search

snowdrop / java-buildpack-client

A simple buildpack (https://buildpacks.io/) platform implementation as a library for java..
Apache License 2.0
13 stars 7 forks source link

job - maven release fails : git@github.com: Permission denied (publickey). #69

Open cmoulliard opened 1 week ago

cmoulliard commented 1 week ago

Issue

This job fails: https://github.com/snowdrop/java-buildpack-client/actions/runs/9582846769 when the step Maven release ... is executed

[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  38.088 s
[INFO] Finished at: 2024-06-19T13:26:20Z
[INFO] ------------------------------------------------------------------------
Error:  Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project buildpack-client-project: Unable to commit files
Error:  Provider message:
Error:  The git-push command failed.
Error:  Command output:
Error:  git@github.com: Permission denied (publickey).
Error:  fatal: Could not read from remote repository.
Error:  
Error:  Please make sure you have the correct access rights
Error:  and the repository exists.
Error:  -> [Help 1]
Error:

I suspect that we missed to pass the SSH key able to push on git as documented here: https://stackoverflow.com/questions/66944752/how-do-i-push-a-release-to-github-with-the-maven-release-plugin

cmoulliard commented 1 week ago

As our job definition is similar to this project - https://github.com/metacosm/power-server/blob/main/.github/workflows/release.yml:

       - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: 'temurin'
          java-version: 17
          cache: 'maven'
          server-id: central
          server-username: MAVEN_USERNAME
          server-password: MAVEN_PASSWORD
          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
          gpg-passphrase: MAVEN_GPG_PASSPHRASE

      - name: Configure Git author
        run: |
          git config --local user.email "action@github.com"
          git config --local user.name "GitHub Action"

      - name: Maven release ${{steps.metadata.outputs.current-version}}
        run: |
          mvn -B release:prepare -Prelease -Darguments="-DskipTests" -DreleaseVersion=${{steps.metadata.outputs.current-version}} -DdevelopmentVersion=${{steps.metadata.outputs.next-version}}
          mvn -B release:perform -Darguments="-DperformRelease -DskipTests" -DperformRelease -Prelease
        env:
          MAVEN_USERNAME: "${{ secrets.OSSRH_USERNAME }}"
          MAVEN_PASSWORD: "${{ secrets.OSSRH_TOKEN }}"
          MAVEN_GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"

      - name: Push changes to ${{github.base_ref}} branch
        run: |
          git push
          git push origin ${{steps.metadata.outputs.current-version}}

then I suspect that either we missed to pass a secret or we configured a wrong value.

cmoulliard commented 1 week ago

As the secret names match the secrets declared within the job, can you then verify if the values are correct ?

Screenshot 2024-06-20 at 15 18 51

@BarDweller

iocanel commented 1 week ago

We shouldn't be needing a secret for token or ssh keys. We have tons of example working without one: