Install package from private GitHub repository with yarn - App Platform static site build fails - permission denied

Hi, my site has a dependency which is a private GitHub repository like this:

In package.json:
"dependencies": {
  "library": "myusername/library",

I’ve authorized Digital Ocean to access all my repositories but during the build, the library package cannot be retrieved, erroring with: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights

What I’ve tried:

What is the correct way of adding this library package dependency such that it can be fetched during build?

I’d really appreciate any help.


Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

This comment has been deleted

Same here :-/

Dependency’s repo access is explicitely authorized to DigitalOcean (I could deploy that repo as an app on its own) but when yarn/npm fetches it as a dependency, it fails to authenticate.

Using a Github token is a very crappy solution, as the token gives read/write access to all repos.

👋🏼 @dwf

I also did some googling and couldn’t find anything. Although I did find this workaround—check it out: It will let you store your GitHub access token in an environment variable.

Another option might be to mirror the packages to a private npm registry, and use yarnrc to read the credentials from an env var: