Workflow run successfully but fails to deploy to production

[sikatikenmogne]

The build-and-push-prod workflow defined in miniyotas-deploy.yml runs successfully but fails to deploy to production. The issue appears to be related to a silent 401 Unauthorized error on the Deploy in production job, which indicates "Bad credentials." This error prevents the deployment process from completing as expected.

Error Message:

Run osscameroon/[email protected]
  with:
    service: miniyotas
    type: compose
    env: prod
    patch-field: .services.webapp.image
    patch-value: ghcr.io/osscameroon/miniyotas:db8bd945143d5b086a29b89f068d116519ee1aa9
    file: miniyotas-prod-stack.yml
    gh-token: ***
  env:
    REGISTRY: ghcr.io
    IMAGE_NAME: osscameroon/miniyotas
Run set -e
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100   365  100   109  100   256    608   1429 --:--:-- --:--:-- --:--:--  2050
{
  "message": "Bad credentials",
  "documentation_url": "https://docs.github.com/rest",
  "status": "401"
}

Steps to Reproduce:

1. Trigger the GitHub Actions workflow defined in miniyotas-deploy.yml.
2. Click on the Deploy in production jobs on the log and observe that the workflow completes successfully but does not deploy to production.
3. Check the workflow logs for the 401 Unauthorized error.

Expected Behavior:

The GitHub Actions workflow should authenticate successfully and complete the deployment to production without encountering a 401 Unauthorized error.

Possible Causes:

• The GitHub token (gh-token) provided in the workflow might be invalid or expired.
• The token might not have the necessary permissions.
• There might be a mismatch between the secret name used in the workflow and the actual secret stored in the repository settings.

Proposed Solution:

1. Verify that the GitHub token used in the workflow is correct and has the necessary permissions (e.g., repo, write:packages).
2. If the token has expired or been revoked, generate a new token and update the GitHub Actions secrets.
3. Ensure that the secret name used in the workflow matches the name of the secret stored in the repository settings.

Additional Context:

• Workflow File: /miniyotas-deploy.yml
• Relevant Documentation: https://docs.github.com/rest

Action Items:

• Verify and update the GitHub token.
• Update the GitHub Actions secrets with the new token.
• Ensure the secret name matches in the workflow file.