我尝试构建 docker 映像并将其推送到 GHCR(GitHub 容器注册表)。
docker/login-action@v1
不幸的是,在使用 GITHUB_TOKEN 作为密码的操作的登录过程中,我收到了一个错误。
Error: Error response from daemon: Get "https://ghcr.io/v2/": denied: denied
整个工作流程 yaml 清单。
name: Docker CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build-push:
name: Buid and push Docker image to GitHub Container registry
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout the repository
uses: actions/checkout@v2
- name: Login to GitHub Container registry
env:
GITHUB_USER: ${{ github.actor }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: $GITHUB_USER
password: $GITHUB_TOKEN
- name: Build and Push Docker Image
env:
REGISTRY: ghcr.io
OWNER: my-organization-name
IMAGE_NAME: ${{ github.repository }}
uses: docker/build-push-action@v2
with:
context: .
file: ./docker/Dockerfile
target: final
push: true
tags: |
$REGISTRY/$OWNER/$IMAGE_NAME:$(date +%s)
build-args: |
ENVIRONMENT=production
错误截图。
更新
设置工作阶段。
Current runner version: '2.285.1'
Operating System
Ubuntu
20.04.3
LTS
Virtual Environment
Environment: ubuntu-20.04
Version: 20211219.1
Included Software: https://github.com/actions/virtual-environments/blob/ubuntu20/20211219.1/images/linux/Ubuntu2004-README.md
Image Release: https://github.com/actions/virtual-environments/releases/tag/ubuntu20%2F20211219.1
Virtual Environment Provisioner
1.0.0.0-main-20211214-1
GITHUB_TOKEN Permissions
Contents: read
Metadata: read
Packages: write
Secret source: Actions
Prepare workflow directory
Prepare all required actions
Getting action download info
Download action repository 'actions/checkout@v2' (SHA:ec3a7ce113134d7a93b817d10a8272cb61118579)
Download action repository 'docker/login-action@v1' (SHA:42d299face0c5c43a0487c477f595ac9cf22f1a7)
Download action repository 'docker/build-push-action@v2' (SHA:a66e35b9cbcf4ad0ea91ffcaf7bbad63ad9e0229)
登录到 GitHub Container 注册阶段。
Run docker/login-action@v1
with:
registry: ghcr.io
username: $GITHUB_USER
password: $GITHUB_TOKEN
ecr: auto
logout: true
env:
GITHUB_USER: my-github-username
GITHUB_TOKEN: ***
Logging into ghcr.io...
Error: Error response from daemon: Get "https://ghcr.io/v2/": denied: denied
笔记
我使用的存储库是私有的,属于我正在创建的组织。
GitHub 文档说建议使用 GITHUB_TOKEN 而不是 PAT。https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry
要在 GitHub Actions 工作流程中对容器注册表进行身份验证,请使用 GITHUB_TOKEN 以获得最佳安全性和体验。如果您的工作流程使用个人访问令牌 (PAT) 对 ghcr.io 进行身份验证,那么我们强烈建议您更新您的工作流程以使用 GITHUB_TOKEN。