GitHub Action with private Swift Package

Hi community,

What’s the preferred way to access a private Swift Package (in the same org) from within a GitHub Action? The action doesn’t have access to this repo/package and so the run fails with the following message:

xcodebuild: error: Could not resolve package dependencies:
  Authentication failed because no credentials were provided.


– Flo

1 Like

To access the packages from GitHub Packages, you should login to GitHub Packages at first.

For example:

  • If Docker package, you can execute the following command to login: docker login -u USERNAME -p TOKEN
  • If npm package, you can execute the following command to login: npm-cli-login -r -u USERNAME -p TOKEN -e EMAIL (if npm-cli-login is not installed, execute npm install -g npm-cli-login to install it).

When the packages are published on the same repository where the workflow is hosted, you can use the GITHUB_TOKEN to authenticate. If on different repository, you need to add a PAT with more scopes and set it as a secret in the workflow repository.

More details about GitHub Packages, you can reference here:

Thanks for your reply. We don’t use GitHub Packages. It’s just a simple repo containing a Swift Package (as in Swift Package Manager or SPM). And from what I see on the GitHub Packages website, this doesn’t even support Swift Packages, does it?

Maybe you can try to checkout/clone the resource of your Swift Package from the repository when you want to use the package in the workflow on another repository.

In the workflow, you can use the checkout action or git clone command to checkout/clone your Swift Package repository into the specific directory under the workspace of the workflow.

And if the Swift Package is a dependence of the main project repository where the workflow is hosted, you also can consider to set the Swift Package repository as a submodule of the main project repository, and every time after you checkout the main project repository to the workspace, you can run the git commands to checkout the submodule to workspace.

Hey, did you happen to find an answer to this question?

We have a github action setup for our swift package and the action is failing because it cannot clone the second swift package that the first swift package depends on.

I faced the same issue and tried to set up a custom ssh key on a runner using but unfortunately, it didn’t work.

For anyone who wondering SPM (Swift Package Manager) can deal with private packages (in our case private git repositories) by setting local .ssh directory with the proper key and config. For some reason, it doesn’t work when running from a GitHub workflow. I always get error

Permission denied (publickey). Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.