Skip to content

Fix GitHub Actions permissions for Maven release #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Sep 1, 2025
Merged

Fix GitHub Actions permissions for Maven release #37

merged 6 commits into from
Sep 1, 2025

Conversation

@rhoegg
Copy link
Contributor

@rhoegg rhoegg commented Sep 1, 2025

Summary

  • Fix git push permission denied error during maven-release:prepare
  • Add write permissions for GitHub Actions to push commits back to repository

Changes

  • Add permissions: contents: write to workflow job
  • Explicitly pass token: ${{ secrets.GITHUB_TOKEN }} to checkout action

Problem

The maven-release plugin needs to push commits (version updates, tags) back to the repository during the release process, but was getting "Permission denied (publickey)" error.

Test plan

  • GitHub Actions workflow can successfully push commits during release:prepare

@rhoegg
Fix GitHub Actions permissions for Maven release
090d79e 
- Add 'contents: write' permission to allow pushing commits
- Explicitly use GITHUB_TOKEN in checkout action
- Remove pinentry-mode config from maven-gpg-plugin (use env var instead)
- Fixes git push permission denied error during release:prepare
@rhoegg rhoegg force-pushed the fix-release-permissions branch from 00f84ed to 090d79e Compare September 1, 2025 21:35
rhoegg and others added 5 commits September 1, 2025 16:40
@rhoegg
Configure git to use HTTPS with token for authentication
483ac2e 
- Add git config to rewrite SSH URLs to HTTPS with token
- Add fetch-depth: 0 for full history (needed for release plugin)
- Fixes SSH permission denied error during git push
@rhoegg
Simplify git authentication for maven-release-plugin
93f1636 
- Use persist-credentials: false in checkout
- Set remote URL with token in Configure Git step
- Remove complex URL rewriting
- Keep fetch-depth: 0 for release plugin to access full history
@rhoegg
Fix Maven SCM URLs and git credentials
eff84a4 
- Change SCM URLs from SSH to HTTPS in pom.xml
- Configure git credential helper with GitHub token
- Maven-release-plugin uses SCM URLs, not git remote
@actions-user
[maven-release-plugin] prepare release json-logger-3.0.1
02d88d9
@actions-user
[maven-release-plugin] prepare for next development iteration
47203e6
@rhoegg rhoegg merged commit c1b83dc into main Sep 1, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rhoegg @actions-user