Skip to content

[CW-28153] fix: configure npm auth on runner before npm ci#40

Merged
and2352000 merged 1 commit into
masterfrom
fix/CW-28153-npm-auth-on-runner
May 4, 2026
Merged

[CW-28153] fix: configure npm auth on runner before npm ci#40
and2352000 merged 1 commit into
masterfrom
fix/CW-28153-npm-auth-on-runner

Conversation

@and2352000

@and2352000 and2352000 commented May 4, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Add a Configure npm auth step that writes //npm.pkg.github.com/:_authToken=${NPM_TOKEN} to ~/.npmrc before npm ci runs.
  • Move the NPM_TOKEN env from the Install dependencies step to the new auth step (npm itself never read that env var; only the .npmrc line uses it).

Why

Previously the unit_test job set NPM_TOKEN as an env var on the npm ci step, expecting npm to pick it up. It doesn't — npm only honours .npmrc entries that reference ${NPM_TOKEN}. The old docker-based workflow worked because each service repo's Dockerfile wrote .npmrc at image build time. On the runner there's no such step, so npm ci hits 401 Unauthorized against npm.pkg.github.com for private @CoolBitX-Technology packages.

Failing run that surfaced this: https://github.com/CoolBitX-Technology/cp-user-registration/actions/runs/25309932225/job/74194197241

npm error code E401
npm error 401 Unauthorized - GET https://npm.pkg.github.com/download/@CoolBitX-Technology/eslint-config-cp/...
- authentication token not provided

Test Plan

  • 重跑 cp-user-registration 那條 branch 的 CI,確認 unit_test job 通過 npm ci 並進入 npm test
  • 確認 build_image job 行為不變(artifact 仍正常上傳)
  • 在另一個 service repo 試跑一次以避免 cp-user-registration 特例

Related

PR Summary by Typo

Overview

This PR addresses an issue in the CI pipeline where npm authentication was not properly configured before dependency installation, causing npm ci to fail when accessing private packages.

Key Changes

  • A new step has been added to the unit_test_than_build_image.yml GitHub Actions workflow to configure npm authentication.
  • This step writes the DEVOPS_READ_PACKAGE_TOKEN to the .npmrc file, ensuring authentication is set up before npm ci runs.

Work Breakdown

Category Lines Changed
New Work 3 (75.0%)
Rework 1 (25.0%)
Total Changes 4
To turn off PR summary, please visit Notification settings.

The unit_test job exposed NPM_TOKEN as an env var, but npm itself
does not read NPM_TOKEN — it expects an `.npmrc` line that
references `${NPM_TOKEN}`. The old docker-based workflow worked
because each service repo's Dockerfile wrote `.npmrc` at image
build time; on the runner there is no such step, so `npm ci` hit
401 Unauthorized against npm.pkg.github.com for private
@CoolBitX-Technology packages.

Add a `Configure npm auth` step that appends the GitHub Packages
auth line to ~/.npmrc before `npm ci` runs, matching the
Dockerfile's behavior.

Verified against the failing run from cp-user-registration:
https://github.com/CoolBitX-Technology/cp-user-registration/actions/runs/25309932225/job/74194197241

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@typo-app

typo-app Bot commented May 4, 2026

Copy link
Copy Markdown

Static Code Review 📊

✅ All quality checks passed!

@typo-app typo-app Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI Code Review 🤖

Files Reviewed: 1
Comments Added: 0
Lines of Code Analyzed: 5
Critical Issues: 0

PR Health: Excellent 🔥

Give 👍 or 👎 on each review comment to help us improve.

@and2352000 and2352000 merged commit 8108086 into master May 4, 2026
6 of 10 checks passed
@and2352000 and2352000 deleted the fix/CW-28153-npm-auth-on-runner branch May 4, 2026 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants