search

int128 / kaniko-action

Build container image using Kaniko in GitHub Actions
Apache License 2.0
34 stars 12 forks source link

Auth for the base image #788

Open guigomcha opened 3 days ago

guigomcha commented 3 days ago

For some reason I am not able to achieve a build using this action when the base image is private and also requires credentials

e.g.,

      - name: Login to base image repo
        uses: docker/login-action@v3.3.0
        with:
          registry: https://${{ env.BASE_IMAGE_REPO }}
          username: ${{ secrets.BASE_IMAGE_USER }}
          password: ${{ secrets.BASE_IMAGE_PAT }}
      - name: Login to target repo
        uses: docker/login-action@v3.3.0
        with:
          registry: https://${{ env.TARGET_IMAGE_REPO }}
          username: ${{ secrets.TARGET_IMAGE_USER }}
          password: ${{ secrets.TARGET_IMAGE_PAT }}
      - name: build and push 
        uses: int128/kaniko-action@v1
        with:
          tags: ${{ env.TARGET_IMAGE_REPO }}/${{ env.IMAGE_NAME }}:latest
          context: .
          file: $PATH_TO_DOCKERFILE

Docker login actions succeed but build and push always returns this

Run int128/kaniko-action@v1
Pulling gcr.io/kaniko-project/executor:v1.23.2
/usr/local/bin/docker run --rm -v /runner/_work/REDACTED:/kaniko/action/context:ro -v /runner/_work/_temp/kaniko-action-XXXXXXp0Q664:/kaniko/action/outputs -v /home/runner/.docker/:/kaniko/.docker/:ro -e container=docker gcr.io/kaniko-project/executor:v1.23.2 --context dir:///kaniko/action/context/ --digest-file /kaniko/action/outputs/digest --dockerfile REDACTED --no-push --destination REDACTED
INFO[0000] Using dockerignore file: /kaniko/action/context/.dockerignore 
INFO[0000] Retrieving image manifest REDACTED_BASE_IMAGE:latest 
INFO[0000] Retrieving image REDACTED_BASE_IMAGE:latest from registry REDACTED_BASE_IMAGE_REPO 
error building image: unable to complete operation after 0 attempts, last error: GET REDACTED_BASE_IMAGE_REPO/v2/manifests/latest: UNAUTHORIZED: access to the requested resource is not authorized
Error: Error: The process '/usr/local/bin/docker' failed with exit code 1
Error: The process '/usr/local/bin/docker' failed with exit code 1
    at ExecState._setResult (file:///runner/_work/_actions/int1[28](REDACTED#step:7:30)/kaniko-action/v1/node_modules/.pnpm/@actions+exec@1.1.1/node_modules/@actions/exec/lib/toolrunner.js:592:1)
    at ExecState.CheckComplete (file:///runner/_work/_actions/int128/kaniko-action/v1/node_modules/.pnpm/@actions+exec@1.1.1/node_modules/@actions/exec/lib/toolrunner.js:575:1)
    at ChildProcess.<anonymous> (file:///runner/_work/_actions/int128/kaniko-action/v1/node_modules/.pnpm/@actions+exec@1.1.1/node_modules/@actions/exec/lib/toolrunner.js:469:1)
    at ChildProcess.emit (node:events:519:28)
    at maybeClose (node:internal/child_process:1105:16)
    at Process.ChildProcess._handle.onexit (node:internal/child_process:[30](REDACTED#step:7:32)5:5)

Any idea how to achieve this?

guigomcha commented 3 days ago

The error might be on the selected kaniko version... https://github.com/GoogleContainerTools/kaniko/issues/2576 I would need to select the kaniko version manually... not sure how