Skip to content

CI fails on Netlify preview deploy: NETLIFY_AUTH_TOKEN / NETLIFY_SITE_ID not set #4

Description

@mmcky

Summary

The Build Project [using jupyter-book] workflow (ci.yml) fails on every PR — but not because of the build. The jupyter-book build succeeds; the job dies on its final step, Preview Deploy to Netlify, because the required secrets are not configured in this repo.

Evidence

From the failed run on PR #1 (run 26938631605), step conclusions:

success   Build Download Notebooks (sphinx-tojupyter)
success   Build HTML
success   Install Node.js
failure   Preview Deploy to Netlify   <-- only failure

Error message:

Error: Authentication required. NETLIFY_AUTH_TOKEN is not set and
`netlify login --request <message>` can be used to authenticate.
##[error]Process completed with exit code 1.

gh secret list for the repo returns nothing — no Actions secrets are configured. The step at .github/workflows/ci.yml (Preview Deploy to Netlify) passes secrets.NETLIFY_AUTH_TOKEN and secrets.NETLIFY_SITE_ID, which are empty, so the Netlify CLI exits 1 and the whole job goes red.

Impact

(There is also a separate older failure on main in the Build & Publish to GH Pages workflow — likely the same class of missing-config/secret issue — worth a look while we're here, but tracked separately if needed.)

Options to resolve

  1. Add the secrets (enables PR previews) — a repo/org admin sets NETLIFY_AUTH_TOKEN and NETLIFY_SITE_ID under Settings → Secrets and variables → Actions. The QuantEcon org already uses Netlify previews on the other lecture repos, so a token should exist.
  2. Guard the step so CI is green when the token is absent (e.g. forks / before secrets land):
    - name: Preview Deploy to Netlify
      if: ${{ env.NETLIFY_AUTH_TOKEN != '' }}
      env:
        NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
      # ...
    (Secrets can't be referenced directly in if:, so map to env first, then test env.)
  3. Remove the Netlify preview step if previews aren't wanted for this repo.

Recommended: option 1 if we want previews here, with option 2 as a resilience improvement regardless so the build remains the real pass/fail signal.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions