Not working with `@cycjimmy/semantic-release-action`
felixjb opened this issue · 27 comments
When the semantic release action is executed using the vsce plugin in my repo, Testify, i get the following error:
[8:23:46 PM] [semantic-release] › ✖ EINVALIDVSCETOKEN Invalid vsce token. Additional information:
Error: Command failed with ENOENT: vsce verify-pat
spawn vsce ENOENT
Error: AggregateError:
SemanticReleaseError: Invalid vsce token. Additional information:
Error: Command failed with ENOENT: vsce verify-pat
spawn vsce ENOENT
at module.exports (/home/runner/work/_actions/cycjimmy/semantic-release-action/v3/node_modules/semantic-release-vsce/lib/verify-auth.js:14:11)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async module.exports (/home/runner/work/_actions/cycjimmy/semantic-release-action/v3/node_modules/semantic-release-vsce/lib/verify.js:8:3)
at async verifyConditions (/home/runner/work/_actions/cycjimmy/semantic-release-action/v3/node_modules/semantic-release-vsce/index.js:10:3)
at async validator (/home/runner/work/_actions/cycjimmy/semantic-release-action/v3/node_modules/semantic-release/lib/plugins/normalize.js:34:24)
at async /home/runner/work/_actions/cycjimmy/semantic-release-action/v3/node_modules/semantic-release/lib/plugins/pipeline.js:37:34
at async Promise.all (index 0)
at async next (/home/runner/work/_actions/cycjimmy/semantic-release-action/v3/node_modules/p-reduce/index.js:16:18)
I am using the GitHub secrets to store my Personal Access Token and I double checked that the token is really there.
I also double checked the permissions of said token in the Azure Portal and it has the necessary access specified in the VSCode documentation
When I run the same command as the plugin locally, I get the following result:
The Personal Access Token verification succeeded for the publisher 'felixjb'.
Is this a bug? Am I doing anything wrong?
This is very weird. Perhaps you may have more luck turning debug logs on?
https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging
One suggestion is to run:
vsce verify-pat
Directly in your workflow.
Alright, I'll do that right now!
Actually, nevermind. I think the issue is due to #294 maybe. I'll check it further.
As a temporary workaround, try to run with the last but one version of the plugin. If it works, please let me know to confirm the issue.
So, I ran the workflow again with the debug logs on and it seems like the variable is there:
##[debug]Evaluating: secrets.VSCE_TOKEN
##[debug]Evaluating Index:
##[debug]..Evaluating secrets:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'VSCE_TOKEN'
##[debug]=> '***'
##[debug]Result: '***'
Sorry, I didn't get that. I should try again with the second to last version of the plugin?
Yes, exactly 5.0.14.
Alright. I'll do that now
@felipecrs Do I need to update the version in the package.json too if I'm running the workflow on GitHub Actions?
As a temporary workaround, try to run with the last but one version of the plugin. If it works, please let me know to confirm the issue.
@felipecrs Nope, didn't work either
@felipecrs Do I need to update the version in the package.json too if I'm running the workflow on GitHub Actions?
I don't know... never used the semantic-release-action myself, I just call semantic-release directly. Like in vscode-shellcheck.
I just tried using a full access token and even that didn't work.
Do you think it's possible that because I didn't register a NPM_TOKEN for semantic release, as I am using the private: true option for not publishing to npm registry, it is messing up with the VSCE_PAT?
No, I don't think so. Can you try without using the semantic-release action?
I'm trying to replicate the issue here, but without much success.
Sure. I'll try it now
It seems like it works without the action:
I meant this: felixjb/testify#97
Oh, I see! Wouldn't it be better to make the plugin work with the action?
Yes, but first we need to make sure that's the issue indeed. Right?
Fair enough. Can we continue on this tomorrow then? Haha
What's happening is the following:
- The plugin fails to call vsce (we use execa for that) with ENOENT (file not found)
- This probably means that vsce isn't in the PATH environment variable.
Probably something different happens in the action which makes the PATH variable not be filled properly (i.e. with node_modules/.bin on it).
Fair enough. Can we continue on this tomorrow then? Haha
@felixjb lol, sure. I'm on vacation anyways!
@felipecrs It seems like running the semantic release directly worked! Now I have some other issues that are unrelated.
So, that is it: the plugin cannot verify the PAT when using the GitHub actions at this time. Maybe try explicitly passing the PAT and the publisher to the command can help?
So, that is it: the plugin cannot verify the PAT when using the GitHub actions at this time. Maybe try explicitly passing the PAT and the publisher to the command can help?
I guess the correct assessment is: the plugin cannot call the vsce binary when running upon @cycjimmy/semantic-release-action.
@cycjimmy do you have any clue on why this is happening? The plugin does not do anything special, it just calls the vsce binary here, the same way other semantic-release plugins do.
The catch is that vsce comes from the NPM dependency, therefore, it's executable is on node_modules/.bin.
I believe using execa's preferLocal option, together with #338 may fix this issue. I'll check later.
I'm closing this issue as I believe it's fixed. If someone notices the opposite, please comment here and I can reopen it.