Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Problems publishing using GitHub actions #173

Closed
ekrich opened this issue Jan 22, 2021 · 27 comments
Closed

Problems publishing using GitHub actions #173

ekrich opened this issue Jan 22, 2021 · 27 comments

Comments

@ekrich
Copy link
Contributor

ekrich commented Jan 22, 2021

Thank-you for having information and scripts for getting started with GitHub actions.

When pushing to a PR and using the script that follows I got the CI to run twice.
https://github.com/olafurpg/sbt-ci-release/blob/master/.github/workflows/ci.yml

I changed to do the following after poking around and it seems to run CI once. Sometime people add main to the branch as using master is now not considered a best practice. Future proofing I guess.
https://github.com/ekrich/sjavatime/blob/topic/scalanative/.github/workflows/ci.yml

I also wonder why in you use a different checkout version as used above in ci.yml?
https://github.com/ekrich/sjavatime/blob/topic/scalanative/.github/workflows/release.yml#L10
https://github.com/ekrich/sjavatime/blob/topic/scalanative/.github/workflows/ci.yml#L10

@ekrich
Copy link
Contributor Author

ekrich commented Jan 24, 2021

I also am having problems doing a release. Here is the output.
https://github.com/ekrich/sjavatime/runs/1755908775?check_suite_focus=true

@ekrich
Copy link
Contributor Author

ekrich commented Jan 25, 2021

I am getting an error that starts like the following:

[error] java.net.ProtocolException: Server redirected too many  times (20)
[error] 	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
[error] 	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
[error] 	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
[error] 	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
[error] 	at sun.net.www.protocol.http.HttpURLConnection$10.run(HttpURLConnection.java:1950)
[error] 	at sun.net.www.protocol.http.HttpURLConnection$10.run(HttpURLConnection.java:1945)
[error] 	at java.security.AccessController.doPrivileged(Native Method)

@ekrich
Copy link
Contributor Author

ekrich commented Jan 26, 2021

I have some more info so we should be able to edit the docs and good but perhaps if secrets are not found the plugin should error right away?

Solved but we may be able to make it easier for the next victim.

I put the secrets in the environment and apparently you need to select the following:
Settings -> Secrets -> New repository secret for each environment variable.

Interestingly the errors for a non-SNAPSHOT deploy are different than above.
https://github.com/ekrich/sjavatime/runs/1771941654?check_suite_focus=true

[info] gpg: no default secret key: secret key not available
[info] gpg: signing failed: secret key not available
[info] done compiling
[info] gpg: no default secret key: secret key not available
[info] gpg: signing failed: secret key not available
[error] java.lang.RuntimeException: Failure running 'gpg --batch --passphrase  --detach-sign --armor --use-agent --output /home/runner/work/sjavatime/sjavatime/sjavatime/native/target/scala-2.11/sjavatime_native0.4_2.11-1.1.0.pom.asc /home/runner/work/sjavatime/sjavatime/sjavatime/native/target/scala-2.11/sjavatime_native0.4_2.11-1.1.0.pom'.  Exit code: 2
[error] 	at scala.sys.package$.error(package.scala:30)
[error] 	at com.jsuereth.sbtpgp.CommandLineGpgSigner.sign(PgpSigner.scala:74)
[error] 	at com.jsuereth.sbtpgp.PgpSettings$.$anonfun$signingSettings$2(PgpSettings.scala:151)
[error] 	at scala.collection.TraversableLike.$anonfun$flatMap$1(TraversableLike.scala:292)
[error] 	at scala.collection.immutable.Map$Map4.foreach(Map.scala:431)

@ekrich ekrich changed the title GitHub actions questions Problems publishing using GitHub actions Jan 28, 2021
@keynmol
Copy link

keynmol commented Feb 12, 2021

I agree the erroring should be more explicit.

Just had the same Server redirected too many times issue and it took me a while to figure out that I didn't share the secrets properly.

Looking at the plugin code, it seems like most of the work is happening when delegating to sbt-pgp/sbt-sonatype, so I think this needs to be fixed in there.

sbt-ci-release can detect absence of variables early, but I'm not 100% certain that there's a finite set of configurations one can check in which absence of particular env variables is a surefire stop condition.

@ekrich
Copy link
Contributor Author

ekrich commented Feb 13, 2021

This doesn't fix the error reporting but make the directions better - #174

@fugafree
Copy link

Hello! I had the same problem when updated to 1.5.6: gpg: signing failed: secret key not available (with GitHub Actions)
But it it turned out that with 1.5.5 and 1.5.7 both has this error. My fault was some misconfigured secret: the base64 decrypt failed because it was not base64 encoded. I don't know how because previously it worked. The solution was to remove and add again the GPG secrets.
Anyway, it works now with 1.5.7.

@amitksingh1490
Copy link

I am also facing this issue, I have checked the secrets they are correct I have tried versions 1.5.6 and 1.5.7 both are giving the same error.
https://github.com/dream11/zio-http/runs/2236705700
Is there any env variable I should pass when my sonatype host is https://s01.oss.sonatype.org/ instead of https://oss.sonatype.org/

@keynmol
Copy link

keynmol commented Mar 31, 2021

@amitksingh1490 afaik this plugin delegates to sbt-sonatype. You can configure the host like this (according to documentation:

// For all Sonatype accounts created on or after February 2021
ThisBuild / sonatypeCredentialHost := "s01.oss.sonatype.org"

@amitksingh1490
Copy link

@amitksingh1490 afaik this plugin delegates to sbt-sonatype. You can configure the host like this (according to documentation:

// For all Sonatype accounts created on or after February 2021
ThisBuild / sonatypeCredentialHost := "s01.oss.sonatype.org"

I have already tried this still getting the error

@amitksingh1490
Copy link

@amitksingh1490 afaik this plugin delegates to sbt-sonatype. You can configure the host like this (according to documentation:

// For all Sonatype accounts created on or after February 2021
ThisBuild / sonatypeCredentialHost := "s01.oss.sonatype.org"

adding the sonaTypecredetialHost in project settings solves the issue

@minettiandrea
Copy link

I've added to my build.sbt

// For all Sonatype accounts created on or after February 2021
ThisBuild / sonatypeCredentialHost := "s01.oss.sonatype.org"

But I keep getting:

2021-04-23 09:05:56.662Z  info [SonatypeService] sonatypeRepository  : https://oss.sonatype.org/service/local  - (SonatypeService.scala:23)

And at the end I get this error:

2021-04-23 09:05:59.719Z error [Sonatype] [MISSING_PROFILE] Profile com.boxframework is not found. Check your sonatypeProfileName setting in build.sbt  - (Sonatype.scala:425)

But citing Central OSSRH:

com.boxframework has been prepared, now user(s) minettiandrea can:
Publish snapshot and release artifacts to https://s01.oss.sonatype.org

@amitksingh1490
Copy link

amitksingh1490 commented Apr 23, 2021

I've added to my build.sbt

// For all Sonatype accounts created on or after February 2021
ThisBuild / sonatypeCredentialHost := "s01.oss.sonatype.org"

But I keep getting:

2021-04-23 09:05:56.662Z  info [SonatypeService] sonatypeRepository  : https://oss.sonatype.org/service/local  - (SonatypeService.scala:23)

And at the end I get this error:

2021-04-23 09:05:59.719Z error [Sonatype] [MISSING_PROFILE] Profile com.boxframework is not found. Check your sonatypeProfileName setting in build.sbt  - (Sonatype.scala:425)

But citing Central OSSRH:

com.boxframework has been prepared, now user(s) minettiandrea can:
Publish snapshot and release artifacts to https://s01.oss.sonatype.org

I added these three settings in the project I want to publish for and, it worked

sonatypeCredentialHost := "s01.oss.sonatype.org",
sonatypeRepository := "https://s01.oss.sonatype.org/service/local",
sonatypeProfileName := "io.d11",

@minettiandrea
Copy link

Yes, I've tried that as well, but still getting the same issue, I found out that it works "fine" (with some strange version) in PR but not tagging a commit in master.

The repository is here: https://github.com/Insubric/box

@amitksingh1490
Copy link

amitksingh1490 commented Apr 26, 2021

Yes, I've tried that as well, but still getting the same issue, I found out that it works "fine" (with some strange version) in PR but not tagging a commit in master.

The repository is here: https://github.com/Insubric/box

In your repo I can see your snapshot release is working fine but tagged/Stable release is not working might be a issue with signing your build. Verify these steps again https://github.com/olafurpg/sbt-ci-release#gpg.
Please check your PGP_SECRET, make sure it is, base64 encoded secret of your private key NOT Public key, check the sonatype username and password.

@minettiandrea
Copy link

Since it works on PR I exclude it may be an authentication issue

@amitksingh1490
Copy link

Since it works on PR I exclude it may be an authentication issue

PGP_SECRET can be the issue since signing is not done on PR

@Kalin-Rudnicki
Copy link

I have tried all of these settings, and github actions still says

2021-07-19 22:38:17.521Z  info [SonatypeService] sonatypeRepository  : https://oss.sonatype.org/service/local  - (SonatypeService.scala:23)
    sonatypeCredentialHost := "s01.oss.sonatype.org",
    sonatypeRepository := "https://s01.oss.sonatype.org/service/local",
    sonatypeProfileName := "io.github.kalin-rudnicki",
    publishTo := {
      val nexus = "https://s01.oss.sonatype.org/"
      if (isSnapshot.value) Some("snapshots" at nexus + "content/repositories/snapshots")
      else Some("releases" at nexus + "service/local/staging/deploy/maven2")
    },
    sonatypePublishTo := {
      val nexus = "https://s01.oss.sonatype.org/"
      if (isSnapshot.value) Some("snapshots" at nexus + "content/repositories/snapshots")
      else Some("releases" at nexus + "service/local/staging/deploy/maven2")
    },

@kflorence
Copy link

kflorence commented Jul 24, 2021

I have a multi-project build. The build.sbt looks like:

// Shared settings
inThisBuild(
  List(
    compileOrder := CompileOrder.JavaThenScala,
    crossScalaVersions := Seq(Versions.scala212, Versions.scala213),
    developers := List(
      Developer(...)
    ),
    homepage := Some(url("...")),
    javacOptions := Seq("-encoding", "UTF-8", "-source", Versions.java),
    licenses += ("Apache-2.0", new URL("https://www.apache.org/licenses/LICENSE-2.0.txt")),
    organization := "...",
    organizationName := "...",
    scalaVersion := Versions.scala213,
    startYear := Some(2021),
    versionScheme := Some("early-semver")
  )
)

lazy val root = (project in file("."))
  .aggregate(javadsl, scaladsl)
  .settings(
    publish / skip := true,
    sonatypeCredentialHost := Sonatype.sonatype01
  )

lazy val javadsl = (project in file("javadsl"))
  .enablePlugins(AutomateHeaderPlugin)
  .settings(
    name := "...-javadsl"
  )

lazy val scaladsl = (project in file("scaladsl"))
  .dependsOn(javadsl)
  .settings(
    libraryDependencies ++= Seq(Dependencies.scalaCollectionCompat) ++ Seq(Dependencies.scalaTest).map(_ % Test),
    name := "...-scaladsl"
  )

I was also getting: java.net.ProtocolException: Server redirected too many times (20). I tried putting sonatypeCredentialHost := Sonatype.sonatype01 at the root scope, in the root project, in ThisBuild / sonatypeCredentialHost := Sonatype.sonatype01 but all of those resulted in the same error. When I sbt show sonatypeCredentialHost, it always results in the root value being correct but the project values being incorrect:

sbt:root> show sonatypeCredentialHost
[info] javadsl / sonatypeCredentialHost
[info] 	oss.sonatype.org
[info] scaladsl / sonatypeCredentialHost
[info] 	oss.sonatype.org
[info] sonatypeCredentialHost
[info] 	s01.oss.sonatype.org

If I explicitly apply sonatypeCredentialHost := Sonatype.sonatype01 to the project settings, like:

lazy val javadsl = (project in file("javadsl"))
  .enablePlugins(AutomateHeaderPlugin)
  .settings(
    name := "...-javadsl",
    sonatypeCredentialHost := Sonatype.sonatype01
  )

Then it works. But I have seen projects that only define sonatypeCredentialHost := Sonatype.sonatype01 at the root level and those projects seem to work fine... Unclear why that's the case for me. This is with the latest version of this plugin (1.5.7).

olafurpg added a commit to olafurpg/sbt-sonatype that referenced this issue Jul 26, 2021
Previously, the `sonatypeCredentialHost` setting had to be redefined
inside every project even if the sbt-sonatype readme documents that
the setting can be configured once via `ThisBuild /` at the root of
build.sbt. This commit moves the definition of that setting to the build
scope so that the behavior is consistent with the documentation.

Related sbt/sbt-ci-release#173
@olafurpg
Copy link
Member

olafurpg commented Jul 26, 2021

I opened a PR xerial/sbt-sonatype#242 to sbt-sonatype changing the scoping of sonatypeCredentialHost so that it can be defined via ThisBuild. After that change, it should no longer be necessary to re-define this setting for every subproject.

@kflorence
Copy link

@olafurpg Makes sense to me, thanks.

xerial pushed a commit to xerial/sbt-sonatype that referenced this issue Aug 14, 2021
Previously, the `sonatypeCredentialHost` setting had to be redefined
inside every project even if the sbt-sonatype readme documents that
the setting can be configured once via `ThisBuild /` at the root of
build.sbt. This commit moves the definition of that setting to the build
scope so that the behavior is consistent with the documentation.

Related sbt/sbt-ci-release#173
@olafurpg
Copy link
Member

I just triggered a 1.5.8 release upgrading to the latest sbt-sonatype version that includes the fix from xerial/sbt-sonatype#242 The short story is that the following settings should work as expected now

ThisBuild / sonatypeCredentialHost := "s01.oss.sonatype.org"

Previously, this didn't work because you had to redefine the setting for every project in a multi-module build.

@blast-hardcheese
Copy link
Contributor

I just triggered a 1.5.8 release

@olafurpg Looks like the release got stuck: https://github.com/olafurpg/sbt-ci-release/runs/3348896102?check_suite_focus=true#step:4:272

[error] (plugin / signedArtifacts) Failure running 'gpg --batch --passphrase *** --detach-sign --armor --use-agent --output /home/runner/work/sbt-ci-release/sbt-ci-release/plugin/target/scala-2.12/sbt-1.0/sbt-ci-release-1.5.8.pom.asc /home/runner/work/sbt-ci-release/sbt-ci-release/plugin/target/scala-2.12/sbt-1.0/sbt-ci-release-1.5.8.pom'.  Exit code: 2

maven central is also missing this version

nivox added a commit to spekka/spekka that referenced this issue Feb 1, 2022
Applying workaround for error outline in issue: sbt/sbt-ci-release#173
OlivierBlanvillain added a commit to OlivierBlanvillain/monadic-html that referenced this issue Jul 5, 2022
Ostrzyciel added a commit to Jelly-RDF/jelly-jvm that referenced this issue Jan 10, 2023
Ostrzyciel added a commit to Ostrzyciel/sbt-ci-release that referenced this issue Jan 10, 2023
Without `ThisBuild / `, the setting would only be applied to the top-level project, which breaks publishing in multi-project builds.

See this pull request: xerial/sbt-sonatype#242

And this report: sbt#173 (comment)

I had the exact same issue as kflorence, and it was fixed by adding the ThisBuild part.
@geirolz
Copy link

geirolz commented Jul 9, 2024

Anyone else is getting the same error again ?
https://github.com/geirolz/fly4s/actions/runs/9823160594/job/27167983985

@tgodzik
Copy link
Contributor

tgodzik commented Jul 9, 2024

Could it be related to the changes in authorization for sonatype? Did you update to use the token? I've seen a bunch of errors there that didn't seem related and it was the token actually

@geirolz
Copy link

geirolz commented Jul 9, 2024

Could it be related to the changes in authorization for sonatype? Did you update to use the token? I've seen a bunch of errors there that didn't seem related and it was the token actually

What do you mean with token ? I tried to generate another gpg keys because I though the keys were expired but I'm still having the same problem. I also tried to log in into sonatype https://oss.sonatype.org/ and it works
Any suggestion ?

@tgodzik
Copy link
Contributor

tgodzik commented Jul 9, 2024

I recently had to change my sonatype user and password like explained in https://central.sonatype.org/publish/generate-token/

The disallowed using plain username and password. Not sure if that is the issue, but I had that problem multiple times last few weeks

@geirolz
Copy link

geirolz commented Jul 9, 2024

It works 🎉
Amazing, thank you so much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests