1

I'm following the testdriven.io course Test-Driven Development with FastAPI and Docker

I'm at the end of the Continuous integration chapter, I just pushed a pull request with all the GitHub actions, and it fails.

My errors from GitHub actions:

actions fails

Here are my settings for a personal access token:

personal access token

I tried different things to make it work from extending the access token scopes to replacing docker.pkg.github.com with ghcr.io as mentioned by Github, without success.

Azeem
  • 11,148
  • 4
  • 27
  • 40
GMARVILLE
  • 21
  • 8
  • You seem to be creating a custom PAT but in your workflow, you're using `GITHUB_TOKEN`. See https://github.com/gaylordmarville/fastapi-tdd-docker/actions/runs/4430375092/workflow#L19 and https://github.com/gaylordmarville/fastapi-tdd-docker/actions/runs/4430375092/workflow#L46. – Azeem Mar 16 '23 at 11:00
  • Also, see [Permissions for the `GITHUB_TOKEN`](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) and [Modifying the permissions for the `GITHUB_TOKEN`](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token). – Azeem Mar 16 '23 at 11:01
  • 1
    Might be helpful: [Publishing images to GitHub Packages](https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-github-packages) – Azeem Mar 16 '23 at 11:05

1 Answers1

1

My personal solution

I managed to solve the problem, but I am unfamiliar with DevOps, CI/CD, GithHub actions, and Docker registries. Therefore, everything that follows should be treated cautiously.

Add a new step to the build jobs:

After the "GitHub to login packages" step in the .github/workflows/main.yml, add this step:

- name: Login to Docker registry
    uses: docker/login-action@v2
    with:
      registry: docker.pkg.github.com
      username: ${{ github.actor }}
      password: ${{ secrets.DOCKER_TOKEN }}

Create a repository secret DOCKER_TOKEN, and paste your docker token.

Go to your Docker account page and click on the "Security" tab to access your Docker token. From there, you can navigate to the "Access tokens" section, where you should see a list of your existing tokens.

If you don't have any existing tokens, you can create a new one by clicking on the "New Access Token" button and following the prompts. Once you have your token, you can authenticate with Docker and access private images.

To authorize your token, click on the "Authorize" button next to the token in the list of access tokens. This will grant the token permission to access the resources it needs to pull the desired Docker image.

Optionally:

  1. to fix the Github actions warnings, you can change: actions/checkout@v2.4.0 to
    actions/checkout@v3 and docker/login-action@v1 to
    docker/login-action@v2 in the .github/workflows/main.yml file
  2. Due to the GitHub migrating from the Docker registry to the Container registry, you can also replace docker.pkg.github.com with ghcr.io. It will make the code cleaner and up to date.
  3. finally, if, like me, you are pushing "pull requests" first before merging, replacing ref: main by ref: ${{ github.head_ref }} always in the .github/workflows/main.yml. It will fix a GitHub action issue that you may encounter in the Continuous Delivery chapter of the course
GMARVILLE
  • 21
  • 8