[Help] An error occurred while making a request to the GitLab release API: HTTPError: Response code 403 (Forbidden)

[felixprado-mc]

I get this error when executing the plugin in a Gitlab CI pipeline. It only happens the first time, because in the second execution it works fine.

I have a GL_TOKEN with the right permissions over the project.

Could anyone help?

++ npx semantic-release
[7:16:31 AM] [semantic-release] › ℹ  Running semantic-release version 23.0.8
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "verifyConditions" from "@semantic-release/changelog"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "verifyConditions" from "@semantic-release/git"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "verifyConditions" from "@semantic-release/gitlab"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "analyzeCommits" from "@semantic-release/commit-analyzer"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "generateNotes" from "@semantic-release/release-notes-generator"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "prepare" from "@semantic-release/changelog"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "prepare" from "@semantic-release/git"
[7:16:31 AM] [semantic-release] › ✔  Loaded plugin "publish" from "@semantic-release/gitlab"
[7:16:36 AM] [semantic-release] › ✔  Run automated release from branch main on repository https://gitlab-ci-token:[secure]@gitlab.com/(my-project).git
[7:16:37 AM] [semantic-release] › ✔  Allowed to push to the Git repository
[7:16:37 AM] [semantic-release] › ℹ  Start step "verifyConditions" of plugin "@semantic-release/gitlab"
[7:16:37 AM] [semantic-release] [@semantic-release/gitlab] › ℹ  Verify GitLab authentication (https://gitlab.com/api/v4)
[7:16:37 AM] [semantic-release] › ✔  Completed step "verifyConditions" of plugin "@semantic-release/gitlab"
[7:16:37 AM] [semantic-release] › ℹ  Start step "verifyConditions" of plugin "@semantic-release/changelog"
[7:16:37 AM] [semantic-release] › ✔  Completed step "verifyConditions" of plugin "@semantic-release/changelog"
[7:16:37 AM] [semantic-release] › ℹ  Start step "verifyConditions" of plugin "@semantic-release/git"
[7:16:37 AM] [semantic-release] › ✔  Completed step "verifyConditions" of plugin "@semantic-release/git"
[7:16:37 AM] [semantic-release] › ℹ  Found git tag v1.0.6 associated with version 1.0.6 on branch main
[7:16:37 AM] [semantic-release] › ℹ  Found 2 commits since last release
[7:16:37 AM] [semantic-release] › ℹ  Start step "analyzeCommits" of plugin "@semantic-release/commit-analyzer"
[7:16:37 AM] [semantic-release] [@semantic-release/commit-analyzer] › ℹ  Analyzing commit: Merge branch 'renovate/github.com-spf13-cobra-1.x' into 'main'
fix(deps): update module github.com/spf13/cobra to v1.8.0
See merge request (my-mr)
[7:16:37 AM] [semantic-release] [@semantic-release/commit-analyzer] › ℹ  The commit should not trigger a release
[7:16:37 AM] [semantic-release] [@semantic-release/commit-analyzer] › ℹ  Analyzing commit: fix(deps): update module github.com/spf13/cobra to v1.8.0
[7:16:37 AM] [semantic-release] [@semantic-release/commit-analyzer] › ℹ  The release type for the commit is patch
[7:16:37 AM] [semantic-release] [@semantic-release/commit-analyzer] › ℹ  Analysis of 2 commits complete: patch release
[7:16:37 AM] [semantic-release] › ✔  Completed step "analyzeCommits" of plugin "@semantic-release/commit-analyzer"
[7:16:37 AM] [semantic-release] › ℹ  The next release version is 1.0.7
[7:16:37 AM] [semantic-release] › ℹ  Start step "generateNotes" of plugin "@semantic-release/release-notes-generator"
[7:16:37 AM] [semantic-release] › ✔  Completed step "generateNotes" of plugin "@semantic-release/release-notes-generator"
[7:16:37 AM] [semantic-release] › ℹ  Start step "prepare" of plugin "@semantic-release/changelog"
[7:16:37 AM] [semantic-release] [@semantic-release/changelog] › ℹ  Update /builds/my_project/CHANGELOG.md
[7:16:37 AM] [semantic-release] › ✔  Completed step "prepare" of plugin "@semantic-release/changelog"
[7:16:37 AM] [semantic-release] › ℹ  Start step "prepare" of plugin "@semantic-release/git"
[7:16:37 AM] [semantic-release] [@semantic-release/git] › ℹ  Found 1 file(s) to commit
[7:16:39 AM] [semantic-release] [@semantic-release/git] › ℹ  Prepared Git release: v1.0.7
[7:16:39 AM] [semantic-release] › ✔  Completed step "prepare" of plugin "@semantic-release/git"
[7:16:39 AM] [semantic-release] › ℹ  Start step "generateNotes" of plugin "@semantic-release/release-notes-generator"
[7:16:39 AM] [semantic-release] › ✔  Completed step "generateNotes" of plugin "@semantic-release/release-notes-generator"
[7:16:41 AM] [semantic-release] › ✔  Created tag v1.0.7
[7:16:41 AM] [semantic-release] › ℹ  Start step "publish" of plugin "@semantic-release/gitlab"
[7:16:42 AM] [semantic-release] [@semantic-release/gitlab] › ✘  An error occurred while making a request to the GitLab release API:
HTTPError: Response code 403 (Forbidden)
    at Request.<anonymous> (file:///builds/my_project/node_modules/got/dist/source/as-promise/index.js:92:42)
    at Object.onceWrapper (node:events:[63](https://gitlab.com/my_project/-/jobs/7022066433#L63)4:26)
    at Request.emit (node:events:531:35)
    at Request._onResponseBase (file:///builds/my_project/node_modules/got/dist/source/core/index.js:604:22)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Request._onResponse (file:///builds/my_project/node_modules/got/dist/source/core/index.js:[64](https://gitlab.com/my_project/-/jobs/7022066433#L64)6:13) {
  input: undefined,
  code: 'ERR_NON_2XX_3XX_RESPONSE',
  timings: {
    start: 1717571801926,
    socket: 1717571801926,
    lookup: 1717571801926,
    connect: 1717571801926,
    secureConnect: 1717571801926,
    upload: 1717571801927,
    response: 1717571802076,
    end: 1717571802077,
    error: undefined,
    abort: undefined,
    phases: {
      wait: 0,
      dns: 0,
      tcp: 0,
      tls: 0,
      request: 1,
      firstByte: 149,
      download: 1,
      total: 151
    }
  },
  options: {
    request: undefined,
    agent: { http: undefined, https: undefined, http2: undefined },
    h2session: undefined,
    decompress: true,
    timeout: {
      connect: undefined,
      lookup: undefined,
      read: undefined,
      request: undefined,
      response: undefined,
      secureConnect: undefined,
      send: undefined,
      socket: undefined
    },
    prefixUrl: '',
    body: '{"tag_name":"v1.0.7","description":"## [1.0.7](https://gitlab.com/my_project/compare/v1.0.6...v1.0.7) (2024-06-05)\\n\\n\\n### Bug Fixes\\n\\n* **deps:** update module github.com/spf13/cobra to v1.8.0 ([ec8f0ed](https://gitlab.com/my_project/commit/ec8f0ed801c6aac985d[65](https://gitlab.com/my_project/-/jobs/7022066433#L65)e9921c015ace5002b9f))\\n\\n\\n\\n","assets":{"links":[]}}',
    form: undefined,
    json: undefined,
    cookieJar: undefined,
    ignoreInvalidCookies: [secure],
    searchParams: undefined,
    dnsLookup: undefined,
    dnsCache: undefined,
    context: {},
    hooks: {
      init: [],
      beforeRequest: [],
      beforeError: [ [Function (anonymous)] ],
      beforeRedirect: [],
      beforeRetry: [],
      afterResponse: []
    },
    followRedirect: true,
    maxRedirects: 10,
    cache: undefined,
    throwHttpErrors: true,
    username: '',
    password: '',
    http2: [secure],
    allowGetBody: [secure],
    headers: {
      'user-agent': 'got (https://github.com/sindresorhus/got)',
      'private-token': '[secure]',
      'content-type': 'application/json',
      'content-length': '422',
      'accept-encoding': 'gzip, deflate, br'
    },
    methodRewriting: [secure],
    dnsLookupIpVersion: undefined,
    parseJson: [Function: parse],
    stringifyJson: [Function: stringify],
    retry: {
      limit: 2,
      methods: [ 'GET', 'PUT', 'HEAD', 'DELETE', 'OPTIONS', 'TRACE' ],
      statusCodes: [
        408, 413, 429, 500,
        502, 503, 504, 521,
        522, 524
      ],
      errorCodes: [
        'ETIMEDOUT',
        'ECONNRESET',
        'EADDRINUSE',
        'ECONNREFUSED',
        'EPIPE',
        'ENOTFOUND',
        'ENETUNREACH',
        'EAI_AGAIN'
      ],
      maxRetryAfter: undefined,
      calculateDelay: [Function: calculateDelay],
      backoffLimit: Infinity,
      noise: 100
    },
    localAddress: undefined,
    method: 'POST',
    createConnection: undefined,
    cacheOptions: {
      shared: undefined,
      cacheHeuristic: undefined,
      immutableMinTimeToLive: undefined,
      ignoreCargoCult: undefined
    },
    https: {
      alpnProtocols: undefined,
      rejectUnauthorized: undefined,
      checkServerIdentity: undefined,
      certificateAuthority: undefined,
      key: undefined,
      certificate: undefined,
      passphrase: undefined,
      pfx: undefined,
      ciphers: undefined,
      honorCipherOrder: undefined,
      minVersion: undefined,
      maxVersion: undefined,
      signatureAlgorithms: undefined,
      tlsSessionLifetime: undefined,
      dhparam: undefined,
      ecdhCurve: undefined,
      certificateRevocationLists: undefined
    },
    encoding: undefined,
    resolveBodyOnly: [secure],
    isStream: [secure],
    responseType: 'text',
    url: URL {
      href: 'https://gitlab.com/api/v4/projects/my_project/releases',
      origin: 'https://gitlab.com',
      protocol: 'https:',
      username: '',
      password: '',
      host: 'gitlab.com',
      hostname: 'gitlab.com',
      port: '',
      pathname: '/api/v4/projects/my_project/releases',
      search: '',
      searchParams: URLSearchParams {},
      hash: ''
    },
    pagination: {
      transform: [Function: transform],
      paginate: [Function: paginate],
      filter: [Function: filter],
      shouldContinue: [Function: shouldContinue],
      countLimit: Infinity,
      backoff: 0,
      requestLimit: 10000,
      stackAllItems: [secure]
    },
    setHost: true,
    maxHeaderSize: undefined,
    signal: undefined,
    enableUnixSockets: [secure]
  },
  [cause]: {}
}
[7:16:42 AM] [semantic-release] › ✘  Failed step "publish" of plugin "@semantic-release/gitlab"
[7:16:42 AM] [semantic-release] › ✘  An error occurred while running semantic-release: HTTPError: Response code 403 (Forbidden)
    at Request.<anonymous> (file:///builds/my_project/node_modules/got/dist/source/as-promise/index.js:92:42)
    at Object.onceWrapper (node:events:634:26)
    at Request.emit (node:events:531:35)
    at Request._onResponseBase (file:///builds/my_project/node_modules/got/dist/source/core/index.js:604:22)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Request._onResponse (file:///builds/my_project/node_modules/got/dist/source/core/index.js:646:13) {
  input: undefined,
  code: 'ERR_NON_2XX_3XX_RESPONSE',
  timings: {
    start: 1[71](https://gitlab.com/my_project/-/jobs/7022066433#L71)7571801926,
    socket: 1717571801926,
    lookup: 1717571801926,
    connect: 1717571801926,
    secureConnect: 1717571801926,
    upload: 1717571801927,
    response: 1717571802076,
    end: 1717571802077,
    error: undefined,
    abort: undefined,
    phases: {
      wait: 0,
      dns: 0,
      tcp: 0,
      tls: 0,
      request: 1,
      firstByte: 149,
      download: 1,
      total: 151
    }
  },
  options: {
    request: undefined,
    agent: { http: undefined, https: undefined, http2: undefined },
    h2session: undefined,
    decompress: true,
    timeout: {
      connect: undefined,
      lookup: undefined,
      read: undefined,
      request: undefined,
      response: undefined,
      secureConnect: undefined,
      send: undefined,
      socket: undefined
    },
    prefixUrl: '',
    body: '{"tag_name":"v1.0.7","description":"## [1.0.7](https://gitlab.com/my_project/compare/v1.0.6...v1.0.7) (2024-06-05)\\n\\n\\n### Bug Fixes\\n\\n* **deps:** update module github.com/spf13/cobra to v1.8.0 ([ec8f0ed](https://gitlab.com/my_project/commit/ec8f0ed801c6aac985d65e9921c015ace5002b9f))\\n\\n\\n\\n","assets":{"links":[]}}',
    form: undefined,
    json: undefined,
    cookieJar: undefined,
    ignoreInvalidCookies: [secure],
    searchParams: undefined,
    dnsLookup: undefined,
    dnsCache: undefined,
    context: {},
    hooks: {
      init: [],
      beforeRequest: [],
      beforeError: [ [Function (anonymous)] ],
      beforeRedirect: [],
      beforeRetry: [],
      afterResponse: []
    },
    followRedirect: true,
    maxRedirects: 10,
    cache: undefined,
    throwHttpErrors: true,
    username: '',
    password: '',
    http2: [secure],
    allowGetBody: [secure],
    headers: {
      'user-agent': 'got (https://github.com/sindresorhus/got)',
      'private-token': '[secure]',
      'content-type': 'application/json',
      'content-length': '422',
      'accept-encoding': 'gzip, deflate, br'
    },
    methodRewriting: [secure],
    dnsLookupIpVersion: undefined,
    parseJson: [Function: parse],
    stringifyJson: [Function: stringify],
    retry: {
      limit: 2,
      methods: [ 'GET', 'PUT', 'HEAD', 'DELETE', 'OPTIONS', 'TRACE' ],
      statusCodes: [
        408, 413, 429, 500,
        502, 503, 504, 521,
        522, 524
      ],
      errorCodes: [
        'ETIMEDOUT',
        'ECONNRESET',
        'EADDRINUSE',
        'ECONNREFUSED',
        'EPIPE',
        'ENOTFOUND',
        'ENETUNREACH',
        'EAI_AGAIN'
      ],
      maxRetryAfter: undefined,
      calculateDelay: [Function: calculateDelay],
      backoffLimit: Infinity,
      noise: 100
    },
    localAddress: undefined,
    method: 'POST',
    createConnection: undefined,
    cacheOptions: {
      shared: undefined,
      cacheHeuristic: undefined,
      immutableMinTimeToLive: undefined,
      ignoreCargoCult: undefined
    },
    https: {
      alpnProtocols: undefined,
      rejectUnauthorized: undefined,
      checkServerIdentity: undefined,
      certificateAuthority: undefined,
      key: undefined,
      certificate: undefined,
      passphrase: undefined,
      pfx: undefined,
      ciphers: undefined,
      honorCipherOrder: undefined,
      minVersion: undefined,
      maxVersion: undefined,
      signatureAlgorithms: undefined,
      tlsSessionLifetime: undefined,
      dhparam: undefined,
      ecdhCurve: undefined,
      certificateRevocationLists: undefined
    },
    encoding: undefined,
    resolveBodyOnly: [secure],
    isStream: [secure],
    responseType: 'text',
    url: URL {
      href: 'https://gitlab.com/api/v4/projects/my_project/releases',
      origin: 'https://gitlab.com',
      protocol: 'https:',
      username: '',
      password: '',
      host: 'gitlab.com',
      hostname: 'gitlab.com',
      port: '',
      pathname: '/api/v4/projects/my_project/releases',
      search: '',
      searchParams: URLSearchParams {},
      hash: ''
    },
    pagination: {
      transform: [Function: transform],
      paginate: [Function: paginate],
      filter: [Function: filter],
      shouldContinue: [Function: shouldContinue],
      countLimit: Infinity,
      backoff: 0,
      requestLimit: 10000,
      stackAllItems: [secure]
    },
    setHost: true,
    maxHeaderSize: undefined,
    signal: undefined,
    enableUnixSockets: [secure]
  },
  pluginName: '@semantic-release/gitlab',
  [cause]: {}
}
HTTPError: Response code 403 (Forbidden)
    at Request.<anonymous> 
(file:///builds/my_project/
node_modules/
got
/dist/source/as-promise/index.js:92:42
)
    at Object.onceWrapper (node:events:634:26)
    at Request.emit (node:events:531:35)
    at Request._onResponseBase 
(file:///builds/my_project/
node_modules/
got
/dist/source/core/index.js:604:22
)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Request._onResponse 
(file:///builds/my_project/
node_modules/
got
/dist/source/core/index.js:646:13
)
 {
  input: 
undefined
,
  code: 
'ERR_NON_2XX_3XX_RESPONSE'
,
  timings: {
    start: 
171[75](https://gitlab.com/my_project/-/jobs/7022066433#L75)71801926
,
    socket: 
1717571801926
,
    lookup: 
1717571801926
,
    connect: 
1717571801926
,
    secureConnect: 
1717571801926
,
    upload: 
1717571801927
,
    response: 
1717571802076
,
    end: 
1717571802077
,
    error: 
undefined
,
    abort: 
undefined
,
    phases: {
      wait: 
0
,
      dns: 
0
,
      tcp: 
0
,
      tls: 
0
,
      request: 
1
,
      firstByte: 
149
,
      download: 
1
,
      total: 
151
    }
  },
  options: {
    request: 
undefined
,
    agent: { http: 
undefined
, https: 
undefined
, http2: 
undefined
 },
    h2session: 
undefined
,
    decompress: 
true
,
    timeout: {
      connect: 
undefined
,
      lookup: 
undefined
,
      read: 
undefined
,
      request: 
undefined
,
      response: 
undefined
,
      secureConnect: 
undefined
,
      send: 
undefined
,
      socket: 
undefined
    },
    prefixUrl: 
''
,
    body: 
'{"tag_name":"v1.0.7","description":"## [1.0.7](https://gitlab.com/my_project/compare/v1.0.6...v1.0.7) (2024-06-05)\\n\\n\\n### Bug Fixes\\n\\n* **deps:** update module github.com/spf13/cobra to v1.8.0 ([ec8f0ed](https://gitlab.com/my_project/commit/ec8f0ed801c6aac985d65e9921c015ace5002b9f))\\n\\n\\n\\n","assets":{"links":[]}}'
,
    form: 
undefined
,
    json: 
undefined
,
    cookieJar: 
undefined
,
    ignoreInvalidCookies: 
[secure]
,
    searchParams: 
undefined
,
    dnsLookup: 
undefined
,
    dnsCache: 
undefined
,
    context: {},
    hooks: {
      init: [],
      beforeRequest: [],
      beforeError: [ 
[Function (anonymous)]
 ],
      beforeRedirect: [],
      beforeRetry: [],
      afterResponse: []
    },
    followRedirect: 
true
,
    maxRedirects: 
10
,
    cache: 
undefined
,
    throwHttpErrors: 
true
,
    username: 
''
,
    password: 
''
,
    http2: 
[secure]
,
    allowGetBody: 
[secure]
,
    headers: {

'user-agent'
: 
'got (https://github.com/sindresorhus/got)'
,

'private-token'
: 
'[secure]'
,

'content-type'
: 
'application/json'
,

'content-length'
: 
'422'
,

'accept-encoding'
: 
'gzip, deflate, br'
    },
    methodRewriting: 
[secure]
,
    dnsLookupIpVersion: 
undefined
,
    parseJson: 
[Function: parse]
,
    stringifyJson: 
[Function: stringify]
,
    retry: {
      limit: 
2
,
      methods: [ 
'GET'
, 
'PUT'
, 
'HEAD'
, 
'DELETE'
, 
'OPTIONS'
, 
'TRACE'
 ],
      statusCodes: [

408
, 
413
, 
429
, 
500
,

502
, 
503
, 
504
, 
521
,

522
, 
524
      ],
      errorCodes: [

'ETIMEDOUT'
,

'ECONNRESET'
,

'EADDRINUSE'
,

'ECONNREFUSED'
,

'EPIPE'
,

'ENOTFOUND'
,

'ENETUNREACH'
,

'EAI_AGAIN'
      ],
      maxRetryAfter: 
undefined
,
      calculateDelay: 
[Function: calculateDelay]
,
      backoffLimit: 
Infinity
,
      noise: 
100
    },
    localAddress: 
undefined
,
    method: 
'POST'
,
    createConnection: 
undefined
,
    cacheOptions: {
      shared: 
undefined
,
      cacheHeuristic: 
undefined
,
      immutableMinTimeToLive: 
undefined
,
      ignoreCargoCult: 
undefined
    },
    https: {
      alpnProtocols: 
undefined
,
      rejectUnauthorized: 
undefined
,
      checkServerIdentity: 
undefined
,
      certificateAuthority: 
undefined
,
      key: 
undefined
,
      certificate: 
undefined
,
      passphrase: 
undefined
,
      pfx: 
undefined
,
      ciphers: 
undefined
,
      honorCipherOrder: 
undefined
,
      minVersion: 
undefined
,
      maxVersion: 
undefined
,
      signatureAlgorithms: 
undefined
,
      tlsSessionLifetime: 
undefined
,
      dhparam: 
undefined
,
      ecdhCurve: 
undefined
,
      certificateRevocationLists: 
undefined
    },
    encoding: 
undefined
,
    resolveBodyOnly: 
[secure]
,
    isStream: 
[secure]
,
    responseType: 
'text'
,
    url: URL {
      href: 
'https://gitlab.com/api/v4/projects/my_project/releases'
,
      origin: 
'https://gitlab.com'
,
      protocol: 
'https:'
,
      username: 
''
,
      password: 
''
,
      host: 
'gitlab.com'
,
      hostname: 
'gitlab.com'
,
      port: 
''
,
      pathname: 
'/api/v4/projects/my_project/releases'
,
      search: 
''
,
      searchParams: URLSearchParams {},
      hash: 
''
    },
    pagination: {
      transform: 
[Function: transform]
,
      paginate: 
[Function: paginate]
,
      filter: 
[Function: filter]
,
      shouldContinue: 
[Function: shouldContinue]
,
      countLimit: 
Infinity
,
      backoff: 
0
,
      requestLimit: 
10000
,
      stackAllItems: 
[secure]
    },
    setHost: 
true
,
    maxHeaderSize: 
undefined
,
    signal: 
undefined
,
    enableUnixSockets: 
[secure]
  },
  pluginName: 
'@semantic-release/gitlab'
,
  [cause]: {}
}

This is the .releaserc file of the project:

`verifyConditions:
- "@semantic-release/gitlab"
- "@semantic-release/changelog"
- "@semantic-release/git"
prepare:
- "@semantic-release/changelog"
- "@semantic-release/git"
generateNotes:
- "@semantic-release/release-notes-generator"
publish:
- "@semantic-release/gitlab"
success: false
fail: false
tagFormat: v${version}
plugins:
- - "@semantic-release/commit-analyzer"
  - releaseRules:
    - type: "feat"
      release: "minor"
    - message: "*"
      release: patch
- - "@semantic-release/release-notes-generator"
- - "@semantic-release/changelog"
  - changelogFile: "CHANGELOG.md"
- - "@semantic-release/git"
  - assets:
    - "CHANGELOG.md"
    message: |-
        chore(release): ${nextRelease.version} [skip ci]

        ${nextRelease.notes}
- - "@semantic-release/gitlab"
  - assets:
    - url: "https://gitlab.com/gitlab-org/gitlab/-/blob/master/README.md"
    - label: "README.md"
branches:
- main
- "+([0-9])?(.{+([0-9]),x}).x"
- name: "main"
  prerelease: "alpha"
debug: true

and the package.json:

{
  "dependencies": {
    "@semantic-release/changelog": "^6.0.3",
    "@semantic-release/commit-analyzer": "^13.0.0",
    "@semantic-release/git": "^10.0.1",
    "@semantic-release/gitlab": "^13.1.0"
  }
}

[fgreinacher]

Thanks for the detailed description @felixprado-mc!

I have not yet of heard of such issues, so let's start with a few basic questions:

1. Are you seeing this on gitlab.com or on a self-hosted GitLab instance? (Just asking because I see you have redacted some information)
2. If gitlab.com could you share your project?
3. If self-hosted which GitLab version are you using?
4. Is this a new issues or has it never worked as expected?
5. Have you already tried reducing your semantic release configuration to a minimum and see if the issue still occurs then?

[felixprado-mc]

Hi @fgreinacher ,

I appreciate your interest.

1, 2, 3, The project is hosted on gitlab.com but it's private so I can't share it. 4, It has never worked before but we have the same configuration for other projects, and it works. I have checked if there is something in the project's or token's configuration but I don't see anything. 5, Which configuration do you propose?

What should be the scope/permissions for the GL_TOKEN?

If this adds more information, we run this step in a Gitlab CI pipeline with the following commands:

        npm install @semantic-release/gitlab
        npm install @semantic-release/git
        npm install @semantic-release/changelog
        npm install @semantic-release/commit-analyzer
        npx semantic-release

[fgreinacher]

Thanks for sharing some details!

You could start very simple like this:

{
  "branches": ["main"],
  "plugins": [
    "@semantic-release/commit-analyzer",
    "@semantic-release/release-notes-generator",
    "@semantic-release/gitlab"
  ]
}

And if that works add your configuration options one-by-one until it starts failing.

[JonasSchubert]

Hi @fgreinacher ,

I appreciate your interest.

1, 2, 3, The project is hosted on gitlab.com but it's private so I can't share it. 4, It has never worked before but we have the same configuration for other projects, and it works. I have checked if there is something in the project's or token's configuration but I don't see anything. 5, Which configuration do you propose?

What should be the scope/permissions for the GL_TOKEN?

If this adds more information, we run this step in a Gitlab CI pipeline with the following commands:

        npm install @semantic-release/gitlab
        npm install @semantic-release/git
        npm install @semantic-release/changelog
        npm install @semantic-release/commit-analyzer
        npx semantic-release

Hi @felixprado-mc, regarding 4:\ You have the exact same configuration and also the exact same gitlab token in other projects and in these other projects it is working? Just not in this particular one?\

• is the not working project maybe private and the others internal/public?
• is the branch semantic release tries to push/commit not writable (no one is allowed to push)?
• was the repository created after the token was created? (then permissions might not be included)
• can you think of any other configuration which differs between the projects?