Problem

The publish-ci.yml workflow is failing with a 403 Forbidden error when trying to push NuGet packages to GitHub Packages. The error occurs because the workflow is attempting to push packages to the fsprojects organization's package registry, but the GITHUB_TOKEN secret only has permissions within the DEXImaging organization context.

Error message:

warn : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured.
  Forbidden https://nuget.pkg.github.com/fsprojects/ 369ms
error: Response status code does not indicate success: 403 (Forbidden).

Solution

Update the workflow to push packages to the DEXImaging organization's GitHub Packages registry instead of fsprojects. This can be accomplished by using the ${{ github.repository_owner }} context variable instead of the hardcoded fsprojects organization name.

Changes Required

In the file .github/workflows/publish-ci.yml:

1. Update the "Add the GitHub source" step to use ${{ github.repository_owner }} instead of hardcoded fsprojects
2. Change the username from USERNAME to ${{ github.repository_owner }} for consistency

Current line (line 50):

run: dotnet nuget add source --username USERNAME --password ${{secrets.GITHUB_TOKEN}} --store-password-in-clear-text --name "github.com" "https://nuget.pkg.github.com/fsprojects/index.json"

Should be changed to:

run: dotnet nuget add source --username ${{ github.repository_owner }} --password ${{secrets.GITHUB_TOKEN}} --store-password-in-clear-text --name "github.com" "https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json"

This change will allow the workflow to successfully authenticate and push packages to the correct GitHub Packages registry that the GITHUB_TOKEN has permissions for.