Search code examples
dockercontinuous-integrationgithub-actionsgithub-container-registry

Github Actions workflow for pushing a container to Github Container Registry fails with "unauthenticated"

I want to build and push a docker container from my Github repsitory to the Github Container Registry. Maybe it's worth mentioning that the repository lies in an ogranization. Here is my Github Action workflow:

name: <name>

on:
  push:
    branches:
      - server

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      - name: login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: create image from repository
        run: docker build -t ghcr.io/${{ github.actor }}/<img-name> .
      - name: push image to GitHub Container Registry
        run: docker push ghcr.io/${{ github.actor }}/<img-name>:latest

The login passes, but the build fails with the following error:

The push refers to repository [ghcr.io/<user>/<img-name>]
2059ea815744: Preparing
8e3db2b6bb5e: Preparing
5aaeefe84632: Preparing
908e917b0525: Preparing
dff5b20a51e8: Preparing
407c3ac1f7e9: Preparing
e12889c39beb: Preparing
8d3ac3489996: Preparing
e12889c39beb: Waiting
8d3ac3489996: Waiting
407c3ac1f7e9: Waiting
denied: unauthenticated: User cannot be authenticated with the token provided.
Error: Process completed with exit code 1.

I looked up many solutions but none worked. Am I missing something?

Solution

  • The problem is that the docker login is in one job and the build, push actions are in a different job. For each job, a separate GitHub runner is run and once it is finished, it exits. Furthermore, unless specified by the needs key, jobs are by default considered independent and are run concurrently anyway so the build, push run sequentially in your workflow and login takes place in parallel on a different GitHub runner. To make your workflow run, modify the code as follows:

    name: <name>

on:
  push:
    branches:
      - server

jobs:
  dockerloginbuildpush:
    runs-on: ubuntu-latest
    steps:
      - name: login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - uses: actions/checkout@v2
      - name: create image from repository
        run: docker build -t ghcr.io/${{ github.actor }}/<img-name> .
      - name: push image to GitHub Container Registry
        run: docker push ghcr.io/${{ github.actor }}/<img-name>:latest

    So now you login, build your image and push successfully since you are logged in on the machine you are pushing on.