I am setting up a new GitHub Actions workflow which requires installing dependencies with yarn
which includes a private package hosted on GitHub Packages. For local development, we have a .yarnrc.yml
file:
nodeLinker: node-modules
yarnPath: .yarn/releases/yarn-3.6.4.cjs
npmScopes:
ourCustomScope:
npmRegistryServer: https://npm.pkg.github.com
npmAuthToken: ${GITHUB_PACKAGES_TOKEN}
So I create my workflow as follows:
name: CI - Lint
on:
push:
branches:
- main
- dev
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
GITHUB_PACKAGES_TOKEN: ${{secrets.GITHUB_TOKEN}}
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '20.x'
cache: 'yarn'
registry-url: https://npm.pkg.github.com
scope: '@ourCustomScope'
- name: Install dependencies
run: yarn --immutable
env:
GITHUB_PACKAGES_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Lint & Format
run: yarn lint
The workflow fails during the Install Dependencies step:
Run yarn --immutable
➤ YN0000: ┌ Resolution step
Resolution step
➤ YN0000: └ Completed in 0s 576ms
➤ YN0000: ┌ Fetch step
Fetch step
➤ YN0035: @ourCustomScope/our-package@npm:0.5.0::__archiveUrl=https%3A%2F%2Fnpm.pkg.github.com%2Fdownload%2F%40ourscope%2Four-package%2F0.5.0%2Fefc87a511fa65b9572efce9df2c50342b4864bbc: The remote server failed to provide the requested resource
➤ YN0035: Response Code: 403 (Forbidden)
➤ YN0035: Request Method: GET
➤ YN0035: Request URL: https://npm.pkg.github.com/download/@ourScope/our-package/0.5.0/efc87a511fa65b9572efce9df2c50342b4864bbc
➤ YN0000: └ Completed in 2m 29s
➤ YN0000: Failed with errors in 2m 30s
Error: Process completed with exit code 1.
Why the 403? Is my setup incorrect?
.yarnrc.yml
does not support resolving environment variables. You need to set it in the workflow via
yarn config set 'npmRegistries["//npm.pkg.github.com"].npmAuthToken' "${{secrets.GITHUB_TOKEN}}"
or
yarn config set 'npmScopes.ourCustomScope.npmAuthToken' "${{secrets.GITHUB_TOKEN}}"