dune-release icon indicating copy to clipboard operation
dune-release copied to clipboard

Published 20 hours ago verified publisher icon tarides

Instruct user on remedy when credentials become invalidated

Open shonfeder opened this issue 3 years ago • 4 comments

I received

dune-release: [ERROR] Could not retrieve release ID from response, unexpected Github API error: "Bad credentials"

due to a revoked token that was cached long ago.

There were no further details as to how to fix the credentials. Nor could I find anything in the manual or the README that documented where the token is saved or how to refresh it.

Some nice UI improvement for this edge case would be:

  1. Detect Bad credentials replies and route the user back through the token setup interface.
  2. Document where tokens are saved in README.md and in the publish section of the CLI docs.
  3. Extend dune-release config to be able to handle adding, removing, or resetting the saved token.
  4. Look for the token in the GITHUB_TOKEN env var, and document this. This would facilitate setting up dune-release in CLI: https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret

I think I should be able to help with some or all of these. If you'd find that useful.

Tanks for a great tool! :)

shonfeder avatar Feb 04 '21 11:02 shonfeder

That all seems sensible to me, except probably for 2 which I'd much rather replace entirely with 3.

We already implemented 4 a while ago but it hasn't been released yet (see #284). We're on the verge of releasing 1.5.0 so it'll soon be available.

It might be worth having a specific command for setting/inspecting the token as, as opposed to the other fields in the config, it is sensitive data, stored in a separate file, etc.. For instance we'd like to prompt for it on the standard input while disabling feedback instead of passing it as an argument so that the sensitive token doesn't end up in your bash history.

NathanReb avatar Feb 04 '21 11:02 NathanReb

A separate command to handle the token seems sensible.

shonfeder avatar Feb 05 '21 21:02 shonfeder

I got bitten by the same issue, and the error message with dev version of dune-release is still equally as bad as before. Solution 4 doesn't help, that variable is not set for me.

Drup avatar Apr 22 '21 11:04 Drup

I still haven't had time to lend a hand here, but I hit it again today, and for future reference, the tokens are saved in .config/dune/github.token :)

shonfeder avatar Jul 01 '22 18:07 shonfeder