Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Doc Update: Only read permission token works for resolving artefacts #17

Open
kpritam opened this issue Apr 10, 2020 · 1 comment
Open

Doc Update: Only read permission token works for resolving artefacts #17

kpritam opened this issue Apr 10, 2020 · 1 comment

Comments

@kpritam
Copy link

kpritam commented Apr 10, 2020

Following paragraph from README.md says that even for resolving artefacts published to github package registry, it requires token with write package permission.

As an example, the documentation claims that, if you aren't publishing,
your token only requires the read: package grant (and not write: package).
Based on testing, as of right now, that appears to be false: 
write: package is required for all API calls against GitHub Packages,
including resolution.

But seems like that is not the case anymore. I have tried publishing with default secrets.GITHUB_TOKEN using github action but was able to resolve using a token which has just read packages permission.

Just to quickly check, you can open up this url in browser and provide
username: your github username
password: Personal Access Token with just read packages permission

https://maven.pkg.github.com/kpritam/gpr-playground/com/github/kpritam/gpr-playground/gpr-playground_2.13/1.0.3/gpr-playground_2.13-1.0.3.pom
@djspiewak
Copy link
Owner

Fantastic! I'll update the docs. This is a wonderful bug fix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@djspiewak @kpritam