Open pditommaso opened 6 months ago
I got the following error in docker client,when credentials were not present in platform:
munish.chouhan@Munishs-MacBook-Pro wave-cli % docker pull 00ffbc112673.ngrok.app/wt/b77b20f936b1/hrma017/dev:salmon--906c138318fdd09d
Error response from daemon: unauthorized: repository 'docker.io/hrma017/dev:salmon--906c138318fdd09d' unauthorized (401)
error in wave:
15:54:47.393 [io-executor-thread-3] DEBUG i.s.w.service.CredentialServiceImpl - No credentials matching criteria registryName=docker.io; userId=1; workspaceId=null; endpoint=http://localhost:8008/api
15:54:47.393 [io-executor-thread-3] DEBUG i.s.wave.core.RegistryProxyService - Credentials for route path=docker.io/hrma017/dev:salmon--906c138318fdd09d; identity=PlatformId(user=User(id:1, userName:munish, email:hrma017@gmail.com), workspaceId=null, accessToken=eyJ0aWQiOi.., towerEndpoint=http://localhost:8008/api) => MissingCredentials[eyJ0aWQiOiAyfS5jNDk0MjhlNjAwNWViMzI2OGRmZGM0Mjg5MzlmYzI5M2ZjNTFmZDQz]
15:54:47.850 [io-executor-thread-2] WARN io.seqera.wave.ErrorHandler - repository 'docker.io/hrma017/dev:salmon--906c138318fdd09d' unauthorized (401) - Request: GET /v2/wt/b77b20f936b1/hrma017/dev/manifests/salmon--906c138318fdd09d
io.seqera.wave.exception.DockerRegistryException: repository 'docker.io/hrma017/dev:salmon--906c138318fdd09d' unauthorized (401)
at io.seqera.wave.core.ContainerAugmenter.checkResponseCode(ContainerAugmenter.groovy:116)
at io.seqera.wave.core.ContainerAugmenter.resolve(ContainerAugmenter.groovy:133)
at io.seqera.wave.core.ContainerAugmenter.resolve(ContainerAugmenter.groovy:98)
at io.seqera.wave.core.RegistryProxyService.handleManifest(RegistryProxyService.groovy:119)
at io.seqera.wave.controller.RegistryProxyController.manifestForPath(RegistryProxyController.groovy:250)
at io.seqera.wave.controller.RegistryProxyController.handleGet0(RegistryProxyController.groovy:162)
at io.seqera.wave.controller.RegistryProxyController.handleGet(RegistryProxyController.groovy:137)
at io.seqera.wave.controller.$RegistryProxyController$Definition$Exec.dispatch(Unknown Source)
at io.micronaut.context.AbstractExecutableMethodsDefinition$DispatchedExecutableMethod.invoke(AbstractExecutableMethodsDefinition.java:371)
at io.micronaut.context.DefaultBeanContext$4.invoke(DefaultBeanContext.java:594)
at io.micronaut.web.router.AbstractRouteMatch.execute(AbstractRouteMatch.java:303)
at io.micronaut.web.router.RouteMatch.execute(RouteMatch.java:111)
at io.micronaut.http.context.ServerRequestContext.with(ServerRequestContext.java:103)
at io.micronaut.http.server.RouteExecutor.lambda$executeRoute$14(RouteExecutor.java:659)
at reactor.core.publisher.FluxDeferContextual.subscribe(FluxDeferContextual.java:49)
at reactor.core.publisher.InternalFluxOperator.subscribe(InternalFluxOperator.java:62)
at reactor.core.publisher.FluxSubscribeOn$SubscribeOnSubscriber.run(FluxSubscribeOn.java:194)
at io.micronaut.reactive.reactor.instrument.ReactorInstrumentation.lambda$init$0(ReactorInstrumentation.java:62)
at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:84)
at reactor.core.scheduler.WorkerTask.call(WorkerTask.java:37)
at io.micrometer.core.instrument.composite.CompositeTimer.recordCallable(CompositeTimer.java:129)
at io.micrometer.core.instrument.Timer.lambda$wrap$1(Timer.java:206)
at io.micronaut.scheduling.instrument.InvocationInstrumenterWrappedCallable.call(InvocationInstrumenterWrappedCallable.java:53)
@pditommaso please share the steps to reproduce
Tested with ecr repo image and still the error is unauthorized
munish.chouhan@Munishs-MacBook-Pro wave-cli % wave --wave-endpoint https://00ffbc112673.ngrok.app -i 128997144437.dkr.ecr.eu-west-2.amazonaws.com/wave/build/dev:sha256:65f1351685ff93355fbe876edef2b921b96ba168de68d27981e04a1294c3cb52
00ffbc112673.ngrok.app/wt/83989be6a2b8/wave/build/dev@sha256:65f1351685ff93355fbe876edef2b921b96ba168de68d27981e04a1294c3cb52
munish.chouhan@Munishs-MacBook-Pro wave-cli % docker pull 00ffbc112673.ngrok.app/wt/83989be6a2b8/wave/build/dev@sha256:65f1351685ff93355fbe876edef2b921b96ba168de68d27981e04a1294c3cb52
Error response from daemon: unauthorized: authentication required
When Wave access a private container registry and no credentials are provider the following error message is returned to the docker/nextflow client.
The error is generic and does not provide enough information to troubleshoot the problem.
Ideally when the credentials have not been provided and Wave fails to access the container, the error message should suggest that the error may be caused by the lack of the valid credentials to access the target repo.
It should be possible to infer this condition because an object of type MissingCredentials is returned by getCredentials method