Github操作,使用npm或yarn安装Github软件包时,未经授权401 [英] Github actions, 401 unauthorized when installing a Github Package with npm or yarn
问题描述
当我尝试通过GitHub动作安装npm
模块时,出现以下错误:
When I try to install my npm
modules from a GitHub action I get the following error:
npm ERR! 401 Unauthorized - GET https://npm.pkg.github.com/@xxxx%2fxxxx-analytics - Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
在发表评论之前,我已经使用范围和访问令牌正确配置了.npmrc,并且在本地安装私有软件包时一切正常.
Before you comment, I have configured the .npmrc correctly with the scope and access token, and everything works fine when installing the private package locally.
这是我的GitHub工作流程操作:
Here is my GitHub workflow action:
name: JavaScript workflow
on: [push]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Use Node.js 12.x
uses: actions/setup-node@v1
with:
node-version: '12.x'
- name: npmrc
run: cat .npmrc
- name: npm install
run: |
npm install
env:
CI: true
NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
这是我的.npmrc
here is my .npmrc
@fortawesome:registry=https://npm.fontawesome.com/
//npm.fontawesome.com/:_authToken=XXXXXXXXX
@colonynetworks:registry=https://npm.pkg.github.com
//npm.pkg.github.com:_authToken=XXXXXXXXX
always-auth=true
@react-admin:registry=https://registry.marmelab.com
//registry.marmelab.com:
_auth=XXXXXXXXX
email=software@XXXXXXXXX.com
always-auth=true
这是一个私人存储库,并且authTokens当前已硬编码在.npmrc文件中.
It's a private repo and the authTokens are currently hardcoded in the .npmrc file.
但是,在尝试找到解决方案时,我确实遇到了Github员工的以下随机评论:
However while trying to find a solution for this, I did come across this random comment from a Github staff member: https://github.community/t/netlify-getting-401-from-github-package-registry-with-auth-token/16415/3
这有点含糊,但是听起来好像它不接受.npmrc文件中的硬编码authToken.
It's a bit vague, but it sounds like it doesn't accept a hardcoded authToken in the .npmrc file.
所以我尝试的第一件事是像这样使用我们的env变量:
So first thing I tried was to use our env variable instead like so:
@xxxx=https://npm.pkg.github.com
//npm.pkg.github.com:_authToken=${NPM_AUTH_TOKEN}
env变量在我们的Github存储库秘密中是正确的,并且由工作流提供.
The env variable is correct in our Github repo secrets, and supplied by the workflow.
但是,这仍然会导致相同的401未经授权错误.
However this still resulted in the same 401 Unauthorized error.
通过查看其他解决方案,我然后尝试在install
步骤之前在Github动作中手动生成.npmrc,如下所示:
From looking at other solutions I then tried to generate the .npmrc manually inside the Github action before the install
step, like so:
- name: npmrcgen
run: |
echo "//npm.pkg.github.com/:_authToken=XXXXXXX" > .npmrc
echo "@xxxxx=https://npm.pkg.github.com/" >> .npmrc
echo "@react-admin:registry=https://registry.marmelab.com" >> .npmrc
echo "//registry.marmelab.com:" >> .npmrc
echo "_auth=XXXXXXX" >> .npmrc
echo "email=software@xxxxx.com" >> .npmrc
echo "always-auth=true" >> .npmrc
在我添加的日志记录步骤中,它的_authToken(仅适用于Github)仍然显示为***
,并且仍然出现401未经授权的错误.
During the logging step I added, it the _authToken (only for Github) still shows up as ***
, and I still got a 401 Unauthorized error.
在这一点上,我想确认.npmrc是否还在使用中,因此我删除了用于marmelab.com
的第二个私有注册表,果然,我收到一条错误消息,说它不再能够安装其ra-realtime
包.这证明.npmrc文件确实已由我的Github操作读取和使用,但它不接受我的Github个人访问令牌.
At this point I wanted to confirm the .npmrc was even being used, so I removed the second private registry we used for marmelab.com
, and sure enough, I got an error saying it was no longer able to install their ra-realtime
package. This proves the .npmrc file is indeed being read and used by my Github action, but it's not accepting my Github personal access token.
我也尝试生成一个新令牌.它具有对repo:
以及write:packages
和read:packages
下所有内容的完全访问权限.
I have tried to generate a new token as well. It has full access to everything under repo:
as well as write:packages
and read:packages
which is what should be required.
在GitHub动作中仍然未授权401,并且在本地仍然可以正常工作.
Still 401 Unauthorized in the Github action, and still works fine locally.
最近,我尝试使用yarn
而不是npm
进行安装.毫不奇怪,这也没有解决.
Lastly I have tried to install it with yarn
instead of npm
. Unsurprisingly this did not fix it either.
我已经看到并尝试了以下解决方案,但均未成功:
I have seen and tried the following solutions without any success:
- 下载私有模块从Github包注册表通过Github Action中的Yarn来实现?可以发布作品,但安装时会遇到"401未经授权"
- https://github.com/FerLuisxd/create-npmrc
- https://blog.bitsrc.io/install-npm-private-packages-in-ci-cd-with-github-actions-746db95017cc
- Download private module from Github Package Registry via Yarn within a Github Action? Publishing works, but installing is met with '401 Unauthorized'
- https://github.com/FerLuisxd/create-npmrc
- https://blog.bitsrc.io/install-npm-private-packages-in-ci-cd-with-github-actions-746db95017cc
我没有尝试过的一件事,因为我没有看到关于如何或这是一个好主意的建议,但是我没有在Github动作中执行npm login
.由于没有人做到这一点,并且以某种方式使它起作用,所以我认为这是没有必要的.
One thing I have not tried, as I have seen no recommendations on how or this being a good idea, but I have not done an npm login
within the Github action. Since no one else has done this, and somehow have it working, I assume this is not necessary.
推荐答案
我最终不得不联系GitHub支持,并让他们可以访问我的存储库以解决此问题.
I ended up having to contact GitHub support and give them access to my repo to figure this out.
但是他们确实找出了问题所在.
However they did figure out what the problem was.
Github工作流程比本地环境更严格,并在auth令牌之前退回额外的/
:
Github workflows are more strict than local environments and requite an extra /
before the auth token:
发现差异:
//npm.pkg.github.com:_authToken=XXXXXXXXX
//npm.pkg.github.com/:_authToken=XXXXXXXXX
在:_authToken=
之前添加额外的/
为我解决了这个问题.
adding the extra /
before :_authToken=
solved the issue for me.
这篇关于Github操作,使用npm或yarn安装Github软件包时,未经授权401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!