Push to Google Cloud Artifact Registry restricted through auth workflow

[DominikBasnerSotec]

Describe the bug

I am using the jkube kubernetes-maven-plugin and I am trying to push stuff to the artifact registry on google cloud platform. I currently have issues with the authentication:

While k8s:build creates a perfectly fine image with the correct name that I can push using docker push, it fails when using k8s:push. The error is either Error getting the version of the configured credential helper: Failed to start 'docker-credential-gcloud version' : Cannot run program "docker-credential-gcloud": CreateProcess error=2 . Or denied: Permission "artifactregistry.repositories.uploadArtifacts" denied on resource "project depending on how I configured my %USER%/.docker/config.json. (first is with credHelper gcloud, second is with credHelper removed and using plain docker login)

Workaround:

I used the authConfig tags with username (_json_key), password (encrypted service-account.json) and mvn --encrypt-password This way, it is possible to push to the registry

Eclipse JKube version

1.15.0

Component

Kubernetes Maven Plugin

Apache Maven version

None

Gradle version

None

Steps to reproduce

1. Configure a GCP Artifact Registry as the registry
2. Try to use the described auth / credentials handling methods, like:

   gcloud auth login
   gcloud components install docker-credential-gcr
   gcloud auth configure-docker europe-west3-docker.pkg.dev
   docker-credential-gcr configure-docker

3. Receive Unauth messages on k8s:push

Expected behavior

All of the described auth methods work

Runtime

Kubernetes (vanilla)

Kubernetes API Server version

1.25.3

Environment

Windows

Eclipse JKube Logs

No response

Sample Reproducer Project

No response

Additional context

No response

[l3002]

@DominikBasnerSotec : Are you still facing this issue?

[DominikBasnerSotec]

Project using this is currently on hold, thus I haven't checked in a while and from my perspective, the issue can be closed