search

Triple-T / gradle-play-publisher

GPP is Android's unofficial release automation Gradle Plugin. It can do anything from building, uploading, and then promoting your App Bundle or APK to publishing app listings and other metadata.
MIT License
4.13k stars 341 forks source link

PublishBundle$Processor fails with SunCertPathBuilderException #1120

Closed tkhduracell closed 8 months ago

tkhduracell commented 8 months ago

Describe the bug

Github action is unable to connect to playstore unable to find valid certification path to requested target.

Tried with different java versions.

How To Reproduce

Versions

Tasks executed

What tasks did you run? For example, publishBundle.

:app:publishReleaseBundle

Expected behavior

Builds locally (macOS 13.5.2 [22G91], openjdk version "18.0.1.1" 2022-04-22) on but running on Github actions fails.

Tested both: 

  Java configuration:
    Distribution: corretto
    Version: 18.0.2+9.1
    Path: /opt/hostedtoolcache/Java_Corretto_jdk/18.0.2-9.1/x64

and 

  Java configuration:
    Distribution: temurin
    Version: 18.0.2+101
    Path: /opt/hostedtoolcache/Java_Temurin-Hotspot_jdk/18.0.2-101/x64

Additional context (if a crash, provide stack trace)

> Task :app:publishReleaseBundle FAILED
FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':app:publishReleaseBundle'.
> A failure occurred while executing com.github.triplet.gradle.play.tasks.PublishBundle$Processor
   > There was a failure while executing work items
      > A failure occurred while executing com.github.triplet.gradle.play.tasks.PublishBundle$BundleUploader
         > Error getting subject token from metadata server: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Workflow: 

build-apps-android:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: corretto
          java-version: 18
          cache: gradle

      - name: Setup Gradle
        uses: gradle/gradle-build-action@v3

      - name: Build and upload with Gradle
        run: ./gradlew --no-daemon publishBundle

Doing curl --head -v https://androidpublisher.googleapis.com/androidpublisher/v3/applications/<myapp>/ works fine, so must be a Java cert chain issue. Using ACT locally works as well.

github-actions[bot] commented 8 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.