Skip to content

Commit 3196cee

Browse files
npasquinnpasquin
authored andcommitted
fix(ci): use crane for Harbor push to bypass docker auth issue
Docker push fails with 'unauthorized' even with valid credentials. Crane works with the same credentials. Using crane to push images to Harbor as a workaround.
1 parent 5972132 commit 3196cee

1 file changed

Lines changed: 11 additions & 8 deletions

File tree

.github/workflows/ci.yml

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -142,17 +142,20 @@ jobs:
142142
-t ${{ env.HARBOR_REGISTRY }}/${{ env.HARBOR_IMAGE }}:${{ steps.meta.outputs.sha_short }} \
143143
-f ./Dockerfile .
144144
145-
- name: Verify Docker config before push
145+
- name: Install crane
146146
run: |
147-
echo "=== Docker config check ==="
148-
cat ~/.docker/config.json | jq 'keys' || echo "No config"
149-
echo "=== Checking for Harbor auth ==="
150-
cat ~/.docker/config.json | jq '.auths | keys' || echo "No auths"
147+
curl -sL "https://github.com/google/go-containerregistry/releases/latest/download/go-containerregistry_Linux_x86_64.tar.gz" | tar -xzf - crane
148+
chmod +x crane
149+
sudo mv crane /usr/local/bin/
151150
152-
- name: Push to Harbor
151+
- name: Push to Harbor with crane
153152
run: |
154-
docker push ${{ env.HARBOR_REGISTRY }}/${{ env.HARBOR_IMAGE }}:${{ steps.meta.outputs.harbor_primary_tag }}
155-
docker push ${{ env.HARBOR_REGISTRY }}/${{ env.HARBOR_IMAGE }}:${{ steps.meta.outputs.sha_short }}
153+
crane auth login ${{ env.HARBOR_REGISTRY }} -u "${{ secrets.HARBOR_USERNAME }}" -p "${{ secrets.HARBOR_PASSWORD }}"
154+
# Save and push the primary tag
155+
docker save ${{ env.HARBOR_REGISTRY }}/${{ env.HARBOR_IMAGE }}:${{ steps.meta.outputs.harbor_primary_tag }} -o /tmp/image.tar
156+
crane push /tmp/image.tar ${{ env.HARBOR_REGISTRY }}/${{ env.HARBOR_IMAGE }}:${{ steps.meta.outputs.harbor_primary_tag }}
157+
# Tag with sha short
158+
crane tag ${{ env.HARBOR_REGISTRY }}/${{ env.HARBOR_IMAGE }}:${{ steps.meta.outputs.harbor_primary_tag }} ${{ steps.meta.outputs.sha_short }}
156159
157160
- name: Tag and push to GHCR (backup)
158161
if: steps.ghcr_login.outcome == 'success'

0 commit comments

Comments
 (0)