Push built Artifact *.exe to Github "Release" (opensource, public repos, dev account)

fcgleason's Avatar

fcgleason

20 Apr, 2019 03:01 AM

Opensource public repository: https://github.com/rgleason/weatherfax_pi/tree/deploy-windows (Branch: deploy-window)
Appveyor.yml file in github repository builds and completes https://github.com/rgleason/weatherfax_pi/blob/deploy-windows/appve...

I would like to push the Appveyor result to Git "Release" when EG: "Git push origin tag v1.9.2-ov42" is issued to add a new tag to the remote repository, however this is the most recent report:
Source Appveyor Directory & File:
Destination Git Release Directory:

Creating "weatherfax_pi-v1.9.2-ov42-win32" release for repository "rgleason/weatherfax_pi" tag "v1.9.2-ov42" commit "a12e3b0407eb46d1cd84a82b2d2297a61416f683"...Error creating GitHub release: Provider setting not found or it's value is empty. If secure setting is used please check that value was encrypted (or YAML was exported) while being logged under correct account.
Parameter name: auth_token

What I have done:

Creating github personal access token
https://www.appveyor.com/docs/how-to/git-push/#creating-github-pers...

  • Select "Personal Access Tokens" pick "Generate new Token" .
  • In description enter something like "appveyor_auth_token".
  • Available scopes: https://developer.github.com/apps/building-oauth-apps/understanding...
  • For the purpose of pushing new tagged releases to github, in the scopes box check "repo" Then "Update"
  • Then copy the access_token as it will not show again for security!! Paste it somewhere safe!!

Configuring build secure variable with access token
https://www.appveyor.com/docs/how-to/git-push/#configuring-build-se...

  • Encrypt the access token on Appveyor: https://ci.appveyor.com/tools/encrypt
  • Encrypt access token on “Encrypt configuration data” page in AppVeyor (Settings → Encrypt YAML)
  • and then put it as secure variable into your appveyor.yml file, for example:

... environment: auth_token: secure: xxxxxx (not shown, but it was encryted.) ...

The appveyor.yml head was:

 environment:
  appveyor_auth_token:
   secure: xxxxxxxx etc ==
artifacts: # push all files in directory
  - path: build\weatherfax_pi*.exe
    name: installer
# Deploy to GitHub Releases
deploy:
    release: weatherfax_pi- $(APPVEYOR_REPO_TAG_NAME)-win32
    description: 'Release of weatherfax_pi $(APPVEYOR_REPO_TAG_NAME) tag created by AppVeyor build $(appveyor_build_version)'
  - provider: GitHub
    artifact: installer, portable
    draft: true
    prerelease: true
    tag: $(APPVEYOR_REPO_TAG_NAME)
    on:
#     APPVEYOR_REPO_TAG: true   # deploy on tag push only
      configuration: Release    # Debug contains non-redist MS DLLs
#     branch: master   # release from master branch only

What have I done wrong here? Thanks.
Rick

  1. 1 Posted by fcgleason on 21 Apr, 2019 12:55 PM

    fcgleason's Avatar

    I am getting this result now:

    Collecting artifacts...
    Found artifact 'build\weatherfax_pi-1.9.002-ov42-win32.exe' matching 'build*.exe' path
    Uploading artifacts...
    [1/1] build\weatherfax_pi-1.9.002-ov42-win32.exe (721,826 bytes)...100% Deploying using GitHub provider
    Creating "weatherfax_pi-v $(APPVEYOR_REPO_TAG_NAME) -win32" release for repository "rgleason/weatherfax_pi" tag "$(APPVEYOR_REPO_TAG_NAME)" commit "fa47cfbf64a54ab84b8554d6d9f2399c20969273"...Error creating GitHub release: Provider setting not found or it's value is empty. If secure setting is used please check that value was encrypted (or YAML was exported) while being logged under correct account.
    Parameter name: auth_token

    I have made a Personal Token, selecting "Repro" in the check box for both public and personal read/write, entered a description of "appveyor_auth_token" hit "update", and then encrypted the access token on: https://ci.appveyor.com/tools/encrypt

    Then used the result at the environment head of the appveyor.yml file

    environment:
      auth_token:
        secure: xxxxxx (not shown, but it was encryted.)
    
    Am I doing this correctly? I thought it had to be associated with each repository to work. How is this done? Or have I taken the wrong steps?
  2. 2 Posted by fcgleason on 21 Apr, 2019 12:57 PM

    fcgleason's Avatar

    Appveyor.yml

    HEAD

    #    General Configuration      #
    #    Environment Configuration    #
    environment:
      auth_token:
        secure:'mbgPeg6VB7oIYlnLQNd4XDi5/i46y+O/xXNKsnfdFFusOJjfxS5F1U1yZISa3aGg=='
    # Appveyor auth token encrypted  
    # Build worker image (VM template)
    image:
    - Visual Studio 2015
    
    # scripts that are called at very beginning, before repo cloning
    # init:
    
    version: 1.9.{build}
    # clone directory
    clone_folder: c:\project\weatherfax_pi
    # fetch repository as zip archive
    shallow_clone: true   # default is "false"
    # set clone depth, clone entire repository history if not defined
    # clone_depth:5
    

    BOTTOM

    build_script:
      # - cmake --build . --config debug
      - cmake --build . --target package --config release
    
    # Artifacts Configuration    #
    artifacts: # push all files in directory
      path: build\*.exe
      name: installer
    # Deploy to GitHub Releases
      
    deploy:
    
      release: weatherfax_pi-v $(APPVEYOR_REPO_TAG_NAME) -win32
      description: 'Release of weatherfax_pi $(APPVEYOR_REPO_TAG_NAME) tag created by AppVeyor build $(appveyor_build_version)'
      provider: GitHub
      artifact: installer, portable
      draft: true
      prerelease: true
      tag: $(APPVEYOR_REPO_TAG_NAME) # will not work until tag is pushed
      on:
    #   APPVEYOR_REPO_TAG: true   # deploy on tag push only
        configuration: Release    # Debug contains non-redist MS DLLs
    #   branch: master   # release from master branch only
    
  3. 3 Posted by fcgleason on 21 Apr, 2019 01:37 PM

    fcgleason's Avatar

    For GitHub Deployment to work shallow_clone must be set to false.
     I have it set to true.
    https://help.appveyor.com/discussions/problems/8009-github-release-deployment-issue

  4. 4 Posted by fcgleason on 21 Apr, 2019 01:43 PM

    fcgleason's Avatar

    Could try creating a release like this
    https://help.appveyor.com/discussions/problems/2971-github-deployment#comment_37865264

    Read for formatting:
    https://help.appveyor.com/discussions/problems/2975-github-deployment#comment_37876490

    Issues pushing Tags, Rolling builds:
    https://help.appveyor.com/discussions/problems/3362-deployment-to-github

    Example, making the tag in appveyor from variables?
    https://github.com/tgjones/dryrunner/blob/master/appveyor.yml

    =================
    So in summary: I have a workflow formula that should trigger a simultaneous release
    of both Linux and Windows binaries. Which is good. Thanks!!
    https://help.appveyor.com/discussions/problems/3362-deployment-to-github

    At present if a commit message contains [ci skip] Appveyor will skip
    building.

    It would be useful if Travis did the same, then I would have a unified per
    commit way to skip building when I’m, say, changing documentation.

    It would also be useful if Appveyor recognised

    [appveyor skip]

    and Travis

    [travis skip]

    so if I am working on a platform dependent part of the code
    I can trigger one CI builder but not the other.

    Of course I can control builds by rewriting appveyor.yml and .travis.yml
    every commit (eg renaming them to something else will prevent building).
    But that’s a pretty heavyweight way to do a commit :)
    =================

    Use of isgithubrelease
    https://github.com/tgjones/dryrunner/blob/master/appveyor.yml

    Trouble shoot using powerscript from local machine
    https://help.appveyor.com/discussions/questions/18741-publishing-to-github-releases-fails-sending-the-request

    Workflows to Publish
    https://help.appveyor.com/discussions/questions/1106-github-release-deployment-hows-this-supposed-to-work

    Trying to do a simple build and push.
    https://help.appveyor.com/discussions/problems/21897-trying-to-do-a-simple-github-deploy

  5. 5 Posted by fcgleason on 21 Apr, 2019 02:12 PM

    fcgleason's Avatar

    Making shallow_clone: false was not the problem

    Deploying using GitHub provider
    Creating "weatherfax_pi-v $(APPVEYOR_REPO_TAG_NAME) -win32" release for repository "rgleason/weatherfax_pi" tag "$(APPVEYOR_REPO_TAG_NAME)" commit "1e2f6651cb14fa996198b915e6ff315d5c73fb6a"...Error creating GitHub release: Provider setting not found or it's value is empty. If secure setting is used please check that value was encrypted (or YAML was exported) while being logged under correct account.
    Parameter name: auth_token
    
  6. Support Staff 6 Posted by Owen McDonnell on 22 Apr, 2019 03:39 PM

    Owen McDonnell's Avatar

    Can you clarify what your current issue is? Is it simply that you are unable to deploy to GitHub release?
    Can you try putting the auth token in the deploy: settings as per the documentation.
    i.e.

    deploy:
      auth_token:
        secure: <your encrypted token> # your encrypted token from GitHub
      release: weatherfax_pi-v $(APPVEYOR_REPO_TAG_NAME) -win32
      description: 'Release of weatherfax_pi $(APPVEYOR_REPO_TAG_NAME) tag created by AppVeyor build $(appveyor_build_version)'
      provider: GitHub
      artifact: installer, portable
      draft: true
      prerelease: true
      tag: $(APPVEYOR_REPO_TAG_NAME) # will not work until tag is pushed
      on:
        configuration: Release    # Debug contains non-redist MS DLLs
    
  7. 7 Posted by fcgleason on 23 Apr, 2019 03:56 AM

    fcgleason's Avatar

    Thanks Owen, for looking at this. I tried moving the auth_token down to deploy as you suggested:

    I still seem to be getting this:

    Collecting artifacts...
    Found artifact 'build\weatherfax_pi-1.9.002-ov42-win32.exe' matching 'build*.exe' path
    Uploading artifacts...
    [1/1] build\weatherfax_pi-1.9.002-ov42-win32.exe (721,838 bytes)...100%
    Deploying using GitHub provider
    Creating "$(APPVEYOR_REPO_TAG_NAME)" release for repository "rgleason/weatherfax_pi" tag "$(APPVEYOR_REPO_TAG_NAME)" commit "c24ab24f3b53bb7b016da6720eebd3233514aae3"...Error creating GitHub release: Error reading repository 'rgleason/weatherfax_pi' releases: 401 - Unauthorized
    

    This is an unauthorized reading error of the rgleason/weatherfax_pi
    I am not sure why it is trying to read that.

    I would like to push the artifact file here

    to my github release location here

    when I have push a new tag to the github repository. Right now I have that disabled, because I think it works, but I am getting this auth error, so I am just trying to deploy the file with every commit.

    It looks to me like it might have happened once, when I pushed a new tag but did not see it v1.9.2-ov42 when I "changed to "appveyor_auth_token" but it resulted in an error, see this which does have a file that was uploaded.

    Do you have any other suggestions?

    could I try git push or something as a way to test the authorization?

  8. 8 Posted by fcgleason on 23 Apr, 2019 10:52 AM

    fcgleason's Avatar

    When I encrypted the public key using the appveyor encryption page here I gave it a description of "appveyor_auth_token" and using that as the designator seems to work to create a "release". So I will use that instead of "auth_token" in hopes that future releases are more successful.

    The second part of this this problem is that the file is not being copied. Perhaps the reason is that source is not being "found" and thus can't be "read".

    I have to check pathnames and verify what all the deploy settings do.

  9. 9 Posted by fcgleason on 23 Apr, 2019 10:57 AM

    fcgleason's Avatar

    Under "Account Details" "Authorizations" I find

    AppVeyor is authorized to act on behalf of rgleason GitHub account with admin:repo_hook, read:org, repo:status scope.
    Don't see org resources? Ensure organization access is granted to AppVeyor CI application.

    I am not sure that this covers write to the github "release" directory.

    Under my Github overall "Settings" (not for a certain repository) The OAuth Apps listed are:

    Appveyor
    - Read org and team membership, read org projects - Access user email addresses (read-only)

    Appveyor CI
    - Full control of repository hooks - Read org and team membership, read org projects - Access commit status

    Under a note "Read about Third Party Access"
    I wonder if I need to become a git "organization" in order to be able to copy a file to a particular github "Release" directory?
    https://help.github.com/en/articles/enabling-oauth-app-access-restr...

    This github page is about Enabling OAuth Apps restrictions for your Organization

    This github page is about Authorizing OAuth Apps

    OAuth App access OAuth Apps can have read or write access to your GitHub data. Read access only allows an app to look at your data. Write access allows an app to change your data.

    So it looks like my permissions might not be configured properly, or need to be checked.

    Earlier, under Github, > Setttings > Developer Settings
    I created a "Personal Access Token" with the description appveyor_auth_token"
    When this was done the scope checked was "Repo -Full control of Private Repositories" which gives repo-status, repo-deployment, public-repo, repo-invite.

    Perhaps this is not enough, I need to be able to write to the Release directory.
    Should I also check ADMIN: REPO-HOOK?

    The public key was then encryped

  10. 10 Posted by fcgleason on 23 Apr, 2019 12:10 PM

    fcgleason's Avatar

    Progress: After un-commenting the

    APPVEYOR_REPO_TAG: true # deploy on tag push only

    and making a commit and then pushing it up to origin, then making another commit to change the tag "git tag v1.9.3-0v42" and "git push origin v1.9.3-ov42"

    I find that the new "Release" folder exists, however the *.exe file is not there.

    Now I realize that this Release folder is being created from my local repos, by my git push of the tag to origin. So appveyor has nothing to do with this. Also appveyor finished with

    Collecting artifacts...
    Found artifact 'build\weatherfax_pi-1.9.002-ov42-win32.exe' matching 'build*.exe' path
    Uploading artifacts...

    [1/1] build\weatherfax_pi-1.9.002-ov42-win32.exe (721,835 bytes)...100% Deploying using GitHub provider Creating "v1.9.3-ov42" release for repository "rgleason/weatherfax_pi" tag "v1.9.3-ov42" commit > "cd57cabe32ce5347f6f89ce1488f171233fbf0d0"...Error creating GitHub release: Provider setting not found or it's value is empty. If secure setting is used please check that value was encrypted (or YAML was exported) while being logged under correct account. Parameter name: auth_token

    As stated before, I have created a Github Personal Auth and encryted the public key using the Yaml encryption and have used that in the appveyor.yml file.

  11. 11 Posted by fcgleason on 23 Apr, 2019 11:45 PM

    fcgleason's Avatar

    Some links that might be useful:

    Build hanging in 'on_success' during git push

    If it has been encrypted make sure you're doing so from the same account your building on and syntax should be, environment: access_token: secure:

    • The token i use only has "repo" permissions.I can't imagine granting all permissions could possibly do anything to interrupt this process...
    • Created a new token only with the "repo" permission, same behavior. On the agent it stucks in the git push, but in the RDP session, it works. May it be a different version of git.exe?
    • The end result of this discussion was unsuccessful. The push to release did not work.

    RDP Remote Desktop

    GitHub deployment

    Deploying to GitHub releases

    How to release automatically your artifact to GitHub dated 2014, since then I think appveyor has more automation.

    Push tags to git

    Posted in 2015, have things changed?

    build from release tarball or CVS checkout Not something I am doing now, but might be needed.

    How do you specify artifacts for a GitHub release? Useful for path names etc.

  12. 12 Posted by fcgleason on 24 Apr, 2019 12:39 AM

    fcgleason's Avatar

    Just found another page with more info about webhooks on the repository webpage.

    https://github.com/rgleason/weatherfax_pi/settings/hooks

    So webhooks will permit push. Just get the auth_token working!

  13. 13 Posted by fcgleason on 24 Apr, 2019 01:31 AM

    fcgleason's Avatar

    Creating a new Personal Access Token, encrypting and adding the result to appveyor.yml

    New Github Personal Access Token

    Log into Github Account and create a Git Personal Access Token
    Go to Account > Settings (from upper right dropdown) > Developer Settings at bottom > Personnal Access Tokens
    https://github.com/settings/tokens

    Generate a new token, add description "appveyor_auth_token"
    When it is created, copy it immediately to your clipboard as it will disappear. Also Edit the Personnel Token to set the scope to "repo" with a check in the checkbox.

    Appveyor Yaml Encryption

    Go to Yaml Encryption https://ci.appveyor.com/tools/encrypt and paste the Personnel Token into the encrypt-er. Then copy the result, which is then used in the appveyor.yml file.

    environment: auth_token: secure: VVAVg9a8n+XgesI85/cXrXyNeStivq8FynlajE94lGUtzDGeu5PMWI5f1OSYg0tS

    or under deploy:

    appveyor_auth_token: secure: VVAVg9a8n+XgesI85/cXrXyNeStivq8FynlajE94lGUtzDGeu5PMWI5f1OSYg0tS https://ci.appveyor.com/tools/encrypt

    Verify the appveyor.yml file (it passed)

    https://ci.appveyor.com/tools/validate-yaml

  14. 14 Posted by fcgleason on 24 Apr, 2019 02:04 AM

    fcgleason's Avatar

    Once again this was the error
    https://ci.appveyor.com/project/rgleason/weatherfax-pi

    Collecting artifacts...
    Found artifact 'build\weatherfax_pi-1.9.3-ov42-win32.exe' matching 'build\*.exe' path
    Uploading artifacts...
    [1/1] build\weatherfax_pi-1.9.3-ov42-win32.exe (721,813 bytes)...100%
    Deploying using GitHub provider
    Creating "$(APPVEYOR_REPO_TAG_NAME)" release for repository "rgleason/weatherfax_pi" tag "$(APPVEYOR_REPO_TAG_NAME)" commit "358efcbda183e48f52e47dc35495a277dc95c60b"...
    Error creating GitHub release: Provider setting not found or it's value is empty. 
    If secure setting is used please check that value was encrypted 
    (or YAML was exported) while being logged under correct account.
    Parameter name: auth_token
    

    Something has been done wrong. The real question is what is it?

    Appveyor validation passed, but the security: is not working.

    https://github.com/settings/security shows

    Security history

    This is a security log of important events involving your account. an hour ago
    oauth_authorization.create – Personal access token (appveyor_auth_token) an hour ago oauth_authorization.destroy – Personal access token (appveyor_auth_token) deleted on github.com 4 days ago user.login – Originated from 73.60.236.200 4 days ago public_key.verification_failure 4 days ago public_key.delete – appveyor_deploy_key - 77:79:94:c3:21:03:5b:4f:37:c0:05:b2:61:4f:b1:92

    Under Github Account > Developer Settings > Personal Access
    https://github.com/settings/tokens

    shows appveyor_auth_token as never being used again!

    https://github.com/rgleason/weatherfax_pi/commits/deploy-win2

  15. 15 Posted by fcgleason on 24 Apr, 2019 03:10 AM

    fcgleason's Avatar
    Error creating GitHub release: Provider setting not found or it's value is empty. 
    If secure setting is used please check that value was encrypted 
    (or YAML was exported) while being logged under correct account.
    
    • What provider setting is not found or is empty?
    • The Github Personal Access Token was encrypted using Appveyor Yaml encryption
    • The result is used with security: xxxxxx
  16. 16 Posted by fcgleason on 24 Apr, 2019 03:14 AM

    fcgleason's Avatar

    I am beginning to think that there is not a good answer as to how to accomplish this task and am ready to quit this insanity.

  17. 17 Posted by fcgleason on 24 Apr, 2019 03:40 AM

    fcgleason's Avatar

    Simplifying and eliminating the Tag operations have allowed the Artifact *.exe file to be pushed to Git Release. See Release 1.9.149 https://github.com/rgleason/weatherfax_pi/releases/tag/untagged-87f...

    The deploy settings are now:

    build_script:
      # - cmake --build . --config debug
      - cmake --build . --target package --config release
    
    # Artifacts Configuration    #
    artifacts: # push all files in directory
      path: build\*.exe
      name: installer
    # Deploy to GitHub Releases
      
    deploy:
      provider: GitHub
      auth_token:
        secure: VVAVg9a8n+XgesI85/cXrXyNeStivq8FynlajE94lGUtzDGeu5PMWI5f1OSYg0tS
      artifact: installer, portable
      draft: true
      prerelease: true
    #  tag: $(APPVEYOR_REPO_TAG_NAME) # will not work until tag is pushed
      on:
        configuration: Release    # Debug contains non-redist MS DLLs
    #   APPVEYOR_REPO_TAG: true   # deploy on tag push only
    #   branch: master   # release from master branch only
    

    Now I have to figure out how to
    1. Push artifacts to release when I push a new Tag and show a green check.
    2. When a new Tag is not pushed, just create the artifact and show a green check.

  18. Support Staff 18 Posted by Owen McDonnell on 24 Apr, 2019 01:22 PM

    Owen McDonnell's Avatar

    As per the docs on GitHub deployment, a description: key for release description is mandatory.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac