CI/CD problems with private npm registry

[d0rich]

Hello,

 

I want to use GSAP in design system based on Nuxt 3 (https://github.com/d0rich/nuxt-design-system) for my personal projects. So I configured CI/CD pipeline, which publish this design system on NPM. The idea was to install free GSAP if you have no configured authorization for private registry.

 

Problems started when I tried to install a private package on Netlify for test deployment (and later I have created small GitHub Action for test). I tried to install free GSAP with postinstall script (https://github.com/d0rich/nuxt-design-system/blob/master/fallbackDependencies.mjs), so I thought the problem was in it. And actually, first iterations of this script were really problematic, but later I made it work.

 

What was strange, it worked only in GitHub Actions. Netlify wasn't able to install private repository because of error 403. I thought "OK, I will never use Netlify, because it is glitchy" (it seems I was wrong). Then I made postinstall script really simple, so it worked on both GitHub Actions and Netlify. And I thought it was the end of adventure.

 

Previous steps took for about 3 days to solve. And results were differently strange in different time. Now I finished new update for my design system and I see that test in GitHub Action is failed, Netlify failed again. I rerun GitHub Action with test for previously successful commit - it also failed.

 

Successful commit: https://github.com/d0rich/nuxt-design-system/commit/087ea7a9bb31062a54da4090880ad97a560f2e74

Successful test: https://github.com/d0rich/nuxt-design-system/actions/runs/4524606995/jobs/7968554631

Failed test: https://github.com/d0rich/nuxt-design-system/actions/runs/4526640545/jobs/7971949177

 

Installation from private repository worked differently in same environments, but in different time.

 

So now I 90% sure that problem is in GSAP private repository, not in GitHub Actions or Netlify. Are there some limitations for single token? Can you please find the source of the problem? help me to deal with it?

[GreenSock]

I personally have zero experience with all that, so I probably can't be of much help but perhaps these links will be useful(?):

https://blog.privjs.com/article/how-to-install-club-greensock-packages-on-netlify

 

I'll ping @Prasanna for some help (he's our resident private repo expert).

[d0rich]

Thank you, actually, I've already tried these solutions. To summarize, I feel like installation ability of private GSAP depends only on time (or some registry internal reasons).

 

I think that some kind of logs of download attempts would be useful. GitHub Actions and Netlify might use my token, so it can be useful during filtering. 

[d0rich]

Update: I rerun the same build now and it successfully worked. You might can't see details in logs, but non-experimental builds fail on test, which checks if installed GSAP have paid MorphSVG plugin (https://github.com/d0rich/nuxt-design-system/blob/master/tests/GSAP.spec.ts).

 

https://github.com/d0rich/nuxt-design-system/actions/runs/4529460467/jobs/7977234253

 

I still expect similar problems in future and hope to find a reason.

 

[d0rich]

@Prasanna This problem still appears from time to time