search

docker / build-push-action

GitHub Action to build and push Docker images with Buildx
https://github.com/marketplace/actions/build-and-push-docker-images
Apache License 2.0
4.31k stars 552 forks source link

Docker Hub login succeeds but push does not #1053

Closed magnuskalland closed 7 months ago

magnuskalland commented 7 months ago

Contributing guidelines

I've found a bug, and:

Description

When using a Docker Hub access token for Read & Write, a login action succeeds but a push does not. Happens with Github actions and with act, but not with using Docker through the CLI:

sudo docker build -t magnuskalland/ptcg-fantasy-draft-tool-backend:0.0.1 .
docker login --username $DOCKERHUB_USERNAME --password $DOCKERHUB_TOKEN
docker push magnuskalland/ptcg-fantasy-draft-tool-backend:0.0.1

Expected behaviour

When login succeeds using an access token for Read & Write, a push should also succeed.

Actual behaviour

Login succeeds but push does not.

Repository URL

https://github.com/magnuskalland/ptcg-fantasy-draft-tool-backend

Workflow run URL

https://github.com/magnuskalland/ptcg-fantasy-draft-tool-backend/actions/runs/7885593443

YAML workflow

name: CI

on:
  push:
    branches: [main]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1

      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to Azure Container Registry
        uses: Azure/docker-login@v1
        with:
          login-server: ptcgfantasydraftoolcontainerregistry.azurecr.io
          username: ${{ secrets.AZURE_REGISTRY_USERNAME }}
          password: ${{ secrets.AZURE_REGISTRY_PASSWORD }}

      - name: Build and push Docker image
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: ${{ secrets.DOCKERHUB_USERNAME }}/ptcg-fantasy-draft-tool-backend:0.0.1
          build-args: |
            DISCORD_CLIENT_ID=${{ secrets.DISCORD_CLIENT_ID }}
            DISCORD_CLIENT_SECRET=${{ secrets.DISCORD_CLIENT_SECRET }}
            SERVER_NAME=${{ secrets.SERVER_NAME }}
            SERVER_PORT=${{ secrets.SERVER_PORT }}
            FRONTEND_URL=${{ secrets.FRONTEND_URL }}
            DATABASE=${{ secrets.DATABASE }}
            DRAFT_CONTAINER=${{ secrets.DRAFT_CONTAINER }}
            USER_CONTAINER=${{ secrets.USER_CONTAINER }}

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v1

      - name: Terraform Init
        run: terraform init

      - name: Terraform Apply
        run: terraform apply -auto-approve

Workflow logs

No response

BuildKit logs

No response

Additional info

No response

crazy-max commented 7 months ago

First, actions in your workflow look outdated/EOL, please update to latest stable:

image

Second, when using:

      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to Azure Container Registry
        uses: Azure/docker-login@v1
        with:
          login-server: ptcgfantasydraftoolcontainerregistry.azurecr.io
          username: ${{ secrets.AZURE_REGISTRY_USERNAME }}
          password: ${{ secrets.AZURE_REGISTRY_PASSWORD }}

Azure/docker-login will I think override the docker config and therefore remove credentials set by docker/login-action. Suggest to follow our documentation to authenticate to both Docker Hub and Azure Container Registry: https://github.com/docker/login-action?tab=readme-ov-file#usage

Would look like this:

      - name: Login to DockerHub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to Azure Container Registry
        uses: docker/login-action@v3
        with:
          registry: ptcgfantasydraftoolcontainerregistry.azurecr.io
          username: ${{ secrets.AZURE_REGISTRY_USERNAME }}
          password: ${{ secrets.AZURE_REGISTRY_PASSWORD }}

Closing as this should solve your issue.