We Keep Coding

Error in github action while installing npm dependencies

I am trying to setup actions for NextJS app using the following yml file
name: Frontend Build
on: push
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
- uses: actions/setup-node#v3
with:
node-version: "18"
- run: |
cd frontend
npm ci
npm run build
but i get the error every time npm ci or npm install is run
It says :
Run cd frontend
npm ERR! code E401
npm ERR! Incorrect or missing password.
npm ERR! If you were trying to login, change your password, create an
npm ERR! authentication token or enable two-factor authentication then
npm ERR! that means you likely typed your password in incorrectly.
npm ERR! Please try again, or recover your password at:
npm ERR! https://www.npmjs.com/forgot
npm ERR!
npm ERR! If you were doing some other operation then your saved credentials are
npm ERR! probably out of date. To correct this please try logging in again with:
npm ERR! npm login
npm ERR! A complete log of this run can be found in:
npm ERR! /home/runner/.npm/_logs/2023-02-18T16_14_12_437Z-debug-0.log
Error: Process completed with exit code 1.
i did not see anyone setting password for public npm registry.
Thanks in advance

You have to create an .npmrc file with proper authToken when installing a secured dependencies.
name: "Create .npmrc"
run: |
echo "registry.npmjs.org/:_authToken=${NPM_TOKEN}" >> .npmrc
Then you can call npm install.

Github Actions failing to install a NPM and fails verification

Github Actions build script
name: Deploy
on:
push:
branches: [ "main" ]
jobs:
build_on_mac:
runs-on: macos-latest
steps:
- uses: actions/checkout#v3
with:
persist-credentials: false
- name: Use HTTP
run: >
git config --global url."https://github.com".insteadOf ssh://git#github.com
- uses: actions/setup-node#v3
with:
node-version: 14
- name: install dependencies
run: npm install
It keeps falling for a particular package randomly.. worked 1 out of 10 times
npm WARN tarball tarball data for buble#git+ssh://git#github.com/pemrouz/buble.git#4e639aeeb64712ac95dc30a52750d1ee4432c9c8 (sha512-vBjSU8v5gODqXVUvlpgEzjtSMXz2Am8Yh7O1PUZmx6DAzKWT1CrYm5azoYhAGLCWOlkd4aN6LEOCZ+dgVt2rFA==) seems to be corrupted. Trying one more time.
7
npm ERR! Verification failed while extracting buble#git+ssh://git#github.com/pemrouz/buble.git#4e639aeeb64712ac95dc30a52750d1ee4432c9c8:
2895
npm ERR! sha512-vBjSU8v5gODqXVUvlpgEzjtSMXz2Am8Yh7O1PUZmx6DAzKWT1CrYm5azoYhAGLCWOlkd4aN6LEOCZ+dgVt2rFA== integrity checksum failed when using sha512: wanted sha512-vBjSU8v5gODqXVUvlpgEzjtSMXz2Am8Yh7O1PUZmx6DAzKWT1CrYm5azoYhAGLCWOlkd4aN6LEOCZ+dgVt2rFA== but got sha512-J+yRnScDV19Vr5+C8D5IJiIN2auC9t54tYpJmeqVxgyIyJQmF95mqBwBXzXKyvIH9aZvY6RlQqtMsQm0gdH7UQ==. (801561 bytes)
2635
So the problem is that when package-lock.json is generated locally it has
sha512-vBjSU8v5gODqXVUvlpgEzjtSMXz2Am8Yh7O1PUZmx6DAzKWT1CrYm5azoYhAGLCWOlkd4aN6LEOCZ+dgVt2rFA==
But when getting downloaded by actions it is
sha512-J+yRnScDV19Vr5+C8D5IJiIN2auC9t54tYpJmeqVxgyIyJQmF95mqBwBXzXKyvIH9aZvY6RlQqtMsQm0gdH7UQ==
Workaround is to replace the SHA in GitHub with expected one which allows build to complete but obviously that looks wrong..
So options I can think are
Can someone please tell me how to add this package permanently into build so that GitHub doesn't need to install it
Or how to fix this issue? It doesn't seem to want to take https:// and takes ssh://git#github.com . Not sure if that is causing anything
Also if I use the option to replace the SHA in package-lock.json then the publish fails with another error
Publish Action
name: Release
on:
release:
types:
- created
jobs:
publish_on_mac:
runs-on: macos-latest
steps:
- uses: actions/checkout#v3
with:
persist-credentials: false
- name: HTTPS
run: >
git config --global url."https://github.com".insteadOf ssh://git#github.com
- uses: actions/setup-node#v3
with:
node-version: 14
- name: install dependencies
run: npm install
- name: publish
run: npm run publish
Error
npm ERR! /usr/local/bin/git ls-remote -h -t ssh://git#github.com/pemrouz/buble.git
1226
npm ERR!
1227
npm ERR! Warning: Permanently added the ECDSA host key for IP address '140.xxx.xxx.xxx' to the list of known hosts.
1228
npm ERR! git#github.com: Permission denied (publickey).
1229
npm ERR! fatal: Could not read from remote repository.
1230
npm ERR!
1231
npm ERR! Please make sure you have the correct access rights
1232
npm ERR! and the repository exists.
1233
npm ERR!
1234
npm ERR! exited with error code: 128
How do we fix this as well?

GitHub action fails on npm ci

I have git action to run prettier(Code formatter). Below is the format.yml file of git action.
name: Format code with prettier
on:
push:
branches-ignore:
- master
jobs:
format:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v2
# Install NPM dependencies, cache them correctly
- name: Run prettier
run: |
npm ci
npm run prettier-check
The error that I am getting is listed below.
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'react-lottie#1.2.3',
npm WARN EBADENGINE required: { npm: '^3.0.0' },
npm WARN EBADENGINE current: { node: 'v16.13.0', npm: '8.1.0' }
npm WARN EBADENGINE }
...
npm ERR! code 1
npm ERR! path /home/runner/work/Web/node_modules/node-sass
npm ERR! command failed
npm ERR! command sh -c node scripts/build.js
npm ERR! Building: /usr/local/bin/node /home/runner/work/Web/node_modules/node-gyp/bin/node-gyp.js rebuild --verbose --libsass_ext= --libsass_cflags= --libsass_ldflags= --libsass_library=
npm ERR! make: Entering directory '/home/runner/work/Web/node_modules/node-sass/build'
npm ERR! g++ '-DNODE_GYP_MODULE_NAME=libsass' '-DUSING_UV_SHARED=1' '-DUSING_V8_SHARED=1' '-DV8_DEPRECATION_WARNINGS=1' '-DV8_DEPRECATION_WARNINGS' '-DV8_IMMINENT_DEPRECATION_WARNINGS' '-D_GLIBCXX_USE_CXX11_ABI=1' '-D_LARGEFILE_SOURCE' '-D_FILE_OFFSET_BITS=64' '-D__STDC_FORMAT_MACROS' '-DOPENSSL_NO_PINSHARED' '-DOPENSSL_THREADS' '-DLIBSASS_VERSION="3.5.5"' -I/home/runner/.node-gyp/16.13.0/include/node -I/home/runner/.node-gyp/16.13.0/src -I/home/runner/.node-gyp/16.13.0/deps/openssl/config -I/home/runner/.node-gyp/16.13.0/deps/openssl/openssl/include -I/home/runner/.node-gyp/16.13.0/deps/uv/include -I/home/runner/.node-gyp/16.13.0/deps/zlib -I/home/runner/.node-gyp/16.13.0/deps/v8/include -I../src/libsass/include -fPIC -pthread -Wall -Wextra -Wno-unused-parameter -m64 -O3 -fno-omit-frame-pointer -std=gnu++14 -std=c++0x -fexceptions -frtti -MMD -MF ./Release/.deps/Release/obj.target/libsass/src/libsass/src/ast.o.d.raw -c -o Release/obj.target/libsass/src/libsass/src/ast.o ../src/libsass/src/ast.cpp
...
npm ERR! gyp verb extracted file from tarball include/node/uv/os390.h
npm ERR! gyp verb extracted file from tarball include/node/uv/posix.h
npm ERR! gyp verb extracted file from tarball include/node/uv/stdint-msvc2008.h
npm ERR! gyp verb extracted file from tarball include/node/uv/sunos.h
npm ERR! gyp verb extracted file from tarball include/node/uv/threadpool.h
npm ERR! gyp verb extracted file from tarball include/node/uv/unix.h
npm ERR! gyp verb extracted file from tarball include/node/uv/win.h
npm ERR! gyp verb extracted file from tarball include/node/uv/errno.h
npm ERR! gyp verb extracted file from tarball include/node/uv/tree.h
npm ERR!
Error: Process completed with exit code 1.
Git action yml file used to work before. I haven't changed any version/package-lock file. Still, it is failing. Can anyone suggest a solution from the error log?

It seems you are running different node version in your githubAction.
Set up the same node version that you use local(e.g. 14) before to run npm ci:
- uses: actions/setup-node#v2
with:
node-version: '14'
- name: Run prettier
run: |
npm ci
npm run prettier-check
...

GitHub action in GitHub Enterprise giving 401 and 404s on npm packages

I am using semantic version action on my GitHub enterprise repository. It was working fine until recently, where it started failing with this error
Error: Command failed: npm ci --only=prod
npm ERR! code E401
npm ERR! Unable to authenticate, need: Basic realm="GitHub Package Registry"
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-08-23T10_41_00_344Z-debug.log
at ChildProcess.exithandler (child_process.js:295:12)
at ChildProcess.emit (events.js:210:5)
at maybeClose (internal/child_process.js:1021:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:283:5) {
killed: false,
code: 1,
signal: null,
cmd: 'npm ci --only=prod',
stdout: '',
stderr: 'npm ERR! code E401\n' +
'npm ERR! Unable to authenticate, need: Basic realm="GitHub Package Registry"\n' +
'\n' +
'npm ERR! A complete log of this run can be found in:\n' +
'npm ERR! /root/.npm/_logs/2021-08-23T10_41_00_344Z-debug.log\n'
The action I use is not expected to publish anything to GitHub Package Registry, maybe only read from Package Registry. So after googling I found this on SO and elsewhere - https://stackoverflow.com/a/63243950/1182982
So I updated my action to look like this now (I added the step: Setup node, it wasn't there before)
#===============================================================================
#=========================== Semamtic Version ==========================
#===============================================================================
semver:
name: Semantic Versioning
runs-on: [self-hosted, linux, x64]
steps:
- name: Setup node
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUBCOM_TOKEN }}" >> ~/.npmrc
echo "#yrshaikh:registry=https://npm.pkg.github.com" >> ~/.npmrc
echo 'registry "https://registry.yarnpkg.com"' >> ~/.yarnrc
- uses: actions/checkout#v2
- name: Semantic Release
id: semantic
# https://github.com/cycjimmy/semantic-release-action
uses: internal-front-end/semantic-release-action#v2
outputs:
new_release_published: ${{ steps.semantic.outputs.new_release_published }}
new_release_version: ${{ steps.semantic.outputs.new_release_version }}
Note, the GITHUBCOM_TOKEN I created using my github.com personal profile (And gave read packages/repo access) and OWNER_NAME in #yrshaikh:registry=https://npm.pkg.github.com I have filled in github.com user id.
After doing these changes the 401 authentication error has gone.
But I see a different error, which I have not been able to resolve -
Error: Command failed: npm --loglevel error ci --only=prod
npm ERR! code E404
npm ERR! 404 Not Found - GET https://npm.pkg.github.com/#actions%2fcore - npm package "core" does not exist under owner "actions"
npm ERR! 404
npm ERR! 404 '#actions/core#1.2.7' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-08-25T05_40_28_115Z-debug.log
at ChildProcess.exithandler (child_process.js:295:12)
at ChildProcess.emit (events.js:210:5)
at maybeClose (internal/child_process.js:1021:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:283:5) {
killed: false,
code: 1,
signal: null,
cmd: 'npm --loglevel error ci --only=prod',
stdout: '',
stderr: 'npm ERR! code E404\n' +
'npm ERR! 404 Not Found - GET https://npm.pkg.github.com/#actions%2fcore - npm package "core" does not exist under owner "actions"\n' +
'npm ERR! 404 \n' +
"npm ERR! 404 '#actions/core#1.2.7' is not in the npm registry.\n" +
'npm ERR! 404 You should bug the author to publish it (or use the name yourself!)\n' +
'npm ERR! 404 \n' +
'npm ERR! 404 Note that you can also install from a\n' +
'npm ERR! 404 tarball, folder, http url, or git url.\n' +
'\n' +
'npm ERR! A complete log of this run can be found in:\n' +
'npm ERR! /root/.npm/_logs/2021-08-25T05_40_28_115Z-debug.log\n'
}
Any help or direction will be appreciated.

There doesn't seem to be anything wrong about the ~/.npmrc:
#${OWNER}:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${TOKEN}
Have you tried to regenerate that personal access token? Be aware that these secrets also have scopes, so they may resolve in a private repository, but not necessarily a public repository.
$GITHUB_TOKEN may not have sufficient permissions; try adding a personal access token instead.
What does npm login --scope=#yrshaikh --registry=https://npm.pkg.github.com give?

react-scrips: not found - Azure DevOps build pipeline

I am trying to create a build pipeline in Azure DevOps for my create-react-app project. However, when I run it I am getting the below error message during the npm install and build job.
2020-11-16T16:38:47.9641910Z npm ERR! Only absolute URLs are supported
2020-11-16T16:38:47.9906864Z
2020-11-16T16:38:47.9908747Z npm ERR! A complete log of this run can be found in:
2020-11-16T16:38:47.9910292Z npm ERR! /home/vsts/.npm/_logs/2020-11-16T16_38_47_983Z-debug.log
2020-11-16T16:38:48.2879019Z
2020-11-16T16:38:48.2879989Z > allpointsui#1.0.0 build /home/vsts/work/1/s
2020-11-16T16:38:48.2881040Z > react-scripts build
2020-11-16T16:38:48.2881441Z
2020-11-16T16:38:48.2927383Z sh: 1: react-scripts: not found
2020-11-16T16:38:48.2967162Z npm ERR! code ELIFECYCLE
2020-11-16T16:38:48.2968631Z npm ERR! syscall spawn
2020-11-16T16:38:48.2969062Z npm ERR! file sh
2020-11-16T16:38:48.2971442Z npm ERR! errno ENOENT
2020-11-16T16:38:48.2983381Z npm ERR! allpointsui#1.0.0 build: `react-scripts build`
2020-11-16T16:38:48.2983876Z npm ERR! spawn ENOENT
2020-11-16T16:38:48.2984513Z npm ERR!
2020-11-16T16:38:48.2984827Z npm ERR! Failed at the allpointsui#1.0.0 build script.
2020-11-16T16:38:48.2985278Z npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
2020-11-16T16:38:48.3029598Z
2020-11-16T16:38:48.3032027Z npm ERR! A complete log of this run can be found in:
2020-11-16T16:38:48.3033461Z npm ERR! /home/vsts/.npm/_logs/2020-11-16T16_38_48_298Z-debug.log
2020-11-16T16:38:48.3150378Z ##[error]Bash exited with code '1'.
2020-11-16T16:38:48.3205602Z ##[section]Finishing: npm install and build
Here is my YAML file for the pipeline.
trigger:
-master
pool:
`vmImage: 'ubuntu-latest`
steps:
- task: NodeTool#0
inputs:
versionSpec: '10.x'
displayName: 'Install Node.js'
- script: |
npm install
npm run build
displayName: 'npm install and build'
- task: ArchiveFiles#2
inputs:
rootFolderOrFile: '$(Build.BinariesDirectory)'
includeRootFolder: true
archiveType: 'zip'
archiveFile: '$(Build.ArtifactStagingDirectory)/$(Build.BuildId).zip'
replaceExistingArchive: true
- task: PublishBuildArtifacts#1
inputs:
PathtoPublish: '$(Build.ArtifactStagingDirectory)'
ArtifactName: 'drop'
publishLocation: 'Container'
To resolve the error, I have tried doing npm i and npm audit fix which installed react-scripts4.0 but the error is still occurring. I have also seen a lot of people suggesting in other posts to delete the package-lock.json but we would prefer not do do that. Just another note: I can successfully run a build of the project on my local computer. Any suggestions or ideas of how to resolve this issue? Thank you in advance!

react-scrips: not found - Azure DevOps build pipeline
First, try to check if node_modules directory exists in the Azure repo, if yes, remove it and then run npm install and build.
Second, add the entire path in the package.json to invoke react-scripts:
"start": "node_modules/react-scripts/bin/react-scripts.js start"
Instead of just: "start": "react-scripts start".
If above not resolve your question, try to share your package.json in your question.