Home > Net >  GITHUB_TOKEN 403 forbidden when publishing a nuget package to GitHub packages
GITHUB_TOKEN 403 forbidden when publishing a nuget package to GitHub packages

Time:01-14

I followed these resources to setup a GitHub Actions workflow to build, test, and publish a dotnet library to GitHub packages:

These articles were really helpful, however I ran into a problem that none of them discussed:

Pushing MagicLibrary.0.1.3.nupkg to 'https://nuget.pkg.github.com/vivere-dally'... PUT https://nuget.pkg.github.com/vivere-dally/ warn : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. Forbidden https://nuget.pkg.github.com/vivere-dally/ 218ms error: Response status code does not indicate success: 403 (Forbidden).

This is my workflow file:

# This workflow will build a .NET project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net

name: Release

on:
  push:
    tags:
    - "v[0-9] .[0-9] .[0-9] "

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3

    - name: Verify commit exists in origin/main
      run: |
        git fetch --no-tags --prune --depth=1 origin  refs/heads/*:refs/remotes/origin/*
        git branch --remote --contains | grep origin/main
    
    - name: Set VERSION env var from tag
      run: echo "VERSION=${GITHUB_REF/refs\/tags\/v/}" >> $GITHUB_ENV
    

    - name: Setup .NET
      uses: actions/setup-dotnet@v3
      with:
        dotnet-version: 6.0.x

    - name: Restore dependencies
      run: dotnet restore
      working-directory: ./MagicLibrary

    - name: Build
      run: dotnet build --configuration Release /p:Version=${VERSION} --no-restore
      working-directory: ./MagicLibrary

    - name: Test
      run: dotnet test --configuration Release /p:Version=${VERSION} --no-build --verbosity normal
      working-directory: ./MagicLibrary

    - name: Pack
      run: dotnet pack --configuration Release /p:Version=${VERSION} --no-build --output .
      working-directory: ./MagicLibrary

    - name: Push
      run: dotnet nuget push MagicLibrary.${VERSION}.nupkg --source "https://nuget.pkg.github.com/vivere-dally/index.json" --api-key ${{ secrets.GITHUB_TOKEN }}
      working-directory: ./MagicLibrary

Why does the GITHUB_TOKEN not have the required permissions?

CodePudding user response:

By default, the GITHUB_TOKEN does not contain permissions required to publish a package. Add the following to your job:

  permissions:
    packages: write

See https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-nuget-registry#authenticating-in-a-github-actions-workflow

And https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow

Page link:https//www.codepudding.com/net/671931.html

Prev:Removing whitespace from string in C using pointer to pointer
Next:Invoke github composite action within same repo
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding