Unable to publish package

I’m fighting on getting a nuget package published into GPR. Actions keeps flipping between unknown response and 401, any advice to help me clear this hurdle would be awesome:


Run dotnet nuget push ../packages/*.nupkg --source "https://nuget.pkg.github.com/badgerowluke/index.json" -k ***
info : Pushing NOSQLORM.0.3.4-38-g320af3d.nupkg to 'https://nuget.pkg.github.com/badgerowluke'...
info :   PUT https://nuget.pkg.github.com/badgerowluke/
warn : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
info :   Unauthorized https://nuget.pkg.github.com/badgerowluke/ 436ms
error: Response status code does not indicate success: 401 (Unauthorized).
##[error]Process completed with exit code 1.
name: .NET Core

on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

jobs:
  build:

    runs-on: ubuntu-latest

    steps:

    - uses: actions/checkout@v2
      with:
        fetch-depth: 0
    - name: Setup .NET Core
      uses: actions/setup-dotnet@v1
      with:
        dotnet-version: 2.1.806

    - run: sed 's/TOKEN/${{secrets.GITHUB_TOKEN}}/'  ./nuget.config

    - name: Install dependencies
      run: dotnet restore

    - name: Build
      run: dotnet build --configuration Release --no-restore

    - name: Test
      run: dotnet test --no-restore --verbosity normal /p:CollectCoverage=true  /p:CoverletOutputFormat=cobertura   
    - name: get_version

      run: |
        echo ::set-env name=VERSION_TAG::$(git describe --tags)


    - name: package
      run: dotnet pack -p:PackageId=NOSQLORM -p:PackageVersion=$VERSION_TAG --configuration Release --no-restore -o "../../packages"

    - name: publish
      run: |

        dotnet nuget push ../packages/*.nupkg --source "https://nuget.pkg.github.com/badgerowluke/index.json" -k ${{ secrets.GITHUB_TOKEN }}

@badgerowluke,
I noticed the below step in your workflow,

- run: sed 's/TOKEN/${{secrets.GITHUB_TOKEN}}/'  ./nuget.config

looks like, you directly replace the TOKEN with the GITHUB_TOKEN secret in the nuget.config file.

In most cases, directly using the GITHUB_TOKEN secret in the config or setting files is not allowed. You need to set the GITHUB_TOKEN secret as an environment variable, then pass the environment variable into the config/setting files. Other secrets set in the GitHub repository are similar.
So, in your case, you can try like as below:

- name: Pass token
  run: sed 's/TOKEN/%GITHUB_TOKEN%/'  ./nuget.config
  env:
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

The following is a simple example as reference:


Thanks man! That helps a ton

1 Like