GitHub packages not found when restored from GitHub Actions

I have two dotnet core GitHub private repositories:

  • Repository B publish nuget packages to GitHub packages repository (private).
  • Repository A consumes nuget packages published by repository B from GitHub packages repository.

I have access to both repositories with full permissions and I’m able to build the dotnet core app from Repository A by downloading nuget from GitHub packages repository after sign-in.

When I use GitHub Actions in CI/CD to build Repository A, it is not finding the packages published by Repository B (see trace below).

I’m using GITHUB_TOKEN for auth. My question is, what permission is needed for the oAuth token to get read access to packages from repository B and where to set it in the GitHub UI?

NotFound https://nuget.pkg.github.com/mycompany/download/foo.net/index.json 116ms

@gopala000 ,

In Repository A, when you use GITHUB_TOKEN to authenticate in the workflow, it is a correct behavior that you can’t access the packages from Repository B.
You can see the explanation from the docs about authenticating with the GITHUB_TOKEN:

The permissions of GITHUB_TOKEN are limited to the repository that contains your workflow.

So, if you need a token that requires permissions that aren’t available in the GITHUB_TOKEN , you can create a personal access token and set it as a secret in your repository.