From 089aa7ea918421102c1e1dfa8ef95982aee6b0af Mon Sep 17 00:00:00 2001 From: Sergey Dolin Date: Fri, 19 Aug 2022 12:21:26 +0200 Subject: [PATCH] Add caveat for Yarn 2+ and private repos --- docs/advanced-usage.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 0cf12ca..da5397b 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -247,5 +247,25 @@ steps: # `npm rebuild` will run all those post-install scripts for us. - run: npm rebuild && npm run prepare --if-present ``` +### Yarn2 configuration +Yarn2 ignores both .npmrc and .yarnrc files created by the action, so before installing dependencies from the private repo it is necessary either to create or to modify existing yarnrc.yml file with `yarn config set` commands. +Below there's a sample "Setup .yarnrc.yml" step to configure private github registy for `my-org` organisation. + +```yaml +steps: +- uses: actions/checkout@v3 +- uses: actions/setup-node@v3 + with: + node-version: '14.x' +- name: Setup .yarnrc.yml + run: | + yarn config set npmScopes.my-org.npmRegistryServer "https://npm.pkg.github.com" + yarn config set npmScopes.my-org.npmAlwaysAuth true + yarn config set npmScopes.my-org.npmAuthToken $NPM_AUTH_TOKEN + env: + NPM_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }} +- name: Install dependencies + run: yarn install --immutable +``` NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation but in a different repository.