- Octokit::Unauthorized prevents release to Github

My Github projects use Travis CI to compile front end files and generate a for upload back to Github.

After some months away from these projects, this release deployment process is no longer working.


I have searched around the web and through this forum, and have tried the following:

  • validating my build config at
  • generating a new Github Personal Access Token and recreating the Travis environmental variable
  • as above, plus encrypting this using travis encrypt my_github_api_personal_access_token
  • confirming that I can connect to the Github API using this token unencrypted, using curl -H "Authorization: token my_github_api_personal_access_token"
  • using the encrypted token in my Travis build config rather than the environmental variable
  • renaming my environmental variable from $GH_TOKEN to $GITHUB_TOKEN and removing the token key, as per my understanding of (this failed)
  • using with quoted "$GITHUB_TOKEN" and unquoted $GITHUB_TOKEN values
  • confirming that I am still using (public projects) and not the new (public/private projects, in beta)
  • confirming that I am not using GitHub Enterprise
1 Like

Same here:

  1. failure:
  2. the commit after which the failure occured:

As can bee seen, the commit has nothing to do with travis config. No credentials were touched. The credentials were generated with ‘travis setup release’ a day before.

This is invalid syntax:

    secure: $GITHUB_TOKEN

It should be just

  token: $GITHUB_TOKEN

if the value is in an envvar. actually warns you of this:

Parsed and validated config

[warn] on invalid value on secure string: {:secure=>"$GITHUB_TOKEN"}

Ah, apologies. I used to use this:

    secure: $GH_TOKEN

… but rewrote this following feedback from the validator.

I didn’t understand what the remaining error was telling me - I just thought that it couldn’t resolve the dynamic envvar.

Anyway, I updated the Travis build config but it is still failing despite being valid:

Comparing the stacktrace with, the error happens at checking credentials.
If you are sure your token is correct, maybe it doesn’t have required permissions?

FYI, you are not using deployment v2, so refer to

You can also double-check if your token is decrypted correctly by printing a small part of it.

Thanks, how would I go about doing this?