search

gradle-nexus / publish-plugin

Gradle plugin for publishing to Nexus repositories
Apache License 2.0
404 stars 29 forks source link

Task `initializeSonatypeStagingRepository` fails when using `gradle-setup` action #347

Open nsenave opened 3 months ago

nsenave commented 3 months ago

Hi, thanks for your plugin which helps a lot.

I use the plugin in a GitHub workflow which can be summarized like this:

    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-java@v4
        # with: env variables and secrets 
      - uses: gradle/gradle-build-action@v3
      - run: ./gradlew clean publishToSonatype closeAndReleaseSonatypeStagingRepository
        # with: env variables and secrets

Works fine.

I've recently replaced gradle/gradle-build-action@v3 (which is deprecated) with gradle/actions/setup-gradle@v3.

Then, I have this error: 

Run ./gradlew clean publishToSonatype closeAndReleaseSonatypeStagingRepository
Starting a Gradle Daemon (subsequent builds will be faster)
> Task :model:clean UP-TO-DATE

> Task :initializeSonatypeStagingRepository FAILED
FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':initializeSonatypeStagingRepository'.
2 actionable tasks: 1 executed, 1 up-to-date
> Failed to load staging profiles, server at https://oss.sonatype.org/service/local/ responded with status code 403, body: <html>
    <head>
      <title>403 - Forbidden</title>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

      <link rel="icon" type="image/png" href="https://oss.sonatype.org/favicon.png">
      <!--[if IE]>
      <link rel="SHORTCUT ICON" href="https://oss.sonatype.org/favicon.ico"/>
      <![endif]-->

      <link rel="stylesheet" href="https://oss.sonatype.org/static/css/Sonatype-content.css?2.15.1-02" type="text/css" media="screen" title="no title" charset="utf-8">
    </head>
    <body>
      <h1>403 - Forbidden</h1>
      <p>Forbidden</p>
    </body>
  </html>

Gradle wrapper version used: 8.6

Actions gradle-build-action and actions/setup-gradle are supposed to be functionally identical, so it might be an issue on their side in the end.

Yet, I thought you might have an idea / ways to reproduce the bug and diagnose why the error happens.

joffrey-bion commented 3 months ago

I got the same error, but I think that has to do with Sonatype changing its authentication system. Did you check that you can still login on https://oss.sonatype.org/? Did you try to generate a new user token?

szpak commented 3 months ago

I would also recommend generating the new token. Some other people were reporting the similar problem on the Sonatype mailing list recently.

nsenave commented 3 months ago

Thanks for the quick answers. I should have precised that I managed to publish a few minutes after receving the 403 error by using back the "gradle-build-action".

A sonatype login could look coherent indeed, yet it seems that it doesn't match in my case:

Seems like something weird happens with caching, but I'm having a hard time understanding what that could be: maybe definitely an issue for the gradle setup action.

joffrey-bion commented 2 months ago

I'm getting errors too, but 401s now. Any news on this?

szpak commented 2 months ago

@joffrey-bion Is this still happening after 12-24 hours?

joffrey-bion commented 2 months ago

Yes, the first occurrence was about 4 days ago, and I'm still facing the issue in multiple repositories. For example:

https://github.com/joffrey-bion/socketio-kotlin/actions/workflows/release.yml https://github.com/joffrey-bion/chrome-devtools-kotlin/actions/workflows/release.yml

The latest build scan: https://gradle.com/s/hu4rt37gjoa2o

szpak commented 2 months ago

Have you re-generated your Nexus token (and updated in in GH)?

joffrey-bion commented 2 months ago

Yes, sorry not to have mentioned this more clearly. I generated a new token and updated my repo secrets with it (a while back, a few days ago, and again yesterday), to no avail.

FTR, I'm also using the setup-gradle action (v4 now), but the failure doesn't seem to correlate with the version change, nor the use of setup-gradle for me. I wonder if this could be some kind of caching issue.

joffrey-bion commented 2 months ago

It looks like for some repos the failure correlates with the upgrade to Gradle 8.10, but that might be a red herring, because at least one of my repos could publish fine with Gradle 8.10 and setup-gradle v4.

joffrey-bion commented 2 months ago

Ok sorry for the noise about this, the 401s were caused because of an unfortunate naming of secrets, and I had swapped the username and password. All good now.

szpak commented 2 months ago

@joffrey-bion Thanks for the update!

@nsenave Have you manager to solve the problem with your repo?

nsenave commented 1 month ago

Situation didn't change for me since my last comment, I'll give it another try and keep you informed.

Ahmedhossamdev commented 3 weeks ago

Same issue happened with me; I'm sure that all my secrets are correct! the 401 status code

https://github.com/OneBusAway/kotlin-sdk/actions/runs/11241615588/job/31254075229

Do you guys generate tokens from here?

https://central.sonatype.com/account

@joffrey-bion

joffrey-bion commented 3 weeks ago

Do you guys generate tokens from here? https://central.sonatype.com/account

No that's for the new Publisher Api. I think you probably still need to generate your token for OSSRH in the Nexus: https://oss.sonatype.org/#welcome

You can log in in the top right (with the same credentials as for central.sonatype.com), then click on your logged in username in the same place, and open your Profile. Then, change the drop down (just below the tab headers) from Summary to User Token. From there, you can regenerate a new token for the "old way" of publishing.