getting a package from another Org Repo

[stacktick]

I feel like I have tried everything.

This is my scenario.

I want to create a new PR which is the result of checking out the repo the workflow is running it, and running npm install on that repo before creating the PR.
This all works fine but fails to pull the package which is located in another repo in our Enterprise Org.

e.g

  "dependencies": {
    "@my-org/common-code": "^0.1.01",
    "aws-cdk-lib": "2.231.0",
    "constructs": "^10.4.3"
  }

I am really struggling to understand how to set the token up to allow it to pull from @my-org/common-code

Any help would be greatly appreciated.

I am using version : gh aw version v0.58.1

This is my workflow file:

---
on:
  workflow_dispatch:
  issues:
    types: [opened, reopened]
permissions:
      contents: read
      issues: read
      pull-requests: read
engine: copilot
network:
  allowed:
    - defaults
checkout:
  fetch-depth: 1
  github-app:
      app-id: ${{ secrets.APP_ID }}
      private-key: ${{ secrets.APP_PRIVATE_KEY }}
      owner: MY-COMPANY   
tools:
  github:
    toolsets: [default]
    github-token: ${{ secrets.CROSS_REPO_GITHUB_TOKEN }}
  edit:
  bash: true
safe-outputs:
  create-pull-request:
    draft: true
    allowed-files:
      - *.json
---

# update app
1) increment the patch version (the X in 1.0.X) in package.json
2) run `npm install` to update the package-lock.json
3) raise a PR for this new branch
``

[pelikhan]

Is the firewall configured, you need to allow access to the "node" domains in the firewall. Are you sure this an agentic workflow?

[stacktick]

@pelikhan I just added the example gh aw I am running

[stacktick]

I used agentic-workflows.agent.md and it suggested creating a .npmrc file, but that did not work.

---
on:
  workflow_dispatch:
  issues:
    types: [opened, reopened]
permissions:
      contents: read
      issues: read
      pull-requests: read
engine: copilot
network:
  allowed:
    - node
checkout:
  fetch-depth: 1
  github-app:
      app-id: ${{ secrets.APP_ID }}
      private-key: ${{ secrets.APP_PRIVATE_KEY }}
      owner: MY_COMPANY
      repositories: ["asdf-repo","common-repo"]   
tools:
  github:
    toolsets: [default]
    github-token: ${{ secrets.PACKAGE_TOKEN }}
  edit:
  bash: true
steps:
  - name: Configure npm for GitHub Packages
    run: |
      echo "@my-company:registry=https://npm.pkg.github.com" > .npmrc
      echo "//npm.pkg.github.com/:_authToken=${{ secrets.PACKAGE_TOKEN }}" >> .npmrc
safe-outputs:
  create-pull-request:
    draft: true
    allowed-files:
      - *.json
---
# update app
1) increment the patch version (the X in 1.0.X) in package.json
2) run `npm install` to update the package-lock.json
3) raise a PR for this new branch