Jump to content
Search Community

CI/CD problems with private npm registry

d0rich test
Moderator Tag

Recommended Posts



I want to use GSAP in design system based on Nuxt 3 (https://github.com/d0rich/nuxt-design-system) for my personal projects. So I configured CI/CD pipeline, which publish this design system on NPM. The idea was to install free GSAP if you have no configured authorization for private registry.


Problems started when I tried to install a private package on Netlify for test deployment (and later I have created small GitHub Action for test). I tried to install free GSAP with postinstall script (https://github.com/d0rich/nuxt-design-system/blob/master/fallbackDependencies.mjs), so I thought the problem was in it. And actually, first iterations of this script were really problematic, but later I made it work.


What was strange, it worked only in GitHub Actions. Netlify wasn't able to install private repository because of error 403. I thought "OK, I will never use Netlify, because it is glitchy" (it seems I was wrong). Then I made postinstall script really simple, so it worked on both GitHub Actions and Netlify. And I thought it was the end of adventure.


Previous steps took for about 3 days to solve. And results were differently strange in different time. Now I finished new update for my design system and I see that test in GitHub Action is failed, Netlify failed again. I rerun GitHub Action with test for previously successful commit - it also failed.


Successful commit: https://github.com/d0rich/nuxt-design-system/commit/087ea7a9bb31062a54da4090880ad97a560f2e74

Successful test: https://github.com/d0rich/nuxt-design-system/actions/runs/4524606995/jobs/7968554631

Failed test: https://github.com/d0rich/nuxt-design-system/actions/runs/4526640545/jobs/7971949177


Installation from private repository worked differently in same environments, but in different time.


So now I 90% sure that problem is in GSAP private repository, not in GitHub Actions or Netlify. Are there some limitations for single token? Can you please find the source of the problem? help me to deal with it?

Link to comment
Share on other sites

Thank you, actually, I've already tried these solutions. To summarize, I feel like installation ability of private GSAP depends only on time (or some registry internal reasons).


I think that some kind of logs of download attempts would be useful. GitHub Actions and Netlify might use my token, so it can be useful during filtering. 

Link to comment
Share on other sites

Update: I rerun the same build now and it successfully worked. You might can't see details in logs, but non-experimental builds fail on test, which checks if installed GSAP have paid MorphSVG plugin (https://github.com/d0rich/nuxt-design-system/blob/master/tests/GSAP.spec.ts).




I still expect similar problems in future and hope to find a reason.


Link to comment
Share on other sites

  • 5 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...