Travis-ci.org - Octokit::Unauthorized prevents release to Github

My Github projects use Travis CI to compile front end files and generate a release.zip for upload back to Github.

After some months away from these projects, this release deployment process is no longer working.

E.g. https://travis-ci.org/github/dotherightthing/gulp-wpdtrt-plugin-bump/builds/674013205

I have searched around the web and through this forum, and have tried the following:

  • validating my build config at https://config.travis-ci.com/explore
  • generating a new Github Personal Access Token and recreating the Travis environmental variable
  • as above, plus encrypting this using travis encrypt my_github_api_personal_access_token
  • confirming that I can connect to the Github API using this token unencrypted, using curl -H "Authorization: token my_github_api_personal_access_token" https://api.github.com
  • using the encrypted token in my Travis build config rather than the environmental variable
  • renaming my environmental variable from $GH_TOKEN to $GITHUB_TOKEN and removing the token key, as per my understanding of https://docs.travis-ci.com/user/deployment-v2/providers/releases/ (this failed)
  • using token.secure with quoted "$GITHUB_TOKEN" and unquoted $GITHUB_TOKEN values
  • confirming that I am still using travis-ci.org (public projects) and not the new travis-ci.com (public/private projects, in beta)
  • confirming that I am not using GitHub Enterprise
1 Like

Same here:

  1. failure: https://travis-ci.com/github/hasufell/ghcup-hs/jobs/318551270#L1888
  2. the commit after which the failure occured: https://github.com/hasufell/ghcup-hs/commit/b11b74d2b48834fa9a69cde9c2b5f503b1be07a8

As can bee seen, the commit has nothing to do with travis config. No credentials were touched. The credentials were generated with ‘travis setup release’ a day before.

https://travis-ci.org/github/dotherightthing/gulp-wpdtrt-plugin-bump/jobs/674013206/config

This is invalid syntax:

deploy:
  <...>
  token:
    secure: $GITHUB_TOKEN

It should be just

deploy:
  <...>
  token: $GITHUB_TOKEN

if the value is in an envvar.


https://config.travis-ci.com/explore actually warns you of this:

Parsed and validated config

[warn] on deploy.token.secure: invalid value on secure string: {:secure=>"$GITHUB_TOKEN"}

Ah, apologies. I used to use this:

deploy:
  api_key:
    secure: $GH_TOKEN

… but rewrote this following feedback from the validator.

I didn’t understand what the remaining error was telling me - I just thought that it couldn’t resolve the dynamic envvar.

Anyway, I updated the Travis build config but it is still failing despite being valid:

https://travis-ci.org/github/dotherightthing/gulp-wpdtrt-plugin-bump/builds/674211404

Comparing the stacktrace with https://github.com/travis-ci/dpl/blob/v1.10.15/lib/dpl/provider/releases.rb, the error happens at checking credentials.
If you are sure your token is correct, maybe it doesn’t have required permissions?

FYI, you are not using deployment v2, so refer to https://docs.travis-ci.com/user/deployment/releases/.


You can also double-check if your token is decrypted correctly by printing a small part of it.

Thanks, how would I go about doing this?

Imprint