1

I built and pushed a image from the dockerfile using github actions, here is the worflow file


name: Create and publish a Docker image
on:
  push:
    branches: ['temp']
env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}
jobs:
  build-and-push-image:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      - name: Log in to the Container registry
        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 

      - name: Build and push Docker image
        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}

Now when I go to the package, I get link saying "install from command line -> docker pull ghcr.io/<OWNER_NAME>/<IMAGE_NAME>:"

However on using this command to actually pull the image, I get an error message saying I am not authorized.

NOTE: I am able to pull the image if I make the package public, but not once it is private

A quick google search tells me I need to use PAT to authenticate, I did that but still get the same error. For example on following this (https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-to-the-container-registry)

I get an error saying: Error response from daemon: Get "https://ghcr.io/v2/": denied: denied

I am not sure how to proceed now.

nuber_13
  • 11
  • 1
  • 2
  • did you try this method https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ – Jason0011 Jan 01 '23 at 15:53
  • i do now have this problem in dockerhub as it clearly says private repo are available to you and your organization. SO even after making it private, im able to pull the image without doing anything mentioned in the doc you attatched – nuber_13 Jan 01 '23 at 17:35
  • To answer this question, I believe we would need to know the image you pushed, the image you are pulling, the access the PAT has, and how you logged in. I doubt you'll be providing that here, so I don't think it's possible to answer. – BMitch Jan 01 '23 at 18:48
  • Image pushed and trying to pull: A simple node app that has a couple of express.get functions (im just learning, this is not a commercial project), PAT permissions: I gave it all the permissions (read, write, other things i did not understand, i know its an overkill), How i logged in: Not exactly sure what you mean by that ,but I used PAT to login – nuber_13 Jan 01 '23 at 19:24
  • The content of the image doesn't matter for an access issue. It's the repository names, and commands being typed, that we'd need to see. See [mcve], and try recreating the issue with values you don't mind exposing. – BMitch Jan 02 '23 at 01:49

1 Answers1

2

I was getting the similar problem. I looked for how to solve it everywhere but what worked for me, I will put it in the steps.

Step 1 : Make a Personal access token(classic) one. You can make it by going in your Github Settings>> Developer Settings>> Personal Access Token

Step 2 : Now come in your PC terminal from where you are trying to pull Image

Step 3 : Now use command "docker logout ghcr.io" this is to remove ur existing login credentials.

Step 4 : Now use command "docker login ghcr.io", it will ask for your username, input your Github username

Step 5 : Then it will ask for your password, now paste your Personal access token that you just created in it.

Now it shall show you 'login succeeded' Now try to pull your image through docker pull command and it should work.

Vineet Pandey
  • 66
  • 5