Merge pull request #561 from akv-platform/v-sdolin/yarn2

Add caveat for Yarn 2+ and private repos
This commit is contained in:
Marko Zivic 2022-08-22 09:03:30 +02:00 committed by GitHub
commit e954e15431
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -247,5 +247,25 @@ steps:
# `npm rebuild` will run all those post-install scripts for us. # `npm rebuild` will run all those post-install scripts for us.
- run: npm rebuild && npm run prepare --if-present - run: npm rebuild && npm run prepare --if-present
``` ```
### Yarn2 configuration
Yarn2 ignores both .npmrc and .yarnrc files created by the action, so before installing dependencies from the private repo it is necessary either to create or to modify existing yarnrc.yml file with `yarn config set` commands.
Below you can find a sample "Setup .yarnrc.yml" step, that is going to allow you to configure a private GitHub registry for 'my-org' organisation.
```yaml
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '14.x'
- name: Setup .yarnrc.yml
run: |
yarn config set npmScopes.my-org.npmRegistryServer "https://npm.pkg.github.com"
yarn config set npmScopes.my-org.npmAlwaysAuth true
yarn config set npmScopes.my-org.npmAuthToken $NPM_AUTH_TOKEN
env:
NPM_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }}
- name: Install dependencies
run: yarn install --immutable
```
NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation but in a different repository. NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation but in a different repository.