GitHub packages not found when restored from GitHub Actions

Question

I have two dotnet core GitHub private repositories:

Repository B publish nuget packages to GitHub packages repository (private).
Repository A consumes nuget packages published by repository B from GitHub packages repository.

I have access to both repositories with full permissions and I'm able to build the dotnet core app from Repository A by downloading nuget from GitHub packages repository after sign-in.

When I use GitHub Actions in CI/CD to build Repository A, it is not finding the packages published by Repository B (see trace below).

I'm using GITHUB_TOKEN for auth. My question is, what permission is needed for the oAuth token to get read access to packages from repository B and where to set it in the GitHub UI?

 NotFound https://nuget.pkg.github.com/mycompany/download/foo.net/index.json 116ms

You need the `Permission` `packages` (see https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token#permissions-for-the-github_token) — riQQ, May 20 '20 at 18:12
The permissions in the link you mentioned is what GITHUB_TOKEN inherits for current repo. Here I'm downloading packages from a different repo. — frosty, May 26 '20 at 17:36
So you want to modify the permissions of the default token? I don't think that's possible. The GitHub Actions documentation recommends to create a PAT (see https://stackoverflow.com/a/61924036/3241243). — riQQ, May 27 '20 at 07:18
Note that the scenario is quite basic. We have many repos and library references are through nugets published to private packages repository. For now, I have worked around by using private access token. It will be nice to get GITHUB_TOKEN work for this scenario. — frosty, Jun 06 '20 at 16:16

score 0 · Answer 1 · answered May 20 '20 at 20:47

0

In case of the private packages, you can add this step to add the nuget source in actions

   - name: " Set NuGET Source"
        working-directory: <Working Directory>
        run: nuget sources Add -Name "github" -ConfigFile nuget.config -Source <Github repo url> -UserName <username> -Password <Public Access Token> -StorePasswordInClearText

I hope this helps.

answered May 20 '20 at 20:47

Chandan Gupta

452
4
15

Note that using Private Access Token works fine. Issue is with oAuth Token only – frosty May 25 '20 at 16:09
yes we can use that as a secrets in github anc access it when needed. – Chandan Gupta May 26 '20 at 12:06

GitHub packages not found when restored from GitHub Actions

1 Answers1