[GitHub Codespaces] Fail to push an image to Docker Hub

[v-chenzha]

OS: GitHub Codespaces (Remote&Local) Build Version: 20231013.1 Regression: Previous Release

Repro Steps:

1. Connect Docker Hub registry.
2. Navigate to "Images" view -> Right click an image -> Push... -> Select "Docker Hub" -> Select namespace -> Tag image.
3. Check whether succeeds to push an image to Docker Hub.

Expect: Succeed to push an image to Docker Hub.

Actual: Fail to push an image to Docker Hub.

More Info:

1. There is a different error when pushing an image in VS Code(non-Codespaces Environment). The error message as below:
2. This issue doesn't reproduce when pushing an image to Azure/Generic Registry V2/GitHub registry.

[alexyaang]

The error message seems to indicate your access token does not have enough scope. Change it to Read & Write and it should work.

@bwateratmsft should we add a note in the DockerHub secret step to tell user to use Read & Write? I think it's pretty self explanatory but... never hurts to be too clear?

[bwateratmsft]

Yeah, I think that's a good idea. Users who choose just a read token can expect that push will fail.

[v-chenzha]

Verified this issue on the build 20231107.2, it still reproduces for now. So, reopen it. The error message as below:

[bwateratmsft]

This might be an issue with Docker Hub...

[bwateratmsft]

I think I know roughly what is happening. When the Codespace is created, it is being created already logged in to Docker Hub with a public token allowing it to pull from public repos. When we log in, we are logging in to https://docker.io/ which is treated differently from https://index.docker.io/v1/ but only in Codespaces--signing in to just https://docker.io/ on my desktop works.

We could probably fix this by changing this line to return an empty string, or to https://index.docker.io/v1/