Surendhar Reddy

Private Github Packages

Over the past couple of weeks, I’ve been rewriting one of our internal apps, which we use to manage Grain’s order fulfillment. During this development, I’ve reused a lot of code and patterns that I’ve implemented in our customer-facing app earlier; it includes a lightweight promised based wrapper for fetch and other UI logic.

Few days into the development, I started releasing the duplications and thought it would be fun to modularize the reusable code and publish it as modules. I had some experience doing something similar with npm, but this time I wanted to do it with Github packages, mainly because we’ve been considering to move all of our workflows to Github.

Publishing code in public repositories as Github Packages is straightforward, and there are a ton of articles all over the internet to get us started. In our case, we wanted this to be in a private repository. To publish and consume the packages from private repositories wasn’t that obvious, and I haven’t found much documentation around it.

It wasn’t that complicated to sort it out and get our first package running for consumption, but I had to hack around to get it working. It was fun figuring out stuff and thought to share it with you all here.

Note: This guide assumes you already have code that is ready to be published and instructs you how to set up, distribute, and consume from Github Packages.

Publishing a package

Assuming you are in the root directory.

Update npm config

From the documentation;

npm gets its config settings from the command line, environment variables, and npmrc files

In this case, we’ll need to create (or update) the .npmrc file with registry details and enable access to the Github account.

Your .npmrc file should look like this;


Follow this guide to create a personal access token on Github

I’ve written a small script to get the job done. Execute the script with the right arguments to set up a config file with Github’s access token.

Publish package

From here, it’s the same as publishing any module, do npm publish, and see it come alive with the right version on your GitHub repository.

Consuming a package

In your application, before installing the project dependencies, you need to repeat the npm config setup and update registry details and enable access to the Github account.

Update npm config

It’s the same as what we did above, but this time, it’s in your application where you want to consume the package.

Install package

From here, it’s the same as installing any module, do yarn add <package-name> (or npm install <package-name>) depending on your package manager. You might have to update the npmrc file with the right registry.

Now what?

Automate the setup with Makefile

If you have done it correctly, the above setup works on your machine, and you will have to make it work for the rest of the team if multiple team members are collaborating on the module or the application. The easiest way to onboard your team members to this idea is to create a Makefile and automate the setup, but you need the script I shared above to get it working.

Here’s how the Makefile in our projects look;

	@echo "Setting up registry"
	sh ./ $(github-token)

Now, all your team members can get started by setting it up by running make github-token=$ setup in the root to start working on this package.

This exercise allowed us to set up a process in place to privately host and publish reusable code as Github packages and consume them across projects and hope it helps you do the same in some way.

Oh yeah, I found it challenging to find a boilerplate for the node Github package module. So, I created one with all the necessities. It’s on Github, please feel free to use it.

Let me know your thoughts and improvements to this setup, if any?