Error "No user .npmrc file found" when file actually exists
Opened this issue · 2 comments
I'm getting a 403 when trying to release a private page to the private Github registry.
The project is a fresh turbo project created with yarn dlx create-turbo@latest and a dummy foo package to test the release works.
The logs says the .npmrc file doesn't exist, but it does:
auto-install-peers = true
@myorg:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
My release workflow includes:
- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@v1
with:
version: yarn run changeset:version # translated as changeset version && yarn install --mode=update-lockfile
publish: yarn run release-packages # translated as turbo run build --filter='./packages/*' && changeset publish
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Token automatically added by GithubError output, note the No user .npmrc file found, creating one line.
Run changesets/action@v1
with:
version: yarn run changeset:version
publish: yarn run release-packages
setupGitUser: true
createGithubReleases: true
env:
YARN_VERSION: 4.0.2
GITHUB_TOKEN: ***
setting git user
/usr/bin/git config user.name "github-actions[bot]"
/usr/bin/git config user.email "github-actions[bot]@users.noreply.github.com"
setting GitHub credentials
No changesets found, attempting to publish any unpublished packages to npm
No user .npmrc file found, creating one
/usr/local/bin/yarn run release-packages
• Packages in scope: @myorg/foo, @repo/eslint-config, @repo/typescript-config, @repo/ui
• Running build in 4 packages
• Remote caching disabled
No tasks were executed as part of this run.
Tasks: 0 successful, 0 total
Cached: 0 cached, 0 total
Time: 131ms
🦋 info npm info @myorg/foo
🦋 error Received an unknown error code: E403 for npm info "@myorg/foo"
🦋 error 403 Forbidden - GET https://npm.pkg.github.com/@myorg%2ffoo - Permission permission_denied: read_package
🦋 error In most cases, you or one of your dependencies are requesting
🦋 error a package version that is forbidden by your security policy, or
🦋 error on a server you do not have access to.
Error: Error: The process '/usr/local/bin/yarn' failed with exit code 1
Error: The process '/usr/local/bin/yarn' failed with exit code 1
I've tracked the error to the source code, it's coming from this conditional, on the else block:
Lines 58 to 59 in 2bb9bcb
I had changesets working for another turborepo monorepo with the only notably difference that it was using pnpm.
What is going wrong? perhaps process.env.HOME, but why?
I solved the 403 error, it was due to a misconfiguration on the write permissions for my package.
I had already published this dummy package from another repository so I needed to grant my new repository with write/admin access to the package. Done at https://github.com/orgs/MYORG/packages/npm/poc-math/settings
However the log error is still actual. No user .npmrc file found, creating one is still displayed despite me having it, as a proof I cat .npmrc just before the release:
Run cat .npmrc
auto-install-peers=true
@MYORG:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
Run changesets/action@v1
with:
version: yarn run changeset:version
publish: yarn run release-packages
setupGitUser: true
createGithubReleases: true
env:
YARN_VERSION: 4.0.2
GITHUB_TOKEN: ***
setting git user
/usr/bin/git config user.name "github-actions[bot]"
/usr/bin/git config user.email "github-actions[bot]@users.noreply.github.com"
setting GitHub credentials
No changesets found, attempting to publish any unpublished packages to npm
No user .npmrc file found, creating one
/usr/local/bin/yarn run release-packages
• Packages in scope: @MYORG/my-foo-package, @repo/eslint-config, @repo/typescript-config, @repo/ui
• Running build in 4 packages
• Remote caching disabled
No tasks were executed as part of this run.
Tasks: 0 successful, 0 total
Cached: 0 cached, 0 total
Time: 117ms
🦋 info npm info @MYORG/my-foo-package
🦋 info @MYORG/my-foo-package is being published because our local version (2.0.0) has not been published on npm
🦋 info Publishing "@MYORG/my-foo-package" at "2.0.0"
🦋 success packages published successfully:
🦋 @MYORG/my-foo-package@2.0.0
🦋 Creating git tag...
🦋 New tag: @MYORG/my-foo-package@2.0.0
/usr/bin/git push origin --tags
To https://github.com/MYORG/MYREPO
* [new tag] @MYORG/my-foo-package@2.0.0 -> @MYORG/my-foo-package@2.0.0
The changesets/action is hard-coded to only check $HOME/.npmrc. I've provided a work-around here: #58 (comment)