R
Railwayβ€’14mo ago
CyrilChandelier

Github personal access token stopped working using yarn/npm install

I have a NodeJS project that uses yarn to resolve dependencies. One notable feature of my config is that one of the package is a private repo and the resolve downloads the package using a Github Personal Access Token, something like: 
dependencies: {
    "xxx": "https://[email protected]/yyy/zzz#main",
    ...
}
dependencies: {
    "xxx": "https://[email protected]/yyy/zzz#main",
    ...
}
This was working last Friday, but it stopped working today. I'm now seeing yarn error code 128 in the deploy logs with not much more information. The yarn install works locally, but fails on Railway. I tried to migrate to npm instead of yarn, same error. Same here, the npm install works locally, but fails on Railway. I verified the validity of my personal access token, it's valid. I even generated a new one to try but that didn't work either. I tried to redeploy the last build that passed on Friday, it now fails, so something definitely changed in between this last build and now. I'm running out of ideas, I would appreciate some help. Thanks.
17 Replies
Percy
Percyβ€’14mo ago
Project ID: 3a5ae89e-a2aa-4063-8520-b522f0318da9
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
project id: 3a5ae89e-a2aa-4063-8520-b522f0318da9
Brody
Brodyβ€’14mo ago
how do you supply the token to Railway?
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
it's hardcoded in the package.json
Brody
Brodyβ€’14mo ago
that's not ideal at all
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
indeed, but that's okay for now and the personal access token has very limited scope
Brody
Brodyβ€’14mo ago
can you set a service variable for the token and then have yarn use the environment variable?
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
I'm not sure I can do this from a JSON file (package.json) but I'll look; do you think it is possibly related to the issue, or unrelated just a better practice?
Brody
Brodyβ€’14mo ago
just better practice, unfortunately I can't help you if the method you choose is to hardcode a github token, wouldn't sit right with me
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
alright, after much fighting with OS incompatibilities, I found a way to move this access token to the environment variables πŸ‘
Brody
Brodyβ€’14mo ago
Awesome! please share how you've done it
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
I added a preinstall step during the yarn install that replaces the access token variable in the package.json with the actual value coming from the environment
Brody
Brodyβ€’14mo ago
nicely done
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
thanks; it's too much of a hack though, at some point I'll need to understand how to deal with private packages 
    "preinstall": "./preinstall.sh",
    "postinstall": "rm package.json; mv package.json.bak package.json",
    "preinstall": "./preinstall.sh",
    "postinstall": "rm package.json; mv package.json.bak package.json",
Brody
Brodyβ€’14mo ago
better than hardcoding the token for sure
CyrilChandelier
CyrilChandelierOPβ€’14mo ago
back to the original problem, are you aware of any change that happened between Friday and now that could break this?
Brody
Brodyβ€’14mo ago
I am not, sorry
Want results from more Discord servers?
Add your server