ARM build-and-upload jobs failing due to expired CircleCI GITHUB_TOKEN

[pinin4fjords]

Summary

ARM (linux-aarch64 and osx-arm64) "build and upload" jobs on CircleCI appear to be consistently failing with a BadCredentialsException. I noticed this on my rustqc PRs (#64095, #64099), and after some investigation it looks like it may be affecting all packages with additional-platforms.

Note: This analysis was done with AI assistance (Claude), so the broader conclusions below should be verified by someone with access to the CircleCI project.

Error

The error from the rustqc CircleCI jobs shows bioconda-utils handle-merged-pr crashing at what appears to be artifacts.py:

github.GithubException.BadCredentialsException: 401 {"message": "Bad credentials", "documentation_url": "https://docs.github.com/rest", "status": "401"}

This seems to occur when upload_pr_artifacts() attempts to authenticate with GitHub using the GITHUB_TOKEN env var configured in the CircleCI project.

Observed Pattern

Looking at recent master commits, we noticed a pattern that appears consistent (though we may be missing nuance):

• ARM jobs that fail seem to be for packages with additional-platforms declared
• ARM jobs that succeed seem to be for packages without additional-platforms, where the job exits early at "Check for Additional Platforms" before reaching the authentication step

If this pattern holds, it would suggest the issue is systemic rather than package-specific. x86_64 builds/uploads via GitHub Actions appear unaffected, presumably because GHA provides its own valid token.

Approximate Timeline

Based on spot-checking recent CI results:

• Last successful ARM upload we found: rust-proseg, ~March 23 2026
• First ARM failure we found: pywfa, ~March 24 2026

These are approximate - we didn't exhaustively check every commit.

Possible Fix

If the root cause is an expired or revoked GITHUB_TOKEN in the CircleCI project settings, updating it should resolve the issue. Once fixed, affected packages would likely need build number bumps or nightly builds to trigger fresh uploads.

Examples

• rustqc PR Add: New recipe for RustQC #64095: CircleCI job 338002
• rustqc PR Add freetype and fontconfig runtime dependencies to rustqc #64099: CircleCI pipeline 183549 (same error)

cc @bioconda/core

[mxwang66]

Saw the same error too for my recent merged PR (7f89402).

[eunos-1128]

The same error occurred during the builds for linux-aarch64 and osx-arm64

#63903

[Sam-Sims]

Also seen on #63947

[aliciaaevans]

I'm going to see if I can update the token.

[aliciaaevans]

OK, this should be fixed now. Let me know if it's still happening.

[pinin4fjords]

That's done it, thank you, I re-ran the ci job and it successfully produced ARM builds at https://anaconda.org/channels/bioconda/packages/rustqc/overview