我在将 docker 镜像推送到我的私有(private) GCP 注册表时遇到问题。
我从 Google Cloud Platform 创建了一个具有所有者角色的新服务帐户。然后我创建了一个服务 key 并将 json 文件的内容(我从服务帐户下载)复制到 Gitlab CI/CD 变量的 $GCP_SERVICE_KEY 变量中。
这是我的 .gitlab-ci.yaml 文件:
image: python:3.6
stages:
- push
before_script:
- mkdir -p $HOME/.docker
- echo "$GCP_SERVICE_KEY" >> "$HOME/.docker/config.json"
dockerpush:
stage: push
image: docker:stable
services:
- docker:dind
script:
- docker build --build-arg MONGODB_URI=$MONGODB_URI -t my_image_name .
- docker login -u _json_key --password-stdin https://gcr.io < $HOME/.docker/config.json
- docker tag my_image_name eu.gcr.io/my_project_id/my_image_name
- docker push eu.gcr.io/my_project_id/my_image_name
当我检查控制台日志时,我看到“登录成功”。但我无法推送到我的 GCP 注册表。我检查了项目 ID,我的用户的角色,一切似乎都很好。但是为什么我仍然看到“未经授权”的错误?
$ docker login -u _json_key -p "$GCP_SERVICE_KEY" https://gcr.io
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
$ docker tag my_image_name eu.gcr.io/my_project_id/my_image_name
$ docker push eu.gcr.io/my_project_id/my_image_name
The push refers to repository
Preparing
Preparing
unauthorized: You don't have the needed permissions to perform this operation, and you may have invalid credentials.
To authenticate your request, follow the steps in: https://cloud.google.com/container-registry/docs/advanced-authentication
最佳答案
您正在登录 https://gcr.io , 但推送到 https://eu.gcr.io
更新您的 docker login命令到 https://eu.gcr.io
关于Docker "Login succeeded"但仍无法推送到 GCP 私有(private)注册表,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53832867/