Github action error during push docker image

Question

I am trying to run within my github action a docker push since like to use the same image as part of different repos. The code I am using is the following:

  docker build . --pull --rm --file "$GITHUB_WORKSPACE/${{ matrix.path }}/Dockerfile" --tag ${{ matrix.name }}
  echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

  IMAGE_ID=ghcr.io/${{ github.repository }}/${{ matrix.name }}
  # Strip git ref prefix from version
  VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
  echo IMAGE_ID=$IMAGE_ID
  echo VERSION=$VERSION
  docker tag ${{ matrix.name }} $IMAGE_ID:$VERSION
  docker push $IMAGE_ID:$VERSION

The error I am getting is related to permissions:

  denied: installation not allowed to Create organization package"

Any suggestion what is missing from my permissions.

I am not using a PAT. I am just using the regular token from my repository. — Tobias Bruckert, Mar 30 '21 at 03:29
Is this repository in an organization instead of a personal GitHub account? — astrochun, Mar 30 '21 at 03:38

score 3 · Accepted Answer · answered Mar 30 '21 at 05:09

thanks all for your hints it was a combination of the missing PAT rules and the wrong format. The following code works now:

      docker build . --pull --rm --file "$GITHUB_WORKSPACE/${{ matrix.path }}/Dockerfile" --tag ${{ matrix.name }}
      echo "${{ secrets.GIT_DOCKER_PAT }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

      IMAGE_ID=ghcr.io/${{ github.actor }}/${{ matrix.name }}
      # Change all uppercase to lowercase
      IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
      # Strip git ref prefix from version
      VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
      echo IMAGE_ID=$IMAGE_ID
      echo VERSION=$VERSION
      docker tag ${{ matrix.name }} $IMAGE_ID:$VERSION
      docker push $IMAGE_ID:$VERSION

The PAT has the following permissions:

I actually thought it was the IMAGE_ID, but thought you had it correctly. — astrochun, Mar 30 '21 at 05:19

Simon de Lorean · Answer 2 · 2023-05-25T08:45:36.407

2

I wasted two hours trying to figure out why I got this error message. It turns out that workflows have read access only by default. You must go to github.com/organizations/yourorganization/settings/actions and grant write access.

edited May 25 '23 at 08:45

answered May 24 '23 at 19:48

Simon de Lorean

2,045
1
13
9

if I am a personal user, how to set the write permission? is it possible to set the write permission? – Dolphin Jul 03 '23 at 20:29
I don't know. When I go to my personal settings, I see no actions settings. – Simon de Lorean Jul 04 '23 at 22:03

score 1 · Answer 3 · answered Jul 04 '23 at 22:59

1

I am facing the same issue when push docker image into GitHub Container Registry, setting the permission like this:

build_and_push:
    name: Build image & push
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

works, this is the official document: https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-github-packages

answered Jul 04 '23 at 22:59

Dolphin

29,069
61
260
539

This one did it for me. Thanks! I wonder if something about permissions has changed recently. – Jon Turner Jul 12 '23 at 22:47

Github action error during push docker image

3 Answers3