npm.pkg.github.com/:_authToken=your-GitHub-token-should-be-here-and-I-will-not-share-my-for-security-reasons

Hence, any client properly authenticated into the GitHub Packages Registry can install our private NPM packages hosted for free on GitHub Registry by running:


npm ci @my-organization/our-package

Ok, it works on my local development environment.

Now, I am building a Continuous Integration process with GitHub Actions which is a different but similar challenge. I have this on my .yaml file:

      - name: Create .npmrc for token authentication
        uses: healthplace/npmrc-registry-login-action@v1.0
        with:
          scope: '@my-organization'
          registry: 'https://npm.pkg.github.com'
        # Every user has a GitHub Personal Access Token (PAT) to
        # access NPM private repos. The build of GitHub Actions is
        # symmetrical to what every developer on the project has to
        # face to build the application on their local development
        # environment. Hence, GitHub Actions also needs a Token! But,
        # it is NOT SAFE to insert the text of a real token on this
        # yml file. Thus, the institutional workaround is to insert
        # the `{{secret}}` below which is aligned/set in the project
        # settings on GitHub!
          auth-token: ${{secrets.my_repo_secret_key_which_is_not_being_shared}}

On GitHub settings->secrets->actions->"add secret":

enter image description here

On the secret value, I added the same content I have on .npmrc. I was expecting it to work. Unfortunately, an error message is retrieved:

  Error: fatal: could not read Username for 'https://github.com': terminal prompts disabled

Why is that so?


Solution

  • I made the mistake of adding all the content on my .npmrc.

    It is wrong. And GitHub already knows some things, such as the scope. @my-organization.

    Hence, the solution is only adding the following snippet (using the example provided on the question):

    your-GitHub-token-should-be-here-and-I-will-not-share-my-for-security-reasons
    

    And it works as expected :)