I pack and publish a NuGet package using a GitHub Actions workflow. The workflow has a _dispatch trigger with an option of which package to publish from my .NET solution.
I use a GITHUB_TOKEN to authenticate to the package registry of my anization and publish to the NuGet feed there.
on:
workflow_dispatch:
inputs:
os-compatibility:
description: OS Compatibility
type: choice
required: true
options:
- Windows
- Linux
env:
ORG_ACCOUNT: MyOrg
jobs:
nuget-publish:
runs-on: ubuntu-latest
if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set environment variables
run: |
echo "PROJ_PATH=$(if [ '${{ github.event.inputs.os-compatibility }}' == 'Windows' ]; then echo WindowsLib/WindowsProj.csproj; else echo LinuxLib/LinuxProj.csproj; fi)" >> $GITHUB_ENV
echo "NUGET_PATH=$(if [ '${{ github.event.inputs.os-compatibility }}' == 'Windows' ]; then echo WindowsLib; else echo LinuxLib; fi)" >> $GITHUB_ENV
echo "NUGET_VER=$(if [ '${{ github.event.inputs.os-compatibility }}' == 'Windows' ]; then echo ${{ vars.WINDOWS_NUGET_VER }}; else echo ${{ vars.LINUX_NUGET_VER }}; fi)" >> $GITHUB_ENV
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 9.0.x
- name: Log into Github NuGet Registry
run: dotnet nuget add source --username "${{ env.ORG_ACCOUNT }}" --password "${{ secrets.GITHUB_TOKEN }}" --store-password-in-clear-text --name github "/${{ env.ORG_ACCOUNT }}/index.json"
- name: Restore dependencies
run: dotnet restore ./src/Project/${{ env.PROJ_PATH }}
- name: Validate version semantic syntax
run: |
if [[ "${{ env.NUGET_VER }}" =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
echo "Version format validated."
else
echo "Invalid version format: ${{ env.NUGET_VER }}"
exit 1
fi
- name: Pack NuGet package
run: dotnet pack ./src/Project/${{ env.PROJ_PATH }} --configuration Release /p:Version=${{ env.NUGET_VER }}
- name: Publish NuGet package
run: dotnet nuget push ./src/Project/${{ env.NUGET_PATH }}/nupkg/*.nupkg -s "github" -k ${{ secrets.GITHUB_TOKEN }}
The interesting this is that publishing the package using the 'Windows' option works fine. But publishing the package using the 'Linux' option throws the following error:
Response status code does not indicate success: 403 (Forbidden).
Here are my .csproj files for both package projects respectively:
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<PackageId>WindowsLib</PackageId>
<Version>1.0.0</Version>
<Description>NuGet package that includes a wrapper with third-party DLLs</Description>
<PackageOutputPath>./nupkg</PackageOutputPath>
</PropertyGroup>
<ItemGroup>
<None Include="libWindows\**\*">
<Pack>true</Pack>
<PackagePath>contentFiles/any/any/libWindows/</PackagePath>
</None>
</ItemGroup>
<ItemGroup>
<Content Include="$(MSBuildThisFileDirectory)..\contentFiles\any\any\libWindows\**\*">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</Content>
</ItemGroup>
</Project>
and
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<PackageId>LinuxLib</PackageId>
<Version>1.0.0</Version>
<Description>NuGet package that includes a wrapper with third-party DLLs</Description>
<PackageOutputPath>./nupkg</PackageOutputPath>
</PropertyGroup>
<ItemGroup>
<None Include="libLinux\**\*">
<Pack>true</Pack>
<PackagePath>contentFiles/any/any/libLinux/</PackagePath>
</None>
</ItemGroup>
<ItemGroup>
<Content Include="$(MSBuildThisFileDirectory)..\contentFiles\any\any\libLinux\**\*">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</Content>
</ItemGroup>
</Project>
This makes me think there might be something wrong with how the library project is packed or the metadata of the package, but I cannot see something I could point my finger at.