act icon indicating copy to clipboard operation
act copied to clipboard

Published 20 hours ago verified publisher icon nektos

Setting `NODE_AUTH_TOKEN` does not authenticate with npm

Open haseebnaseem opened this issue 2 years ago • 3 comments

Bug report info

act version:            0.2.31
GOOS:                   darwin
GOARCH:                 arm64
NumCPU:                 10
Docker host:            DOCKER_HOST environment variable is unset/empty.
Sockets found:
        /var/run/docker.sock
Config files:           
        /Users/haseeb/.actrc:
                -P ubuntu-latest=catthehacker/ubuntu:act-latest
                -P ubuntu-22.04=catthehacker/ubuntu:act-22.04
                -P ubuntu-20.04=catthehacker/ubuntu:act-20.04
                -P ubuntu-18.04=catthehacker/ubuntu:act-18.04
Build info:
        Go version:            go1.19
        Module path:           command-line-arguments
        Main version:          
        Main path:             
        Main checksum:         
        Build settings:
                -compiler:            gc
                -ldflags:             -X main.version=0.2.31
                CGO_ENABLED:          1
                CGO_CFLAGS:           
                CGO_CPPFLAGS:         
                CGO_CXXFLAGS:         
                CGO_LDFLAGS:          
                GOARCH:               arm64
                GOOS:                 darwin
Docker Engine:
        Engine version:        20.10.17
        Engine runtime:        runc
        Cgroup version:        2
        Cgroup driver:         cgroupfs
        Storage driver:        overlay2
        Registry URI:          https://index.docker.io/v1/
        OS:                    Docker Desktop
        OS type:               linux
        OS version:            
        OS arch:               aarch64
        OS kernel:             5.10.104-linuxkit
        OS CPU:                5
        OS memory:             7851 MB
        Security options:
                name=seccomp,profile=default
                name=cgroupns

Command used with act

act -j format -s GITHUB_TOKEN

Describe issue

The same workflow successfully installs dependencies, while with act it does not. Setting the same variable in .npmrc works. run: echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}" >> .npmrc && npm ci --ignore-scripts --no-audit --no-progress --prefer-offline

Link to GitHub repository

No response

Workflow content

format:
    name: Format
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          persist-credentials: false
          ref: ${{ github.event.pull_request.head.sha || github.sha }}
      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          cache: 'npm'
          node-version: 16
          registry-url: https://npm.pkg.github.com
      - env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        name: Install dependencies
        run: npm ci --ignore-scripts --no-audit --no-progress --prefer-offline
      - name: Format
        run: npm run format

Relevant log output

[Continuous Integration/Format]   ✅  Success - Main Setup Node.js
[Continuous Integration/Format] ⭐ Run Main Install dependencies
[Continuous Integration/Format]   🐳  docker exec cmd=[bash --noprofile --norc -e -o pipefail /var/run/act/workflow/2] user= workdir=
| npm WARN deprecated @types/[email protected]: This is a stub types definition. graphql provides its own type definitions, so you do not need this installed.
| npm WARN deprecated @types/[email protected]: This is a stub types definition. bson provides its own type definitions, so you do not need this installed.
| npm ERR! code E401
| npm ERR! 401 Unauthorized

Additional information

No response

haseebnaseem avatar Oct 26 '22 19:10 haseebnaseem

Issue is stale and will be closed in 14 days unless there is new activity

github-actions[bot] avatar Nov 27 '22 00:11 github-actions[bot]

If I do act -v -s GITHUB_TOKEN with the following workflow I can confirm that the secret is being passed because the char count is equal to the number of chars I'm entering when prompted.

on: push

env:
  NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

jobs:
  format:
    name: Format
    runs-on: ubuntu-latest
    steps:
      - run: echo "$NODE_AUTH_TOKEN" >> testing && grep -c . testing

It seems like an issue with setup-node considering you said this only works when you, yourself echo the variable to .npmrc.

I would try to cat .npmrc after setup-node runs, and if you see //npm.pkg.github.com/:_authToken=**** than you know the asterisks are your secret. If there aren't any, you know the secret was not set in .npmrc.

I'd also try to run your action on Github's runners. If it works there than we can narrow it down to act.

20k-ultra avatar Nov 30 '22 22:11 20k-ultra

I hit a similar issue using setup-node and it turned out that the format of the variable NODE_AUTH_TOKEN was just the token. The authToken in the .npmrc file is sometimes (for some private registries at least this is always the case) a base64 encoded string with both your username and token, you might be hitting that problem if the file works but not the input for the job.

ruben-chainalysis avatar Dec 01 '22 12:12 ruben-chainalysis

Issue is stale and will be closed in 14 days unless there is new activity

github-actions[bot] avatar Jan 01 '23 00:01 github-actions[bot]