New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pull packages from GitHub private packages, return status: 401 Unauthorized and 'parent.relativePath' points at wrong local POM #602
Comments
It is very likely an access problem and not a setup-java problem (using solely my own experience with GHA and nothing specifically with setup-java). If you are targeting a packages repo other than the current/same repo (the action is running in) both repos or rather their access configurations need to work together. Packages functionality is by default per repo but you can target another repo which means an extra look at how permissions are setup between the repos. If you want to authenticate with a token you may need a server login to the package location:
A_TOKEN_WITH_PROPER_PERMISSIONS typically GITHUB_TOKEN but it depends. Most 401 and 403 often have to do with exactly what they say -> you have incorrect permissions for workflows, repos, actions, environments, packages. One way to try is to use a PAT for debugging purposes of course you will have to have proper access to all the places like admin for all repos involved but then the 401 and 403 often go away and you know that there is some permission issue within your workflows. |
Hello @ParryQiu |
UpdateI attempted to directly upload my settings.xml file (contains server id and auth info) and use the command Thus, could there be an issue with the following logic? Line 51 in 9704b39
|
I've created a PR for reference. |
Hello @ParryQiu, I have tried replicating the issue but couldn't do with given inputs. Could you please attach link to the build or public repository to reproduce the issue ? |
Hello @ParryQiu, Just touching base on this matter. It would be incredibly helpful if you could share a public repository for us to better understand and address the issue. By the way, issue #599 had a similar problem where missing write permissions for the PAT was the root cause. It may be worth checking if that's the case here as well. Thank you for your cooperation. |
Hello, thank you for the update. |
Description:
Attempting to configure an action to fetch packages from a repository within the same organization results in an authentication error.
The error is encountered when downloading dependencies from GitHub's Maven package repository.
Despite correct configuration, the process fails with a 401 Unauthorized status, indicating an issue with authentication.
Task version:
actions/setup-java@v4
Platform:
Runner type:
Repro steps:
Below is the YAML configuration for the GitHub Action used to deploy Maven packages upon a release event.
Additionally, here's the relevant section from the pom.xml file that specifies the repository configuration:
Expected behavior:
The action should successfully pull the required packages from the GitHub Maven repository without encountering authentication issues.
Actual behavior:
The action fails with a 401 Unauthorized error when attempting to fetch packages, indicating a failure in authentication.
The text was updated successfully, but these errors were encountered: