Search code examples
pythongithub-actionspypi

Deploy on PyPi from GitHub : InvalidMacaroonError

I am trying to deploy on PyPi this project, but I get the following error in GitHub Actions:

Run pypa/gh-action-pypi-publish@release/v1
  with:
    user: __token__
    password: ***
    packages_dir: dist
    verify_metadata: true
    skip_existing: false
    verbose: false
    print_hash: false
/usr/bin/docker run --name db2d7f635ae96809d4725b0df2abd9fe171db_dda529 --label 7db2d7 --workdir /github/workspace --rm -e INPUT_USER -e INPUT_PASSWORD -e INPUT_REPOSITORY_URL -e INPUT_PACKAGES_DIR -e INPUT_VERIFY_METADATA -e INPUT_SKIP_EXISTING -e INPUT_VERBOSE -e INPUT_PRINT_HASH -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/score/score":"/github/workspace" 7db2d7:f635ae96809d4725b0df2abd9fe171db  "__token__" "***" "" "dist" "true" "false" "false" "false"
Checking dist/Score-0.1.2.tar.gz: PASSED
Uploading distributions to https://upload.pypi.org/legacy/
Uploading Score-0.1.2.tar.gz

  0%|          | 0.00/14.5k [00:00<?, ?B/s]
 55%|█████▌    | 8.00k/14.5k [00:00<00:00, 76.6kB/s]
100%|██████████| 14.5k/14.5k [00:00<00:00, 60.8kB/s]
Error during upload. Retry with the --verbose option for more details.
HTTPError: 403 Forbidden from https://upload.pypi.org/legacy/
Invalid API Token: InvalidMacaroonError('invalid macaroon signature')

An API tokens was created on PyPi with the scope to the project and it was added on GitHub Actions Secrets with the name PYPI_TOKEN. Also I have on ci.yml the following:

  - name: Publish a Python distribution to PyPI
    uses: pypa/gh-action-pypi-publish@release/v1
    with:
      user: __token__
      password: ${{ secrets.PYPI_TOKEN }}

What could be the error?

https://github.com/heig-tin-info/score/runs/5233495385?check_suite_focus=true

Solution

  • I'm definitely also having this issue as well. I found a similar problem from two years ago and it was supposedly fixed. But I think testpypi is just broken because some of the suggestions on Can't upload to PyPi with Twine worked for me. For example, I can upload with pypi just fine, not testpypi no matter what I do with my account or api key. It seems like some people have luck creating new accounts.