Cannot publish in such env.

Question

Cannot publish in such env.

Closed this issue 7 months ago · 10 comments

I've wrote a script based on such Flutter SDK env setup in order to publish a Flutter package onto pub.dev. Publishing from GitHub Actions requires OIDC, but once using this action, even if permissions: {id-token: write} is enabled, it cannot authentic with OIDC and the publishing process can never finish.

Here's my publish.yaml file inside .github/workflows folder:

name: publish

on:
  push:
    tags: ["v[0-9]+.[0-9]+.[0-9]+*"]

jobs:
  # https://dart.dev/tools/pub/automated-publishing
  publish:
    runs-on: ubuntu-latest
    permissions: {id-token: write}
    steps:
      - uses: actions/checkout@v4
      - uses: flutter-actions/setup-flutter@v3
      - run: flutter pub get
      - run: flutter pub publish --dry-run
      - run: flutter pub publish --force

Answer 1 · 2024-05-14T07:45:29.000Z

I've found a solution, but it's a little bit waste computational resources: add a line to setup Dart environment using the official Dart setup action, and it can publish normally. Just like the following code:

name: publish

on:
  push:
    tags: ["v[0-9]+.[0-9]+.[0-9]+*"]

jobs:
  # https://dart.dev/tools/pub/automated-publishing
  publish:
    runs-on: ubuntu-latest
    permissions: {id-token: write}
    steps:
      - uses: actions/checkout@v4
      - uses: dart-lang/setup-dart@v1
      - uses: flutter-actions/setup-flutter@v3
      - run: flutter pub get
      - run: flutter pub publish --dry-run
      - run: flutter pub publish --force

But this workflow will also setup a Dart environment, which is repeated, as the Flutter SDK includes a Dart SDK. So it's still recommended to fix something about OIDC in this action repo.

Answer 2 · 2024-05-14T07:46:27.000Z

It's not a problem about version specification. I've tried with specified versions, even older versions, but such problem always appear.

Answer 3 · 2024-05-14T08:35:21.000Z

Can you upload the workflow run raw logs here?

Answer 4 · 2024-05-14T08:45:11.000Z

I think I found the solution to this, since the official dart-lang/setup-dart implement a createPubOIDCToken method to automate the GitHub OIDC Token, it is possible to add this as well.

https://github.com/dart-lang/setup-dart/blob/2986c8e337a31eb7b455ce93dc984e9bf5797756/lib/main.dart#L162-L186

Not able to guarantee when this will be done, but I will try to add it asap.

Answer 5 · 2024-05-14T08:56:16.000Z

Thanks, I can understand where the problem is according to the code you mentioned before. If I'm available, I will also try to fix this problem and make a PR.

Answer 6 · 2024-05-14T13:31:58.000Z

Thanks, I can understand where the problem is according to the code you mentioned before. If I'm available, I will also try to fix this problem and make a PR.

I've put sth together for this particular issue. Maybe you can give it a try https://github.com/flutter-actions/setup-pubdev-credentials.

You can temporarily use the main channel for this time being, v1 is still awaited testing.

Answer 7 · 2024-05-16T06:56:05.000Z

I've put sth together for this particular issue. Maybe you can give it a try https://github.com/flutter-actions/setup-pubdev-credentials.

You can temporarily use the main channel for this time being, v1 is still awaited testing.

Wow, you are so fast. Sorry that I'm really busy these days. I'll try the new action asap once my package's new version is prepared.

Answer 8 · 2024-05-16T08:59:13.000Z

This new action works well and I have already published my new package using such action successfully. Thanks a lot.

Answer 9 · 2024-05-16T09:56:32.000Z

Glad to hear that 😉

Answer 10 · 2024-06-06T08:31:46.000Z

refs: flutter/flutter#148296, dart-lang/setup-dart#68