'Docker pulling unauthorized - Docker and Github actions

my deploy script is as follows:

  - name: Log in to GitHub Packages
    run: echo ${PERSONAL_ACCESS_TOKEN} | docker login ghcr.io -u ${{ secrets.NAMESPACE }} --password-stdin
    env:
      PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}

  - name: Build and deploy images on DigitalOcean
    env:
      SSH_AUTH_SOCK: /tmp/ssh_agent.sock
    run: |
      scp  -o StrictHostKeyChecking=no -r ./.env ./docker-compose_prod.yml root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }}:/app
      ssh -o StrictHostKeyChecking=no root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }} << 'ENDSSH'
        cd /app
        source .env
        docker login ghcr.io -u $NAMESPACE -p $PERSONAL_ACCESS_TOKEN
        docker pull $WEB_IMAGE
        docker pull $NGINX_IMAGE
        docker-compose -f docker-compose.prod.yml up -d
      ENDSSH

and the error that I get is

Pulling web (ghcr.io/***/testdriver_tutorial/web:ba673356fe8a9abcf25700b8a12619e414bbaf7c)... Head https://ghcr.io/v2/***/testdriver_tutorial/web/manifests/ba673356fe8a9abcf25700b8a12619e414bbaf7c: unauthorized

The Log in to GitHub Packages step shows it has been successful

enter image description here

UPDATE

I just did docker login ghcr.io -u $NAMESPACE -p $PERSONAL_ACCESS_TOKEN on the digital ocean droplet and it requests a password.

How can I switch off this password authentication so it only uses PERSONAL_ACCESS_TOKEN ?

docker-composegithub-actionsdigital-ocean


Solution 1:[1]

The problem was not with docker pull, the problem was with the command executed before docker login which was source .env

        run: |
          scp  -o StrictHostKeyChecking=no -r ./.env ./docker-compose.prod.yml root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }}:/app
          ssh -o StrictHostKeyChecking=no root@${{ secrets.DIGITAL_OCEAN_IP_ADDRESS }} << 'ENDSSH'
            cd /app
            source .env
            docker login ghcr.io -u $NAMESPACE -p $PERSONAL_ACCESS_TOKEN

There was a special character in the source .env - specifically in the Django Secret Key. The GitHub actions continued to the next step. I am not sure how unauthorized error resulted, but fixing the syntax in source .env made it log in.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Joseph Adam

Related Questions

Git push hangs when pushing to Github?

How do I enable auto-merge on a github pull request via the Rest API

PhpStorm asks each time for a username and password for GitHub

How to generate ssh keys (for github)

Pull new updates from original GitHub repository into forked GitHub repository

Hidden code cells (Jupyter lab) show up on github

Can I embed source files from GitHub on my web page other than Gists?

SSL certificate problem: self signed certificate in certificate chain

Using Github token in my app to auto update? Is it safe

Is there a way to cache https credentials for pushing commits?

Git's famous "ERROR: Permission to .git denied to user"

GitHub API (v3): Order tags by creation date

Deploy individual services from a monorepo using github actions

How to automatically get a certain file(>1MB) from git

How do I use the 'logo' option in shields.io badges?