semantic-release
semantic-release copied to clipboard
semantic-release
Publish to Github packages
is there any solution to utilize this to automate publishing to Github packages. we do many skips on version bumping. we want it to be harmonious with what we publish on npm.
I don't think it makes sense to publish a package to both, the npm registry and GitHub's packages' registry. The latter falls back to the former. If you want to publish just to GitHub packages, you can do so with https://github.com/semantic-release/npm/ by configuring the registry (https://docs.npmjs.com/cli/v6/using-npm/registry#i-dont-want-my-package-published-in-the-official-registry-its-private)
When I attempt to publish to GitHub packages, I get npm ERR! 401 Unauthorized - PUT https://npm.pkg.github.com/@xxx- Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. I am using this in my yaml file:
...
- name: Build, Test and Publish REST Client
working-directory: ./src/RestApi.Client
run: |
npm ci
npm run generate /variables:Configuration=Release
npm run build --if-present
npm run test
npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.GITHUB_TOKEN }}
...
NPM_TOKEN: ${{ secrets.GITHUB_TOKEN }}
This needs to be a different token one you generate that has access to write packages... I do not believe the generic GITHUB_TOKEN can do that by default.
According to the docs you might be able to adjust the token to have permissions.
Sorry, I forgot about this and didn't follow up after I "solved" it. The github token did work for me but I had to supply NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}. None of this was very clear in documentation, but I did eventually find something that led me to try that... I'm setting all 3 environment variables now to the github token, but I'm not sure if all 3 are actually needed.
I feel like setting only GITHUB_TOKEN and NPM_TOKEN was enough at some point. But that is not the case anymore. It stopped working for some reason. It works now after setting NODE_AUTH_TOKEN as well. NODE_AUTH_TOKEN is the env variable npm publish uses directly, so it makes sense that it works. But I wonder why it worked before without that. Maybe npm@6 allowed both NPM_TOKEN and NODE_AUTH_TOKEN but npm@7 does not?
For completeness, what seems to be working for me is something like this:
.github/semantic.yml
titleOnly: true
.github/workflows/develop-branch.yml (also in our master-branch.yml)
name: Build, Test and Package For Develop Branch
on:
push:
branches:
- develop
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/setup-node@v1
with:
node-version: 15
registry-url: https://npm.pkg.github.com/
scope: "@..."
- name: Build, Test and Publish REST Client
working-directory: ./src/RestApi.Client
run: |
npm ci
npm run generate /variables:Configuration=Release
npm run build --if-present
npm run test
npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
package.json
{
"name": "@.../...",
"version": "0.0.0-development",
"description": "...",
"main": "./build/index.js",
"types": "./build/index.d.ts",
"scripts": {
...
},
"repository": {
"url": "github:.../..."
},
"publishConfig": {
"registry": "https://npm.pkg.github.com"
},
"release": {
"branches": [
{ "name": "master" },
{ "name": "develop", "channel": "beta", "prerelease": "beta" }
]
}
}
I think those were all the relevant bits to get it to work.
The NPM_TOKEN env alone worked just fine up until we had to add the registry-url property to the actions/setup-node@v2 step. When using this property a .npmrc is created with the NODE_AUTH_TOKEN env, which I think renders useless the NPM_TOKEN afterwards.
In order to fix the semantic-release publish we replaced the NPM_TOKEN with the NODE_AUTH_TOKEN in the npx semantic-release step and everything worked again:
- name: Publish
run: npx semantic-release
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
Running into the same issue but with @rafaelrenanpacheco workaround, I get
...does not have the correct permissions to execute `CreatePackageVersion`\n'
which I know is bogus because vanilla npm publish with same token works just fine.
My config
- name: Release
run: npx semantic-release --branches main
env:
GITHUB_TOKEN: ${{ secrets.GHPR_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.GHPR_TOKEN }}
NPM_TOKEN: ${{ secrets.GHPR_TOKEN }}
I tried other variants too but same error like
- name: Release
run: npx semantic-release --branches main
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.GHPR_TOKEN }}
## and
- name: Release
run: npx semantic-release --branches main
env:
GITHUB_TOKEN: ${{ secrets.GHPR_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.GHPR_TOKEN }}
..does not have the correct permissions to execute
CreatePackageVersion\n'
Nevermind. It was caused due to the bot not having write permissions to the repo. It works now.
