我将Docker镜像推送到我的私有(private)GCP注册表时遇到问题。
我从Google Cloud Platform创建了一个具有所有者角色的新服务帐户。然后,我创建了一个服务密钥,并在Gitlab CI / CD变量的$ GCP_SERVICE_KEY变量中复制了json文件的内容(从服务帐户下载)。
这是我的 .gitlab-ci.yaml 文件:
image: python:3.6
stages:
- push
before_script:
- mkdir -p $HOME/.docker
- echo "$GCP_SERVICE_KEY" >> "$HOME/.docker/config.json"
dockerpush:
stage: push
image: docker:stable
services:
- docker:dind
script:
- docker build --build-arg MONGODB_URI=$MONGODB_URI -t my_image_name .
- docker login -u _json_key --password-stdin https://gcr.io < $HOME/.docker/config.json
- docker tag my_image_name eu.gcr.io/my_project_id/my_image_name
- docker push eu.gcr.io/my_project_id/my_image_name
当我检查控制台日志时,看到“登录成功”。但是我无法推送到我的GCP注册中心。我检查了项目ID,用户的角色,一切似乎都还好。但是,为什么我仍然看到“未经授权”的错误?
$ docker login -u _json_key -p "$GCP_SERVICE_KEY" https://gcr.io
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
$ docker tag my_image_name eu.gcr.io/my_project_id/my_image_name
$ docker push eu.gcr.io/my_project_id/my_image_name
The push refers to repository
Preparing
Preparing
unauthorized: You don't have the needed permissions to perform this operation, and you may have invalid credentials.
To authenticate your request, follow the steps in: https://cloud.google.com/container-registry/docs/advanced-authentication
最佳答案
您正在登录https://gcr.io,但推送到https://eu.gcr.io
将docker login命令更新为https://eu.gcr.io