Travis-Encrypt HTTPError: 403 Client Error: Invalid or non-existent authentication information

Hello,

The Problem

At the official Travis docs they mention that special characters need to be escaped. I'm doing so and still struggling to get Travis to deploy to PYPI. My Project

NOTE: Try --verbose to see response content.
HTTPError: 403 Client Error: Invalid or non-existent authentication information. for url: https://upload.pypi.org/legacy/
.eggs/README.txt already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/LICENSE already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/PKG-INFO already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/RECORD already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/WHEEL already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/entry_points.txt already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/requires.txt already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/EGG-INFO/top_level.txt already exists, no checkout
.eggs/pytest_runner-5.1-py3.6.egg/ptr.py already exists, no checkout
namedex.egg-info/PKG-INFO already exists, no checkout
namedex.egg-info/SOURCES.txt already exists, no checkout
namedex.egg-info/dependency_links.txt already exists, no checkout
namedex.egg-info/not-zip-safe already exists, no checkout
namedex.egg-info/top_level.txt already exists, no checkout
Could not restore untracked files from stash entry
PyPI upload failed.
failed to deploy

Failed Build

Question

Is this problem related to me entering the secret incorrectly?
Do special characters have to be escaped with your tools or do you take care of that?

Example of What I'm Doing

From the root directory of my project I'm doing the following:

travis-encrypt username repo --deploy .travis.yml
Password: \$oVshZ5z\!eG2\&\#Yfpxw\&5q7nB

Note: The above is an example of a password, not the actual password.

Any help or pointing in the right direction is appreciated.

May 24 '19 02:05 JoelMon

Hi @JoelMon thanks for the report. Special characters do not need to be escaped since the password is parsed by the Python libraries rather than bash. If you try without escaping, does the encrypted password work?

May 24 '19 05:05 mandeep

@mandeep, yeah I get the same error when I don't escape the password.

PyPI upload failed.
failed to deploy

Failed to deploy

The command I ran:

user@user-Oryx-Pro:~/Documents/Development/namedex$ travis-encrypt --deploy JoelMon namedex .travis.yml 
Password: 
Encrypted password added to .travis.yml
user@user-Oryx-Pro:~/Documents/Development/namedex$ pipenv shell
Launching subshell in virtual environment…
user@user-Oryx-Pro:~/Documents/Development/namedex$  . /home/user/.local/share/virtualenvs/namedex-arsH05VH/bin/activate
(namedex) user@user-Oryx-Pro:~/Documents/Development/namedex$ bumpversion patch
(namedex) user@user-Oryx-Pro:~/Documents/Development/namedex$ git push
Enumerating objects: 15, done.
Counting objects: 100% (15/15), done.
Delta compression using up to 8 threads
Compressing objects: 100% (9/9), done.
Writing objects: 100% (9/9), 1.52 KiB | 779.00 KiB/s, done.
Total 9 (delta 5), reused 0 (delta 0)
remote: Resolving deltas: 100% (5/5), completed with 4 local objects.
To github.com:JoelMon/namedex.git
   f599dee..9e4badc  master -> master
(namedex) user@user-Oryx-Pro:~/Documents/Development/namedex$ git push --tags
Total 0 (delta 0), reused 0 (delta 0)
To github.com:JoelMon/namedex.git
 * [new tag]         v0.1.12 -> v0.1.12

I checked to make sure the password I was entering was the correct one for PYPI.org and it was. The .travis.yml config file. The namedex project on PYPI.org

~I wish there were more information in the error message as to why it failed to deploy. I'm not sure if it's a problem with my credentials or with the configuration.~ Just reilized that certin sections of the log have to be expanded.

Update

I just added twine_version: 1.13.0 to my .travis.yml file after seeing it being used in this discussion but it didn't help.

Update 2

I found the following when I expanded the Preparing deploy section of the logs which seems like it authenticated fine.

Preparing deploy
Authenticated as JoelM
Cleaning up git repository with `git stash --all`. If you need build artifacts for deployment, set `deploy.skip_cleanup: true`. See https://docs.travis-ci.com/user/deployment#Uploading-Files-and-skip_cleanup.
Saved working directory and index state WIP on (no branch): 10858aa Bump version: 0.1.12 → 0.1.13

Then under the Deploying application under line 666 the following HTTPError is logged:

HTTPError: 403 Client Error: Invalid or non-existent authentication information. for url: https://upload.pypi.org/legacy/

Searching Google for the error + travis-ci has a lot of results related to others having a similar problem and the solution tends to be encrypting the password.

May 24 '19 17:05 JoelMon

@JoelMon sorry to hear that the problems are persisting. It seems that this is indeed an authentication failure. When you are entering the password, are you using quotes or anything? Nothing immediately jumps out to me as to why this is occurring.

Edit: One thing to try is to only build on one Python version, and see if deployment is successful. I remember this being a problem not too long ago.

May 25 '19 08:05 mandeep

@mandeep not a problem. I'm new to all of this so I wouldn't be surprised if I'm doing something wrong; and if it's a bug then I'm happy I can contribute a bug report! :)

When you are entering the password, are you using quotes or anything? Nothing immediately jumps out to me as to why this is occurring.

I'm not adding quotes. What I do is that I open my password manager and click the copy to clipboard icon which copies my password free of any extra whitespace. Then in Gnome Terminal I paste (ctr+shift+v) it when travis-encrypt asks for the password.

One thing to try is to only build on one Python version, and see if deployment is successful. I remember this being a problem not too long ago.

Do you mean removing line 4, - 3.5, from the .travis.yml file? I'll try it later today, I'm currently on my phone.

language: python
python:
- 3.6
- 3.5
install: pip install -U tox-travis
script: tox
deploy:
  provider: pypi
  twine_version: 1.13.0
  distributions: sdist bdist_wheel
  user: JoelM
  password:
    secure: E9JVgRVVLYSNy+602ZSUca51K6NGmkSI2j/n6G8gDI6Be6OVPVjMtUk7Cq2c6qiY+z19xtorzoMFdxLMroZPsA1iHz+fV4p6Ct1+rmmzfQOR9s24ylPpG8V6yQvbnz9VSOCgh3fiA/Ete5SxkIO2iHOIP4gAOomhwc3xS/Nl9aiw/AYAzCJGimsXCICTyKW/J8a1o5mdRr2MVmkiOhame4CWk+TtNuI7w2jT/WYIwy9vYDWt5JiawVksBQsQMaVaOUqCJWdTWgKyig1A3n+A1B/j6URCm9Yyg+pPhwF6GzF58AxHy8azusv0n2xWtVz/goj+i9TXTzaykN4b2vf1Bfqdy32mssAFUkuGRMm8wuceGO8s2bZ20pVWwpn727SiRPd43OU5z6TpwaH+VUegjhWIhtLCu+LljeTPnoPD+Uy4dDEy8KBMbBSr53X3mmP7k1pDtkr1qNBNZ3dDZPA+T0SB2pkmVdZdJEG+HSkfYD6rLuCvHemWlrgVP06r1Yxq1BswnUSx8UN+/phLb34Z+up6PjCxPIdwPbpcVIrzwFWOZ4wXZCdyFVKaGLRkHfRkIL2U7yTEU1jrr+BNnfd6TP+EJUNuPJz5a3EO+nI6ryXNn6Zvw7ZHiX0b+IduBDN+7a4phPutWx8jX/QRhYhKxKSs8AD7MUUNTfOhTJKDI4I=
  true:
    tags: true
    repo: JoelMon/namedex
    python: 3.6

May 25 '19 12:05 JoelMon

The travis.yml file looks good, although I'm unfamiliar with twine so I can't attest to it. I made a change recently to travis-encrypt so that it supports travis-ci.com, and I'm wondering if this change is the cause here. I'll dig deeper and see if I can find a solution.

May 25 '19 17:05 mandeep

I'm able to deploy using a password that contains special characters so I'm not sure what the problem is here. @JoelMon are you deploying to travis-ci.org or travis-ci.com?

May 26 '19 21:05 mandeep

Changes Made

Made the follow two changes to my .travis.yml

One thing to try is to only build on one Python version, and see if deployment is successful. I remember this being a problem not too long ago.

I removed the - 3.5 bit from .travis.yml, only 3.6 should be built now.

The travis.yml file looks good, although I'm unfamiliar with twine so I can't attest to it.

I removed the twine_version: 1.13.0 line from .travis.yml.

travis-ci.org

are you deploying to travis-ci.org or travis-ci.com?

I'm using my https:www.travis-ci.org account.

Observation:

HTTPError: 403 Client Error: Invalid or non-existent authentication information. for url: https://upload.pypi.org/legacy/ @mandeep, the script is using https://upload.pypi.org/legacy/. Might that be the issue?

Forking

As an idea, would it help if you forked my project then tried to deploy using travis-ci.org to test.pypi.org? That may rule out some bone headed mistake that I'm doing on this end.

May 26 '19 22:05 JoelMon

After reviewing the Travis docs, I believe there could be a typo in your travis configuration file. Currently your config looks like this:

deploy:
  provider: pypi
  twine_version: 1.13.0
  distributions: sdist bdist_wheel
  user: JoelM
  password:
    secure: E9JVgRVVLYSNy+602ZSUca51K6NGmkSI2j/n6G8gDI6Be6OVPVjMtUk7Cq2c6qiY+z19xtorzoMFdxLMroZPsA1iHz+fV4p6Ct1+rmmzfQOR9s24ylPpG8V6yQvbnz9VSOCgh3fiA/Ete5SxkIO2iHOIP4gAOomhwc3xS/Nl9aiw/AYAzCJGimsXCICTyKW/J8a1o5mdRr2MVmkiOhame4CWk+TtNuI7w2jT/WYIwy9vYDWt5JiawVksBQsQMaVaOUqCJWdTWgKyig1A3n+A1B/j6URCm9Yyg+pPhwF6GzF58AxHy8azusv0n2xWtVz/goj+i9TXTzaykN4b2vf1Bfqdy32mssAFUkuGRMm8wuceGO8s2bZ20pVWwpn727SiRPd43OU5z6TpwaH+VUegjhWIhtLCu+LljeTPnoPD+Uy4dDEy8KBMbBSr53X3mmP7k1pDtkr1qNBNZ3dDZPA+T0SB2pkmVdZdJEG+HSkfYD6rLuCvHemWlrgVP06r1Yxq1BswnUSx8UN+/phLb34Z+up6PjCxPIdwPbpcVIrzwFWOZ4wXZCdyFVKaGLRkHfRkIL2U7yTEU1jrr+BNnfd6TP+EJUNuPJz5a3EO+nI6ryXNn6Zvw7ZHiX0b+IduBDN+7a4phPutWx8jX/QRhYhKxKSs8AD7MUUNTfOhTJKDI4I=
  true:
    tags: true
    repo: JoelMon/namedex
    python: 3.6

when it should probably look something like this:

deploy:
  provider: pypi
  twine_version: 1.13.0
  distributions: sdist bdist_wheel
  user: JoelM
  password:
    secure: E9JVgRVVLYSNy+602ZSUca51K6NGmkSI2j/n6G8gDI6Be6OVPVjMtUk7Cq2c6qiY+z19xtorzoMFdxLMroZPsA1iHz+fV4p6Ct1+rmmzfQOR9s24ylPpG8V6yQvbnz9VSOCgh3fiA/Ete5SxkIO2iHOIP4gAOomhwc3xS/Nl9aiw/AYAzCJGimsXCICTyKW/J8a1o5mdRr2MVmkiOhame4CWk+TtNuI7w2jT/WYIwy9vYDWt5JiawVksBQsQMaVaOUqCJWdTWgKyig1A3n+A1B/j6URCm9Yyg+pPhwF6GzF58AxHy8azusv0n2xWtVz/goj+i9TXTzaykN4b2vf1Bfqdy32mssAFUkuGRMm8wuceGO8s2bZ20pVWwpn727SiRPd43OU5z6TpwaH+VUegjhWIhtLCu+LljeTPnoPD+Uy4dDEy8KBMbBSr53X3mmP7k1pDtkr1qNBNZ3dDZPA+T0SB2pkmVdZdJEG+HSkfYD6rLuCvHemWlrgVP06r1Yxq1BswnUSx8UN+/phLb34Z+up6PjCxPIdwPbpcVIrzwFWOZ4wXZCdyFVKaGLRkHfRkIL2U7yTEU1jrr+BNnfd6TP+EJUNuPJz5a3EO+nI6ryXNn6Zvw7ZHiX0b+IduBDN+7a4phPutWx8jX/QRhYhKxKSs8AD7MUUNTfOhTJKDI4I=
  on:
    tags: true

Not sure if this will make a difference, but hopefully it can rule of some things.

May 26 '19 22:05 mandeep

I made the updates to my .travis.yml file you suggested. I also manually typed in my password and had the secured password printed on to the screen which I then copied by hand into the .travis.yml. Still a no go. :(

I guess I'm destined to upload to pypi manually like a second class chump. sigh

May 26 '19 23:05 JoelMon

It still looks like your travis.yml looks like this:

true:
    tags: true

instead of

on:
  tags: true

May 29 '19 02:05 mandeep

Although I hand edit .travis.yml to

on:
  tags: true

The same problem persists.

Also, I found that the script is changing on: to true: when the --deploy flag is used. More details in issue #17.

May 29 '19 19:05 JoelMon

Interesting. I'll keep digging into this; hopefully we can find a solution.

May 30 '19 04:05 mandeep

I've done a little digging around and found the following:

USERS WITH TRAVIS-ENCRYPT IN THERE requirement.txt FILE

Unscessful Deployment	Scessful Deployment
oddjobz/pynndb	srijanss/createpy
pipenv-to-requirements	opencobra/memote
pmwachira/Testing-and-Deploying-Python-Projects-with-Travis-CI

This seems like a well put together config file(opencobra/memote):

jobs:
  include:
    - stage: deploy
      install: skip
      script:
        - make reports
        - pip install --upgrade pip setuptools wheel
      after_success:
        - pip --version
      deploy:
        - provider: pypi
          skip_cleanup: true
          distributions: sdist bdist_wheel
          user: midnighter
          password:
            secure: kNj5W/9vLd77d9FXEi8QZxb+8NDJzqDQYrIrrqq5tqqVRcBt/PAkMQ5PrwuBeNxNJALun8RSM2Mq/hDYijQ6lqxyFMpECKXmtDXb5OeMgQvQ5y96OHo0VXqoA1nELdJJp6lHKUxKaH75bfp9s7506n9teHUvlGdP0eE+E17XtRax5zuWv/IOqolF//mT6TzdKIIMrnZFZ2XxxNYuqk7GNym7ywccuZNNRSLJn6lKEAYlsGUQlm76YbGSSvrDKMfTrB2nChzrjEzsfpPUZJfdqSjz8vjJgyLgGZhMJ/hfWM3i6buaAhpvxsVW9SXbUA9DTfQkMOUKd3RmhE6HgOp9Bd04g4oY7e7v72b3Agiz7H2edJCrtLlVMTS5uzqqzgoL0lfYfu3dn/g8xxla3FeQy2GFDdDmEJ3XhFTgUyLKhW8CCjmEX4Fgi0bf2CUqt/NXK3JU2iSrFndpvRfD+BvA3WCfPX5IhwSOkYh1HESxhc6POPw2hYj8L/Gpa30sbGh8XMTMW7mKp9se6xy/vfNVxB0J7fnKyh94API7U32Zsuw4CVIU/FXrgkjvZf7DR2lM0KXDKldixsyhyEbo3IdOkg5GHZE+PiREmUFioOAZfxD+GrcTj4Xw53WhDu2wi4RtH5J21PhdNDzM61gK1iiSSDt9At6XnJkHDz1z7jdDt0E=
          on:
            tags: true
            repo: $GITHUB_REPO
        - provider: releases
          skip_cleanup: true
          api_key: $GITHUB_TOKEN
          body: "Please see https://github.com/${GITHUB_REPO}/blob/${TRAVIS_TAG}/HISTORY.rst for the full release notes."
          on:
            tags: true
            repo: $GITHUB_REPO

May 30 '19 22:05 JoelMon

It looks like the ones that errored out with 403 are ones with tagged releases. If you try a release on your master branch (don't try this if you don't wanto to) does your deployment work?

May 31 '19 02:05 mandeep

Made a few changes to .travis.yml

language: python
python:
- 3.6
install: pip install -U tox-travis
script: tox
deploy:
  true:
    branch: master
  provider: pypi
  distributions: sdist bdist_wheel
  user: JoelM
  password:
    secure: [secret]

https://travis-ci.org/JoelMon/namedex/jobs/540562876/config

I get the following: Skipping a deployment with the pypi provider because this branch is not permitted: v0.1.21

Jun 03 '19 03:06 JoelMon

You would need to merge 0.1.21 to master and then push master, but it looks like you tried that and still got a 403 error.

Jun 03 '19 03:06 mandeep