Dagger "DAGGER_CLOUD_TOKEN" missing / cloud auth in CI
Dagger Cloud captures traces when DAGGER_CLOUD_TOKEN is set in the job. If the token is missing or invalid, the run still builds but uploads nothing, and Dagger warns that cloud reporting was not authorized.
What this error means
The build works but no run appears in Dagger Cloud, and dagger warns "DAGGER_CLOUD_TOKEN is not set" or that cloud auth failed.
dagger
Warning: DAGGER_CLOUD_TOKEN is not set; cloud traces will not be uploaded
Error: dagger cloud: failed to authenticate: invalid tokenCommon causes
The token was never exported to the job
Cloud uploads read DAGGER_CLOUD_TOKEN from the environment. Without it set from a secret, nothing is uploaded.
An invalid or revoked token
A wrong or rotated token authenticates but is rejected, so cloud reporting fails.
How to fix it
Export the cloud token from a secret
- Store the Dagger Cloud token as a CI secret.
- Export DAGGER_CLOUD_TOKEN in the job environment.
- Re-run and confirm the trace appears in Dagger Cloud.
.github/workflows/ci.yml
env:
DAGGER_CLOUD_TOKEN: ${{ secrets.DAGGER_CLOUD_TOKEN }}Rotate an invalid token
If auth fails with a token present, generate a fresh Dagger Cloud token and update the secret.
How to prevent it
- Set DAGGER_CLOUD_TOKEN as a CI secret for cloud traces.
- Rotate the token and update the secret in one place.
- Do not commit the token to the repository.
Related guides
Dagger "failed to connect to engine" in CIFix Dagger "failed to connect to engine" in CI - the Dagger CLI could not reach its engine container, usually…
Earthly remote cache / EARTHLY_TOKEN not set in CIFix Earthly remote cache and Satellite auth failures in CI - remote cache and Earthly Cloud require a valid E…
Dagger "failed to get secret" (op:// / env://) in CIFix Dagger "failed to get secret" in CI - a secret reference such as env:// or op:// could not be resolved be…