Giter VIP home page Giter VIP logo

Comments (12)

lsnetsinger avatar lsnetsinger commented on May 30, 2024

Recent changes are causing this error.

[Action Step] Log in to registry...
Unable to find image 'amazon/aws-cli:2.0.7' locally
2.0.7: Pulling from amazon/aws-cli
a8d577519c9f: Pulling fs layer
....
An error occurred (UnrecognizedClientException) when calling the GetAuthorizationToken operation: The security token included in the request is invalid.
Error: Cannot perform an interactive login from a non TTY device
Could not log in (please check credentials)
INFO: Won't be able to pull from private repos, nor to push to public/private repos.

I have pinned to v4.1.1 where the error is not happening

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

@leo-novu Can I see your workflow file? If you are using AWS ECR, since 4.3.0 now it's easier to login to the registry. I wonder if I introduced a breaking change in 4.2.0 or 4.3.0.
Since 4.2.0 you need to explicitly set push_image_and_stages to false if you don't provide the right credentials and don't expect the action to push the image and stages.

In 4.1.1 the error should be there, but the action continues to run even with wrong credentials, which is not a good idea as you won't be able to push the built layers (and you won't have the right cache on next runs).

from docker-build-with-cache-action.

lsnetsinger avatar lsnetsinger commented on May 30, 2024

I dont believe the credentials are wrong. In the previous actions that setup the credentials and login to ECR work.

---
name: CI
on: [pull_request]
jobs:
  Build_Docker_Image:
    name: Build Docker Image
    runs-on: ubuntu-latest
    env:
      ARTIFACTORY_CREDENTIALS: ${{ secrets.ARTIFACTORY_CREDENTIALS }}
    steps:
      - uses: actions/checkout@v2

      - name: Configure AWS Credentials
        uses: aws-actions/[email protected]
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v1

      - name: Get AWS ECR credentials
        id: ecr-credentials
        run: |
          echo "::set-output name=username::AWS"
          echo "::set-output name=password::`aws ecr get-login-password`"

      - name: Docker build
        uses: whoan/[email protected]
        with:
          username: ${{ steps.ecr-credentials.outputs.username }}
          password: ${{ steps.ecr-credentials.outputs.password }}
          registry: '822373129316.dkr.ecr.us-east-1.amazonaws.com'
          image_name: novu/ci-cache/hermesci
          build_extra_args: "--compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=${{ secrets.ARTIFACTORY_CREDENTIALS }}"

image

Here is the entire error:

Run whoan/docker-build-with-cache-action@master
/usr/bin/docker run --name d00b33f907b7cdeedd4450bd946e425aa0bcfa_953ba7 --label d00b33 --workdir /github/workspace --rm -e ARTIFACTORY_CREDENTIALS -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_REGISTRY -e INPUT_IMAGE_NAME -e INPUT_BUILD_EXTRA_ARGS -e INPUT_IMAGE_TAG -e INPUT_CONTEXT -e INPUT_DOCKERFILE -e INPUT_PUSH_IMAGE_AND_STAGES -e INPUT_PUSH_GIT_TAG -e INPUT_PULL_IMAGE_AND_STAGES -e PULL_STAGES_LOG -e BUILD_LOG -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/hermes/hermes":"/github/workspace" d00b33:f907b7cdeedd4450bd946e425aa0bcfa

[Action Step] Checking required input...

[Action Step] Log in to registry...
Unable to find image 'amazon/aws-cli:2.0.7' locally
2.0.7: Pulling from amazon/aws-cli
a8d577519c9f: Pulling fs layer
566688c06207: Pulling fs layer
ca757f738665: Pulling fs layer
20a1a6491248: Pulling fs layer
eee974bddccb: Pulling fs layer
20a1a6491248: Waiting
eee974bddccb: Waiting
20a1a6491248: Verifying Checksum
20a1a6491248: Download complete
eee974bddccb: Verifying Checksum
eee974bddccb: Download complete
a8d577519c9f: Verifying Checksum
a8d577519c9f: Download complete
a8d577519c9f: Pull complete
566688c06207: Pull complete
ca757f738665: Pull complete
20a1a6491248: Pull complete
eee974bddccb: Pull complete
Digest: sha256:30119932960947db22fcbabf465c4974134cc30c2c6dc2936694befd55b6ae99
Status: Downloaded newer image for amazon/aws-cli:2.0.7

An error occurred (UnrecognizedClientException) when calling the GetAuthorizationToken operation: The security token included in the request is invalid.
Error: Cannot perform an interactive login from a non TTY device
Could not log in (please check credentials)

INFO: Won't be able to pull from private repos, nor to push to public/private repos
[Action Step] Pulling image...

[Action Step] Building image...
+ docker build --tag my_awesome_image --file ./Dockerfile --compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=*** .
+ tee build-output.log
Sending build context to Docker daemon  10.27MB

Step 1/60 : FROM *************/debian-ruby-2.6.5/db-libraries/nodejs8:1.0.6-rc-20200330145916 as builder
Get https://**********/debian-ruby-2.6.5/db-libraries/nodejs8/manifests/1.0.6-rc-20200330145916: no basic auth credentials

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

Could you please try with this @leo-novu ?:

- name: Docker build
  uses: whoan/[email protected]
  with:
    username: ${{ secrets.AWS_ACCESS_KEY_ID }}
    password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
    registry: '822373129316.dkr.ecr.us-east-1.amazonaws.com'
    image_name: novu/ci-cache/hermesci
    build_extra_args: "--compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=${{ secrets.ARTIFACTORY_CREDENTIALS }}"

UPDATE Changed it to v5.0.0 to avoid breaking existent workflows using the old method to login to AWS ECR (instead of the new built-in way).

from docker-build-with-cache-action.

lsnetsinger avatar lsnetsinger commented on May 30, 2024

Same results

Run whoan/[email protected]
  with:
    username: AWS
    password: 
    registry: ********
    image_name: novu/ci-cache/novu-s3-utilsci
    build_extra_args: --compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=***
    image_tag: latest
    context: .
    dockerfile: Dockerfile
    push_image_and_stages: true
    push_git_tag: false
    pull_image_and_stages: true
  env:
    ARTIFACTORY_CREDENTIALS: ***
    AWS_DEFAULT_REGION: ***
    AWS_REGION: ***
/usr/bin/docker run --name c1a0755c899344f40fe88c3a9a35140730b_94246b --label 430c1a --workdir /github/workspace --rm -e ARTIFACTORY_CREDENTIALS -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_REGISTRY -e INPUT_IMAGE_NAME -e INPUT_BUILD_EXTRA_ARGS -e INPUT_IMAGE_TAG -e INPUT_CONTEXT -e INPUT_DOCKERFILE -e INPUT_PUSH_IMAGE_AND_STAGES -e INPUT_PUSH_GIT_TAG -e INPUT_PULL_IMAGE_AND_STAGES -e PULL_STAGES_LOG -e BUILD_LOG -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/novu-s3-utils/novu-s3-utils":"/github/workspace" 430c1a:0755c899344f40fe88c3a9a35140730b

[Action Step] Checking required input...

[Action Step] Log in to registry...
Unable to find image 'amazon/aws-cli:2.0.7' locally
2.0.7: Pulling from amazon/aws-cli
a8d577519c9f: Pulling fs layer
599cb0
 ---> 37cde7e59fac
[Warning] One or more build-args [PRECOMPILE_ASSETS SKIP_TRANSLATIONS] were not consumed
Successfully built 37cde7e59fac
Successfully tagged my_awesome_image:latest
+ set +x

[Action Step] Tagging image...
Tagging: latest
ERROR: Can't push when not logged in to registry. Set push_image_and_stages=false if you don't want to push

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

@leo-novu , I will take a closer look at it as soon as I can. Thanks for your tests.

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

@leo-novu Another question to track the problem. Didn't it work for you with v4.2.0?

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

I could not reproduce @leo-novu . Look at this run: https://github.com/whoan/docker-images/runs/594127068?check_suite_focus=true

The only way I could reproduce was setting wrong credentials, as you can see here: https://github.com/whoan/docker-images/runs/594068519?check_suite_focus=true

BTW, I set last version as v5.0.0 to avoid breaking existent workflows using v4. But I still wonder why it dodn't work for you in your last run.

Did you set the the correct keys? You need to set the ones you are currently setting in Configure AWS Credentials step, like this:

username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

Closing this one as I can't reproduce. Feel free to open if you are sure there is something to fix in the action. Thanks.

from docker-build-with-cache-action.

juniorb2ss avatar juniorb2ss commented on May 30, 2024

@whoan

I have same issue:

[Action Step] Log in to registry...
[Building and pushing a docker image to Amazon ECR/Building and pushing images to AWS ECR] Started container: 24513cd37183834996f4fc9555dec17da3c1e6d270fe2abb4958890764c7d56b
| Error response from daemon: login attempt to https://13243424.dkr.ecr.us-east-1.amazonaws.com/v2/ failed with status: 401 Unauthorized
| INFO: Could not log in (please check credentials) - Won't be able to pull from private repos, nor to push to public/private repos

name: Building and pushing a docker image to Amazon ECR

on:
  push:
    branches:         
    - master
env:
  SHA8: ${GITHUB_SHA::8-latest}

jobs:
  build:
    name: Building and pushing images to AWS ECR
    runs-on: ubuntu-latest
    steps:

    - name: Checkout
      uses: actions/checkout@master
      
    - name: Build/Pushing PHP image
      uses: whoan/docker-build-with-cache-action@v4
      with:
        username: "aws_key"
        password: "aws_secret"
        image_name: "image-name"
        context: .
        dockerfile: docker/php/base/Dockerfile
        push_image_and_stages: false
        push_git_tag: true
        image_tag: "${SHA8}"
        registry: 13243424.dkr.ecr.us-east-1.amazonaws.com

I'm testing using act.

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

Please use v5 @juniorb2ss

from docker-build-with-cache-action.

whoan avatar whoan commented on May 30, 2024

@juniorb2ss There was a problem in some scenarios which was tackled by #32. It should work now.

from docker-build-with-cache-action.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.