Comments (12)
Recent changes are causing this error.
[Action Step] Log in to registry...
Unable to find image 'amazon/aws-cli:2.0.7' locally
2.0.7: Pulling from amazon/aws-cli
a8d577519c9f: Pulling fs layer
....
An error occurred (UnrecognizedClientException) when calling the GetAuthorizationToken operation: The security token included in the request is invalid.
Error: Cannot perform an interactive login from a non TTY device
Could not log in (please check credentials)
INFO: Won't be able to pull from private repos, nor to push to public/private repos.
I have pinned to v4.1.1 where the error is not happening
from docker-build-with-cache-action.
@leo-novu Can I see your workflow file? If you are using AWS ECR, since 4.3.0 now it's easier to login to the registry. I wonder if I introduced a breaking change in 4.2.0 or 4.3.0.
Since 4.2.0 you need to explicitly set push_image_and_stages
to false
if you don't provide the right credentials and don't expect the action to push the image and stages.
In 4.1.1 the error should be there, but the action continues to run even with wrong credentials, which is not a good idea as you won't be able to push the built layers (and you won't have the right cache on next runs).
from docker-build-with-cache-action.
I dont believe the credentials are wrong. In the previous actions that setup the credentials and login to ECR work.
---
name: CI
on: [pull_request]
jobs:
Build_Docker_Image:
name: Build Docker Image
runs-on: ubuntu-latest
env:
ARTIFACTORY_CREDENTIALS: ${{ secrets.ARTIFACTORY_CREDENTIALS }}
steps:
- uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Get AWS ECR credentials
id: ecr-credentials
run: |
echo "::set-output name=username::AWS"
echo "::set-output name=password::`aws ecr get-login-password`"
- name: Docker build
uses: whoan/[email protected]
with:
username: ${{ steps.ecr-credentials.outputs.username }}
password: ${{ steps.ecr-credentials.outputs.password }}
registry: '822373129316.dkr.ecr.us-east-1.amazonaws.com'
image_name: novu/ci-cache/hermesci
build_extra_args: "--compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=${{ secrets.ARTIFACTORY_CREDENTIALS }}"
Here is the entire error:
Run whoan/docker-build-with-cache-action@master
/usr/bin/docker run --name d00b33f907b7cdeedd4450bd946e425aa0bcfa_953ba7 --label d00b33 --workdir /github/workspace --rm -e ARTIFACTORY_CREDENTIALS -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_REGISTRY -e INPUT_IMAGE_NAME -e INPUT_BUILD_EXTRA_ARGS -e INPUT_IMAGE_TAG -e INPUT_CONTEXT -e INPUT_DOCKERFILE -e INPUT_PUSH_IMAGE_AND_STAGES -e INPUT_PUSH_GIT_TAG -e INPUT_PULL_IMAGE_AND_STAGES -e PULL_STAGES_LOG -e BUILD_LOG -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/hermes/hermes":"/github/workspace" d00b33:f907b7cdeedd4450bd946e425aa0bcfa
[Action Step] Checking required input...
[Action Step] Log in to registry...
Unable to find image 'amazon/aws-cli:2.0.7' locally
2.0.7: Pulling from amazon/aws-cli
a8d577519c9f: Pulling fs layer
566688c06207: Pulling fs layer
ca757f738665: Pulling fs layer
20a1a6491248: Pulling fs layer
eee974bddccb: Pulling fs layer
20a1a6491248: Waiting
eee974bddccb: Waiting
20a1a6491248: Verifying Checksum
20a1a6491248: Download complete
eee974bddccb: Verifying Checksum
eee974bddccb: Download complete
a8d577519c9f: Verifying Checksum
a8d577519c9f: Download complete
a8d577519c9f: Pull complete
566688c06207: Pull complete
ca757f738665: Pull complete
20a1a6491248: Pull complete
eee974bddccb: Pull complete
Digest: sha256:30119932960947db22fcbabf465c4974134cc30c2c6dc2936694befd55b6ae99
Status: Downloaded newer image for amazon/aws-cli:2.0.7
An error occurred (UnrecognizedClientException) when calling the GetAuthorizationToken operation: The security token included in the request is invalid.
Error: Cannot perform an interactive login from a non TTY device
Could not log in (please check credentials)
INFO: Won't be able to pull from private repos, nor to push to public/private repos
[Action Step] Pulling image...
[Action Step] Building image...
+ docker build --tag my_awesome_image --file ./Dockerfile --compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=*** .
+ tee build-output.log
Sending build context to Docker daemon 10.27MB
Step 1/60 : FROM *************/debian-ruby-2.6.5/db-libraries/nodejs8:1.0.6-rc-20200330145916 as builder
Get https://**********/debian-ruby-2.6.5/db-libraries/nodejs8/manifests/1.0.6-rc-20200330145916: no basic auth credentials
from docker-build-with-cache-action.
Could you please try with this @leo-novu ?:
- name: Docker build
uses: whoan/[email protected]
with:
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
registry: '822373129316.dkr.ecr.us-east-1.amazonaws.com'
image_name: novu/ci-cache/hermesci
build_extra_args: "--compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=${{ secrets.ARTIFACTORY_CREDENTIALS }}"
UPDATE Changed it to v5.0.0 to avoid breaking existent workflows using the old method to login to AWS ECR (instead of the new built-in way).
from docker-build-with-cache-action.
Same results
Run whoan/[email protected]
with:
username: AWS
password:
registry: ********
image_name: novu/ci-cache/novu-s3-utilsci
build_extra_args: --compress=true --build-arg=SKIP_TRANSLATIONS=true --build-arg=PRECOMPILE_ASSETS=0 --build-arg=ARTIFACTORY_CREDENTIALS=***
image_tag: latest
context: .
dockerfile: Dockerfile
push_image_and_stages: true
push_git_tag: false
pull_image_and_stages: true
env:
ARTIFACTORY_CREDENTIALS: ***
AWS_DEFAULT_REGION: ***
AWS_REGION: ***
/usr/bin/docker run --name c1a0755c899344f40fe88c3a9a35140730b_94246b --label 430c1a --workdir /github/workspace --rm -e ARTIFACTORY_CREDENTIALS -e AWS_DEFAULT_REGION -e AWS_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_REGISTRY -e INPUT_IMAGE_NAME -e INPUT_BUILD_EXTRA_ARGS -e INPUT_IMAGE_TAG -e INPUT_CONTEXT -e INPUT_DOCKERFILE -e INPUT_PUSH_IMAGE_AND_STAGES -e INPUT_PUSH_GIT_TAG -e INPUT_PULL_IMAGE_AND_STAGES -e PULL_STAGES_LOG -e BUILD_LOG -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/novu-s3-utils/novu-s3-utils":"/github/workspace" 430c1a:0755c899344f40fe88c3a9a35140730b
[Action Step] Checking required input...
[Action Step] Log in to registry...
Unable to find image 'amazon/aws-cli:2.0.7' locally
2.0.7: Pulling from amazon/aws-cli
a8d577519c9f: Pulling fs layer
599cb0
---> 37cde7e59fac
[Warning] One or more build-args [PRECOMPILE_ASSETS SKIP_TRANSLATIONS] were not consumed
Successfully built 37cde7e59fac
Successfully tagged my_awesome_image:latest
+ set +x
[Action Step] Tagging image...
Tagging: latest
ERROR: Can't push when not logged in to registry. Set push_image_and_stages=false if you don't want to push
from docker-build-with-cache-action.
@leo-novu , I will take a closer look at it as soon as I can. Thanks for your tests.
from docker-build-with-cache-action.
@leo-novu Another question to track the problem. Didn't it work for you with v4.2.0?
from docker-build-with-cache-action.
I could not reproduce @leo-novu . Look at this run: https://github.com/whoan/docker-images/runs/594127068?check_suite_focus=true
The only way I could reproduce was setting wrong credentials, as you can see here: https://github.com/whoan/docker-images/runs/594068519?check_suite_focus=true
BTW, I set last version as v5.0.0 to avoid breaking existent workflows using v4. But I still wonder why it dodn't work for you in your last run.
Did you set the the correct keys? You need to set the ones you are currently setting in Configure AWS Credentials step, like this:
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
from docker-build-with-cache-action.
Closing this one as I can't reproduce. Feel free to open if you are sure there is something to fix in the action. Thanks.
from docker-build-with-cache-action.
I have same issue:
[Action Step] Log in to registry...
[Building and pushing a docker image to Amazon ECR/Building and pushing images to AWS ECR] Started container: 24513cd37183834996f4fc9555dec17da3c1e6d270fe2abb4958890764c7d56b
| Error response from daemon: login attempt to https://13243424.dkr.ecr.us-east-1.amazonaws.com/v2/ failed with status: 401 Unauthorized
| INFO: Could not log in (please check credentials) - Won't be able to pull from private repos, nor to push to public/private repos
name: Building and pushing a docker image to Amazon ECR
on:
push:
branches:
- master
env:
SHA8: ${GITHUB_SHA::8-latest}
jobs:
build:
name: Building and pushing images to AWS ECR
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@master
- name: Build/Pushing PHP image
uses: whoan/docker-build-with-cache-action@v4
with:
username: "aws_key"
password: "aws_secret"
image_name: "image-name"
context: .
dockerfile: docker/php/base/Dockerfile
push_image_and_stages: false
push_git_tag: true
image_tag: "${SHA8}"
registry: 13243424.dkr.ecr.us-east-1.amazonaws.com
I'm testing using act
.
from docker-build-with-cache-action.
Please use v5 @juniorb2ss
from docker-build-with-cache-action.
@juniorb2ss There was a problem in some scenarios which was tackled by #32. It should work now.
from docker-build-with-cache-action.
Related Issues (20)
- docker cache and no cache set as variable HOT 2
- issue with pulling image from aws
- Fail to build rails app that rely on mimemagic HOT 4
- Is it possible to only build specific services from compose? HOT 1
- Support for YAML anchors and aliases? HOT 1
- build stages not being pushed HOT 4
- Could not log in (please check credentials) HOT 1
- When using <folder>/docker-compose.yaml, the context is not relative to <folder>
- compose_file ignored build args HOT 1
- Make the action to work with DOCKER_BUILDKIT enabled HOT 2
- Workaround `DOCKER_BUILDKIT` issue where builds are broken when it's disabled
- v8 always push the image regardless what we set in `push_image_and_stages`
- Add ability to choose "cache image" name HOT 1
- Honour stages_image_name in AWS public ECR when BuildKit is disabled
- Buildx images are not cleaned-up on self-hosted runner HOT 1
- Supplying AWS creds but still getting missing username warning HOT 9
- Support cache mounts using reproducible-containers/buildkit-cache-dance HOT 3
- Slower than docker/build-push-action@v5 in certain situations (using ECR)
- Pushing image stages with tags
- Add Support for Google Cloud Artifact Registry HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-build-with-cache-action.