Regenerate expired GitHub PAT on Actions and Packages - docker

I am using GitHub Actions & Packages from Beta. Yesterday, the PAT expired. That's why my GitHub Actions failed. There is a Regenerate button on Profile > Developer Settings > Personal Access Token. I clicked it and created a new PAT.
At this step, I am able to login docker.pkg.github.com and push the image to GitHub Registry.
But, I am getting an error message when I pull that image.
This is the error message:
Error response from daemon: unauthorized: Your request could not be authenticated
by the GitHub Packages service. Please ensure your access token is valid and has
the appropriate scopes configured.
How can I solve this expired PAT issue?

This was a bug and reported on the GitHub community https://github.community/t/bug-report-personal-access-tokens/147968/2
The shell stores your old token and doesn't update it. That's why you have to logout first for one time.
The solution:
Regenerate or Create a new Personal Access Token
Update your repo's Secret
in a shell, docker logout https://docker.pkg.github.com
in a shell, docker login https://docker.pkg.github.com -u GITHUBUSERNAME
use the new token as the password
Then you will able to pull an image from the GitHub registry as always.
I got the answer from zsoobhan-tc's post.

Related

Pushing docker image to gitlab fails: unauthorized

I'm trying to push an image to my gitlab registry which i previously built with success.
docker login registry.gitlab.com
I give the credentials and it returns me a "Login Succeeded"
Then, as always, i do a
docker push registry.gitlab.com/username/registry/base:latest
And it ends with
unauthorized: authentication required
i already tried to
docker logout registry.gitlab.com
and login again.
The process can be found here, it's pretty simple
link to github/gitlabhq
I'm used to do it like that, first time i face the issue, don't understand
Any help appreciated !
Ensure that your account has read/write access to the registry you are trying to access. What you might need to do is to create a new Access Token as there is a difference between API/Access tokens and your "normal" user password. Use this access token as described in the documentation (https://github.com/gitlabhq/gitlabhq/blob/master/doc/user/packages/container_registry/index.md#authenticate-with-the-container-registry)
docker login registry.example.com -u <username> -p <token>
The token can be created by going to Edit Profile -> Access Tokens -> Select Scopes -> Ticking off 'Read registry' & 'Write registry'
The Gitlab support told me this is due to a native limitation of the token duration.
You cannot customize this duration in Saas mode.
So pushing large image results in auto logout.

Google Container Registry - unauthorized, struggling to authenticate

Recently got a new Mac, and now I am struggling to push docker containers to GCR - receiving the error:
unauthorized: You don't have the needed permissions to perform this operation, and you
may have invalid credentials. To authenticate your request, follow the steps in:
https://cloud.google.com/container-registry/docs/advanced-authentication
Commands that led to this error:
docker build -t our-node-container ./
docker tag our-node-container gcr.io/our-gcp-project/our-grc-images-directory
docker push gcr.io/our-gcp-project/our-grc-images-directory
Confirming that:
I have a GCP account with billing, have enabled the Container Registry API and installed Cloud SDK, and have Docker installed.
I have authenticated with gcloud auth login, which opened a window where I selected my email address associated with the GCP account. It led to this page.
and afterwards, I ran gcloud config set project our-gcp-project. I have closed my terminal window and attempted to docker push again, but continue to get this unauthorized error. How else can I troubleshoot this in an effort to solve the problem?
As is standard, we solved the issue just moments after posting the question. Rather than deleting the question, I'll post an answer incase anyone runs into same issue.
We simply missed the last step, which was to run gcloud auth configure-docker to update the config file in /home/.docker/config.json

Docker login: access denied you must use a personal access token

Trying to login from docker to gitlab using the command:
sudo docker login registry.gitlab.com?private_token=XXX
But I still have the following error message:
Error response from daemon: Get https://registry.gitlab.com/v2/: unauthorized: HTTP Basic: Access denied\nYou must use a personal access token with 'api' scope for Git over HTTP.\nYou can generate one at https://gitlab.com/-/profile/personal_access_tokens
The token has the right access I doubled checked... I am rather new to docker, any hint/help? thanks!
The correct command line (that works in my case at least) was:
docker login registry.example.com -u <your_username> -p <your_personal_access_token>
If you are using 2 factor authentication, then personal access tokens are required.
More information on the following webpage,
https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html
According to https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html, your username actually gets ignored:
Though required, GitLab usernames are ignored when authenticating with a personal access token. There is an issue for tracking to make GitLab use the username.
So, if you're not able to connect, it might not be because of the username.

Can login into docker-registry but not push image (github)

So I want to use the docker registry from GitHub.
I do the flowing:
docker login docker.pkg.github.com --username username
docker build . --tag docker.pkg.github.com/user-name/repo/IMAGENAME:snapshot
docker push docker.pkg.github.com/user-name/repo/IMAGENAME:snapshot
Note that the repository is private and not mine but I got write access to it.
When I go to packages tab I can also see the instructions on how to get started and I follow them(kind of, I tag the docker image in one go).
But when I run the 3 commands at the top I get the following output(push command fails):
unauthorized: Your token has not been granted the required scopes to execute this query. The 'id' field requires one of the following scopes: ['read:packages'], but your token has only been granted the: [''] scopes. Please modify your token's scopes at: https://github.com/settings/tokens.
When I visit the site referenced there is nothing there only unrelated tokens.
Any ideas what I could try or what may cause this...?
You need to use an API Token to log in like shown in the docs. Log in via password is not possible.
https://help.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-docker-for-use-with-github-packages
You must use a personal access token.

401 Unauthorized Error while login into nexus docker registry

I am using nexus as a Docker container, with tag sonatype/nexus3:3.14.0. Also, I connect nexus with LDAP for user better user management it is helpful for group and role management.
For my case, I create a blog-store and create two docker registry repository, one hosted and one group. I try to log in, on hosted and it works fine. But when I tried to connect into the grouped repository I get
401 Unauthorized. I also tried to connect with admin credentials but I get the same error too,
Error response from daemon: login attempt to https:///v2/ failed with status: 401 Unauthorized.
Suggestions are welcome
PParthenis
Enable the Docker Bearer Token Realm in Nexus Security->Realms Tab.
As stated in here
In my case Docker Bearer Token Realm security realm was already enabled. But prioritizing this realm did the trick.
If Docker Bearer Token Realm is already enabled in Nexus Security->Realms Tab, Increase its priority.
For more info https://help.sonatype.com/repomanager3/system-configuration/access-control/realms

Resources