docs: Include warning when configuring token to install private packages
The distinction between `secrets.GITHUB_TOKEN` and `secrets.NPM_TOKEN` cost myself and a colleague numerous hours when we were trying to fix a GitHub Actions workflow which needed to install a private package from a different repository from our GitHub organisation. Given the issue dedicated to this point is closed, we should include a warning here to make it more clear why `secrets.GITHUB_TOKEN` will not work when passed to `npm ci`, in the presence of private packages from other GitHub Package repositories.pull/528/head
parent
cdcc53e14f
commit
24301fe9fb
|
@ -247,3 +247,5 @@ steps:
|
||||||
# `npm rebuild` will run all those post-install scripts for us.
|
# `npm rebuild` will run all those post-install scripts for us.
|
||||||
- run: npm rebuild && npm run prepare --if-present
|
- run: npm rebuild && npm run prepare --if-present
|
||||||
```
|
```
|
||||||
|
|
||||||
|
NOTE: As per https://github.com/actions/setup-node/issues/49 you cannot use `secrets.GITHUB_TOKEN` to access private GitHub Packages within the same organisation.
|
||||||
|
|
Loading…
Reference in New Issue