Building and testing Node.js

The starter workflow template configures jobs to run on Linux, using the GitHub-hosted ubuntu-latest runners. You can change the runs-on key to run your jobs on a different operating system. For example, you can use the GitHub-hosted Windows runners.

runs-on: windows-latest

Or, you can run on the GitHub-hosted macOS runners.

runs-on: macos-latest

You can also run jobs in Docker containers, or you can provide a self-hosted runner that runs on your own infrastructure. For more information, see "Workflow syntax for GitHub Actions."

The easiest way to specify a Node.js version is by using the setup-node action provided by GitHub. For more information see, setup-node.

The setup-node action takes a Node.js version as an input and configures that version on the runner. The setup-node action finds a specific version of Node.js from the tools cache on each runner and adds the necessary binaries to PATH, which persists for the rest of the job. Using the setup-node action is the recommended way of using Node.js with GitHub Actions because it ensures consistent behavior across different runners and different versions of Node.js. If you are using a self-hosted runner, you must install Node.js and add it to PATH.

The template includes a matrix strategy that builds and tests your code with four Node.js versions: 10.x, 12.x, 14.x, and 15.x. The 'x' is a wildcard character that matches the latest minor and patch release available for a version. Each version of Node.js specified in the node-version array creates a job that runs the same steps.

Each job can access the value defined in the matrix node-version array using the matrix context. The setup-node action uses the context as the node-version input. The setup-node action configures each job with a different Node.js version before building and testing code. For more information about matrix strategies and contexts, see "Workflow syntax for GitHub Actions" and "Context and expression syntax for GitHub Actions."

Alternatively, you can build and test with exact Node.js versions.

Or, you can build and test using a single version of Node.js too.

If you don't specify a Node.js version, GitHub uses the environment's default Node.js version. For more information, see "Specifications for GitHub-hosted runners".

GitHub-hosted runners have npm and Yarn dependency managers installed. You can use npm and Yarn to install dependencies in your workflow before building and testing your code. The Windows and Linux GitHub-hosted runners also have Grunt, Gulp, and Bower installed.

When using GitHub-hosted runners, you can also cache dependencies to speed up your workflow. For more information, see "Caching dependencies to speed up workflows."

This example installs the dependencies defined in the package.json file. For more information, see npm install.

Using npm ci installs the versions in the package-lock.json or npm-shrinkwrap.json file and prevents updates to the lock file. Using npm ci is generally faster than running npm install. For more information, see npm ci and "Introducing npm ci for faster, more reliable builds."

This example installs the dependencies defined in the package.json file. For more information, see yarn install.

Alternatively, you can pass --frozen-lockfile to install the versions in the yarn.lock file and prevent updates to the yarn.lock file.

You can use the setup-node action to create a local .npmrc file on the runner that configures the default registry and scope. The setup-node action also accepts an authentication token as input, used to access private registries or publish node packages. For more information, see setup-node.

To authenticate to your private registry, you'll need to store your npm authentication token as a secret. For example, create a repository secret called NPM_TOKEN. For more information, see "Creating and using encrypted secrets."

In this example, the secret NPM_TOKEN stores the npm authentication token. The setup-node action configures the .npmrc file to read the npm authentication token from the NODE_AUTH_TOKEN environment variable. When using the setup-node action to create an .npmrc file, you must set the NODE_AUTH_TOKEN environment variable with the secret that contains your npm authentication token.

Before installing dependencies, use the setup-node action to create the .npmrc file. The action has two input parameters. The node-version parameter sets the Node.js version, and the registry-url parameter sets the default registry. If your package registry uses scopes, you must use the scope parameter. For more information, see npm-scope.

This example creates an .npmrc file with the following contents:

//registry.npmjs.org/:_authToken=${NODE_AUTH_TOKEN}
@octocat:registry=https://registry.npmjs.org/
always-auth=true

When using GitHub-hosted runners, you can cache dependencies using a unique key, and restore the dependencies when you run future workflows using the cache action. For more information, see Caching dependencies to speed up workflows and the cache action.

You can use the same commands that you use locally to build and test your code. For example, if you run npm run build to run build steps defined in your package.json file and npm test to run your test suite, you would add those commands in your workflow file.

You can save artifacts from your build and test steps to view after a job completes. For example, you may need to save log files, core dumps, test results, or screenshots. For more information, see "Persisting workflow data using artifacts."

You can configure your workflow to publish your Node.js package to a package registry after your CI tests pass. For more information about publishing to npm and GitHub Packages, see "Publishing Node.js packages."