kraft pkg push, can't authenticate with dockerhub or ghcr

[Cescodeveloper42]

Describe the bug

Kraftkit can't push on a private docker hub registry. I have already done the login by using the "docker login" and the "kraft login dockerhub" commands but it didn't take effect

Steps to reproduce

this is the kraftfile configuration:

spec: v0.6

name: redis

rootfs: ./Dockerfile

cmd: ["/usr/bin/redis-server"]

template: source: https://github.com/unikraft/app-elfloader.git version: staging

unikraft: source: https://github.com/unikraft/unikraft.git version: staging kconfig:

Configurations options for app-elfloader

# (they can't be part of the template atm)
CONFIG_APPELFLOADER_ARCH_PRCTL: 'y'
CONFIG_APPELFLOADER_BRK: 'y'
CONFIG_APPELFLOADER_CUSTOMAPPNAME: 'y'
CONFIG_APPELFLOADER_STACK_NBPAGES: 128
CONFIG_APPELFLOADER_VFSEXEC_EXECBIT: 'n'
CONFIG_APPELFLOADER_VFSEXEC: 'y'
CONFIG_APPELFLOADER_HFS: 'y'
CONFIG_APPELFLOADER_HFS_ETCRESOLVCONF: 'y'
CONFIG_APPELFLOADER_HFS_ETCHOSTS: 'y'
CONFIG_APPELFLOADER_HFS_ETCHOSTNAME: 'y'
CONFIG_APPELFLOADER_HFS_REPLACEEXIST: 'y'
# Unikraft options
CONFIG_HAVE_PAGING_DIRECTMAP: 'y'
CONFIG_HAVE_PAGING: 'y'
CONFIG_I8042: 'y'
CONFIG_LIBDEVFS_AUTOMOUNT: 'y'
CONFIG_LIBDEVFS_DEV_NULL: 'y'
CONFIG_LIBDEVFS_DEV_STDOUT: 'y'
CONFIG_LIBDEVFS_DEV_ZERO: 'y'
CONFIG_LIBDEVFS: 'y'
CONFIG_LIBPOSIX_ENVIRON_ENVP0: "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
CONFIG_LIBPOSIX_ENVIRON_ENVP1: "LD_LIBRARY_PATH=/usr/local/lib:/usr/lib:/lib"
CONFIG_LIBPOSIX_ENVIRON_ENVP2: "HOME=/"
CONFIG_LIBPOSIX_ENVIRON: 'y'
CONFIG_LIBPOSIX_ENVIRON_LIBPARAM: 'y'
CONFIG_LIBPOSIX_ENVIRON_LIBPARAM_MAXCOUNT: '64'
CONFIG_LIBPOSIX_EVENTFD: 'y'
CONFIG_LIBPOSIX_FDIO: 'y'
CONFIG_LIBPOSIX_FDTAB: 'y'
CONFIG_LIBPOSIX_FUTEX: 'y'
CONFIG_LIBPOSIX_MMAP: 'y'
CONFIG_LIBPOSIX_NETLINK: 'y'
CONFIG_LIBPOSIX_PIPE: 'y'
CONFIG_LIBPOSIX_POLL: 'y'
CONFIG_LIBPOSIX_PROCESS_CLONE: 'y'
CONFIG_LIBPOSIX_SOCKET: 'y'
CONFIG_LIBPOSIX_SYSINFO: 'y'
CONFIG_LIBPOSIX_TIME: 'y'
CONFIG_LIBPOSIX_TIMERFD: 'y'
CONFIG_LIBPOSIX_UNIXSOCKET: 'y'
CONFIG_LIBPOSIX_USER_GID: 0
CONFIG_LIBPOSIX_USER_GROUPNAME: "root"
CONFIG_LIBPOSIX_USER_UID: 0
CONFIG_LIBPOSIX_USER_USERNAME: "root"
CONFIG_LIBPOSIX_USER: 'y'
CONFIG_LIBRAMFS: 'y'
CONFIG_LIBSYSCALL_SHIM_HANDLER_ULTLS: 'y'
CONFIG_LIBSYSCALL_SHIM_HANDLER: 'y'
CONFIG_LIBSYSCALL_SHIM_LEGACY_VERBOSE: 'y'
CONFIG_LIBSYSCALL_SHIM: 'y'
CONFIG_LIBUKALLOCPOOL: 'y'
CONFIG_LIBUKBLKDEV_MAXNBQUEUES: '1'
CONFIG_LIBUKBLKDEV_DISPATCHERTHREADS: 'y'
CONFIG_LIBUKBLKDEV_SYNC_IO_BLOCKED_WAITING: 'y'
CONFIG_LIBUKBLKDEV: 'y'
CONFIG_LIBUKBOOT_BANNER_MINIMAL: 'y'
CONFIG_LIBUKBOOT_HEAP_BASE: '0x400000000'
CONFIG_LIBUKBOOT_MAINTHREAD: 'y'
CONFIG_LIBUKBOOT_SHUTDOWNREQ_HANDLER: 'y'
CONFIG_LIBUKCPIO: 'y'
CONFIG_LIBUKDEBUG_CRASH_SCREEN: 'y'
CONFIG_LIBUKDEBUG_ENABLE_ASSERT: 'y'
CONFIG_LIBUKDEBUG_PRINT_SRCNAME: 'n'
CONFIG_LIBUKDEBUG_PRINT_TIME: 'y'
CONFIG_LIBUKDEBUG_PRINTK_ERR: 'y'
CONFIG_LIBUKDEBUG_PRINTK: 'y'
CONFIG_LIBUKDEBUG: 'y'
CONFIG_LIBUKFALLOC: 'y'
CONFIG_LIBUKMPI: 'n'
CONFIG_LIBUKSIGNAL: 'y'
CONFIG_LIBUKSWRAND_DEVFS: 'y'
CONFIG_LIBUKSWRAND: 'y'
CONFIG_LIBUKVMEM_DEFAULT_BASE: '0x0000001000000000'
CONFIG_LIBUKVMEM_DEMAND_PAGE_IN_SIZE: 12
CONFIG_LIBUKVMEM_PAGEFAULT_HANDLER_PRIO: 4
CONFIG_LIBUKVMEM: 'y'
CONFIG_LIBVFSCORE_AUTOMOUNT_CI: 'y'
CONFIG_LIBVFSCORE_AUTOMOUNT_CI_EINITRD: 'y'
CONFIG_LIBVFSCORE_AUTOMOUNT_UP: 'y'
CONFIG_LIBVFSCORE_AUTOMOUNT: 'y'
CONFIG_LIBVFSCORE_NONLARGEFILE: 'y'
CONFIG_LIBVFSCORE: 'y'
CONFIG_OPTIMIZE_DEADELIM: 'y'
CONFIG_OPTIMIZE_LTO: 'y'
CONFIG_PAGING: 'y'
CONFIG_STACK_SIZE_PAGE_ORDER: 4 # 128 * 4K = 512K
CONFIG_UKPLAT_MEMREGION_MAX_COUNT: 64
CONFIG_LIBUKNETDEV_EINFO_LIBPARAM: 'y'

# Debug options
# CONFIG_LIBUKDEBUG_PRINTD: 'y'
# CONFIG_LIBUKDEBUG_PRINTK_INFO: 'y'
# CONFIG_LIBSYSCALL_SHIM_STRACE: 'y'
# CONFIG_LIBSYSCALL_SHIM_DEBUG: 'y'

libraries: lwip: source: https://github.com/unikraft/lib-lwip.git version: staging kconfig: CONFIG_LWIP_LOOPIF: 'y' CONFIG_LWIP_UKNETDEV: 'y' CONFIG_LWIP_LOOPBACK: 'y' CONFIG_LWIP_TCP: 'y' CONFIG_LWIP_UDP: 'y' CONFIG_LWIP_RAW: 'y' CONFIG_LWIP_WND_SCALE: 'y' CONFIG_LWIP_TCP_KEEPALIVE: 'y' CONFIG_LWIP_THREADS: 'y' CONFIG_LWIP_HEAP: 'y' CONFIG_LWIP_SOCKET: 'y' CONFIG_LWIP_AUTOIFACE: 'y' CONFIG_LWIP_IPV4: 'y' CONFIG_LWIP_DHCP: 'y' CONFIG_LWIP_DNS: 'y' CONFIG_LWIP_NUM_TCPCON: 64 CONFIG_LWIP_NUM_TCPLISTENERS: 64 CONFIG_LWIP_ICMP: 'y' libelf: source: https://github.com/unikraft/lib-libelf.git version: staging

targets:

• fc/x86_64
• qemu/x86_64

backend: type: docker options: dockerfile: Dockerfile

jobs:

build: steps:

• uses: actions/checkout@v3

• name: Login to OCI registry uses: docker/login-action@v2 with: registry: docker.io username: frankcoder01 password: Passwordmoltosicura

• uses: unikraft/kraftkit@stable with: workdir: . kraftfile: Kraftfile arch: x86_64 plat: qemu output: oci://docker.io/frankcoder01 push: true

Expected behavior

No response

Which architectures were you using or does this bug affect?

x86_64

Which operating system were you using or does this bug affect?

linux/Ubuntu

Relevant log output

HEAD https://index.docker.io/v2/frankcoder01/redis/manifests/latest: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details)
 E  HEAD https://index.docker.io/v2/frankcoder01/redis/manifests/latest: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details)
root@master:~/workspace/redis/unik

[craciunoiuc]

Hey

Thanks for reporting this. Will have to investigate and I'll come back.

Also, using ghcr.io seems to have worked

[craciunoiuc]

So the problem is related to how login data is fetched from the docker login. For now, as a workaround you can use kraft login

➜  1.15 git:(main) ✗ kraft pkg push index.docker.io/craciunoiuc/test-nginx-3:latest
 D  kraftkit 0.8.7
 D  checking compatibility format=oci source=index.docker.io/craciunoiuc/test-nginx-3:latest
 D  querying catalog local=true name=index.docker.io/craciunoiuc/test-nginx-3:latest remote=false
 i  found index.docker.io/craciunoiuc/test-nginx-3:latest (qemu/x86_64) (0e588e0, 31ab06e, qemu/x86_64, 1.9 MB)
 D  found 1/1 matching packages in oci catalog
 i  pushing index.docker.io/craciunoiuc/test-nginx-3:latest (qemu/x86_64)
 D  pushing digest=sha256:31ab06e7c32b5c151fcb679590d6318ff9fec2f0ba5ca5f16752f2bb1a5fd8bc mediaType=application/vnd.oci.image.index.v1+json ref=index.docker.io/craciunoiuc/test-nginx-3:latest
 E  HEAD https://index.docker.io/v2/craciunoiuc/test-nginx-3/manifests/latest: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details)
 E  HEAD https://index.docker.io/v2/craciunoiuc/test-nginx-3/manifests/latest: unexpected status code 401 Unauthorized (HEAD responses have no body, use GET for details)
➜  1.15 git:(main) ✗ kraft login -u craciunoiuc -t 'REDACTED' index.docker.io
 D  kraftkit 0.8.7
➜  1.15 git:(main) ✗ kraft pkg push index.docker.io/craciunoiuc/test-nginx-3:latest
 D  kraftkit 0.8.7
 D  checking compatibility format=oci source=index.docker.io/craciunoiuc/test-nginx-3:latest
 D  querying catalog local=true name=index.docker.io/craciunoiuc/test-nginx-3:latest remote=false
 i  found index.docker.io/craciunoiuc/test-nginx-3:latest (qemu/x86_64) (0e588e0, 31ab06e, qemu/x86_64, 1.9 MB)
 D  found 1/1 matching packages in oci catalog
 i  pushing index.docker.io/craciunoiuc/test-nginx-3:latest (qemu/x86_64)
 D  pushing digest=sha256:31ab06e7c32b5c151fcb679590d6318ff9fec2f0ba5ca5f16752f2bb1a5fd8bc mediaType=application/vnd.oci.image.index.v1+json ref=index.docker.io/craciunoiuc/test-nginx-3:latest
➜  1.15 git:(main) ✗

[craciunoiuc]

Opened PR with a fix, thanks @Cescodeveloper42

A note though: you will have to use index.docker.io instead of docker.io in the login to make it correctly work with Unikraft 🙏

One extra note: you'll have to use staging as the version to have this, or you can wait till a release

[Cescodeveloper42]

thank you so much guys