Skip to content
actions

GitHub Action

Setup Node.js environment

v4.0.4 Latest version

Setup Node.js environment

actions

Setup Node.js environment

Setup a Node.js environment by adding problem matchers and optionally downloading and adding it to the PATH

Installation

Copy and paste the following snippet into your .yml file.

              

- name: Setup Node.js environment

uses: actions/setup-node@v4.0.4

Learn more about this action in actions/setup-node

Choose a version

setup-node

basic-validation versions e2e-cache proxy

This action provides the following functionality for GitHub Actions users:

  • Optionally downloading and caching distribution of the requested Node.js version, and adding it to the PATH
  • Optionally caching npm/yarn/pnpm dependencies
  • Registering problem matchers for error output
  • Configuring authentication for GPR or npm

Usage

See action.yml

- uses: actions/setup-node@v4
  with:
    # Version Spec of the version to use in SemVer notation.
    # It also admits such aliases as lts/*, latest, nightly and canary builds
    # Examples: 12.x, 10.15.1, >=10.15.0, lts/Hydrogen, 16-nightly, latest, node
    node-version: ''

    # File containing the version Spec of the version to use.  Examples: package.json, .nvmrc, .node-version, .tool-versions.
    # If node-version and node-version-file are both provided the action will use version from node-version. 
    node-version-file: ''

    # Set this option if you want the action to check for the latest available version 
    # that satisfies the version spec.
    # It will only get affect for lts Nodejs versions (12.x, >=10.15.0, lts/Hydrogen). 
    # Default: false
    check-latest: false

    # Target architecture for Node to use. Examples: x86, x64. Will use system architecture by default.
    # Default: ''. The action use system architecture by default 
    architecture: ''

    # Used to pull node distributions from https://github.com/actions/node-versions. 
    # Since there's a default, this is typically not supplied by the user. 
    # When running this action on github.com, the default value is sufficient. 
    # When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting.
    #
    # We recommend using a service account with the least permissions necessary. Also
    # when generating a new PAT, select the least scopes necessary.
    #
    # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
    #
    # Default: ${{ github.server_url == 'https://github.com' && github.token || '' }}
    token: ''

    # Used to specify a package manager for caching in the default directory. Supported values: npm, yarn, pnpm.
    # Package manager should be pre-installed
    # Default: ''
    cache: ''

    # Used to specify the path to a dependency file: package-lock.json, yarn.lock, etc. 
    # It will generate hash from the target file for primary key. It works only If cache is specified.  
    # Supports wildcards or a list of file names for caching multiple dependencies.
    # Default: ''
    cache-dependency-path: ''

    # Optional registry to set up for auth. Will set the registry in a project level .npmrc and .yarnrc file, 
    # and set up auth to read in from env.NODE_AUTH_TOKEN.
    # Default: ''
    registry-url: ''

    # Optional scope for authenticating against scoped registries. 
    # Will fall back to the repository owner when using the GitHub Packages registry (https://npm.pkg.github.com/).
    # Default: ''
    scope: ''

    # Set always-auth option in npmrc file.
    # Default: ''
    always-auth: ''

Basic:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
  with:
    node-version: 18
- run: npm ci
- run: npm test

The node-version input is optional. If not supplied, the node version from PATH will be used. However, it is recommended to always specify Node.js version and don't rely on the system one.

The action will first check the local cache for a semver match. If unable to find a specific version in the cache, the action will attempt to download a version of Node.js. It will pull LTS versions from node-versions releases and on miss or failure will fall back to the previous behavior of downloading directly from node dist.

For information regarding locally cached versions of Node.js on GitHub hosted runners, check out GitHub Actions Runner Images.

Supported version syntax

The node-version input supports the Semantic Versioning Specification, for more detailed examples please refer to the semver package documentation.

Examples:

  • Major versions: 18, 20
  • More specific versions: 10.15, 16.15.1 , 18.4.0
  • NVM LTS syntax: lts/erbium, lts/fermium, lts/*, lts/-n
  • Latest release: * or latest/current/node

Note: Like the other values, * will get the latest locally-cached Node.js version, or the latest version from actions/node-versions, depending on the check-latest input.

current/latest/node always resolve to the latest dist version. That version is then downloaded from actions/node-versions if possible, or directly from Node.js if not. Since it will not be cached always, there is possibility of hitting rate limit when downloading from dist

Checking in lockfiles

It's always recommended to commit the lockfile of your package manager for security and performance reasons. For more information consult the "Working with lockfiles" section of the Advanced usage guide.

Caching global packages data

The action has a built-in functionality for caching and restoring dependencies. It uses actions/cache under the hood for caching global packages data but requires less configuration settings. Supported package managers are npm, yarn, pnpm (v6.10+). The cache input is optional, and caching is turned off by default.

The action defaults to search for the dependency file (package-lock.json, npm-shrinkwrap.json or yarn.lock) in the repository root, and uses its hash as a part of the cache key. Use cache-dependency-path for cases when multiple dependency files are used, or they are located in different subdirectories.

Note: The action does not cache node_modules

See the examples of using cache for yarn/pnpm and cache-dependency-path input in the Advanced usage guide.

Caching npm dependencies:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
  with:
    node-version: 20
    cache: 'npm'
- run: npm ci
- run: npm test

Caching npm dependencies in monorepos:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
  with:
    node-version: 20
    cache: 'npm'
    cache-dependency-path: subdir/package-lock.json
- run: npm ci
- run: npm test

Matrix Testing

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node: [ 14, 16, 18 ]
    name: Node ${{ matrix.node }} sample
    steps:
      - uses: actions/checkout@v4
      - name: Setup node
        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node }}
      - run: npm ci
      - run: npm test

Using setup-node on GHES

setup-node comes pre-installed on the appliance with GHES if Actions is enabled. When dynamically downloading Nodejs distributions, setup-node downloads distributions from actions/node-versions on github.com (outside of the appliance). These calls to actions/node-versions are made via unauthenticated requests, which are limited to 60 requests per hour per IP. If more requests are made within the time frame, then you will start to see rate-limit errors during downloading that looks like: ##[error]API rate limit exceeded for.... After that error the action will try to download versions directly from the official site, but it also can have rate limit so it's better to put token.

To get a higher rate limit, you can generate a personal access token on github.com and pass it as the token input for the action:

uses: actions/setup-node@v4
with:
  token: ${{ secrets.GH_DOTCOM_TOKEN }}
  node-version: 20

If the runner is not able to access github.com, any Nodejs versions requested during a workflow run must come from the runner's tool cache. See "Setting up the tool cache on self-hosted runners without internet access" for more information.

Advanced usage

License

The scripts and documentation in this project are released under the MIT License

Contributions

Contributions are welcome! See Contributor's Guide

Code of Conduct

👋 Be nice. See our code of conduct