When running a pipeline with a Kaniko build task, I see the following error message:
E0105 13:50:28.345758 19 aws_credentials.go:77] while getting AWS credentials NoCredentialProviders: no valid providers in chain.Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrorserror checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and tryagain: checking push permission for"docker.io/xyz/myimage": POSThttps://index.docker.io/v2/xyz/myimage/blobs/uploads/:UNAUTHORIZED: authentication required; [map[Action:pull Class:Name:xyz/myimage Type:repository] map[Action:push Class:Name:xyz/myimage Type:repository]]
First I created a secret by generating a Docker hub access token. The secret is created using this command:
kubectl create secret docker-registry docker-credential--docker-username=xyz --docker-password=generated-docker-access-token --docker-email=xyz@mail.com --namespace=default
An alternative way is: getting the docker config info:
$ cat ~/.docker/config.json | base64 -w0 Using this info in a secret:
apiVersion: v1kind: Secretmetadata: name: docker-credentialdata: .dockerconfigjson: <base-64-encoded-json-here>type: kubernetes.io/dockerconfigjsonThen I installed the Tekton Kaniko task with:
kubectl apply -fhttps://api.hub.tekton.dev/v1/resource/tekton/task/kaniko/0.6/raw
I run the pipeline in my local Docker Desktop Kubernets environment with a local Gitea repo.
Before showing the pipeline(run): I tried all kinds of solutions, like using the Docker hub password (iso token), use a Secret with the Docker credentials, etc. Nothing helps, yet.
Finally I created and ran a pipeline(run):
apiVersion: tekton.dev/v1beta1kind: Pipelinemetadata: name: buildpacks-kaniko-pipelinespec: params: - name: SOURCE_URL type: string description: A git repo url where the source code resides. - name: SOURCE_REVISION description: The branch, tag or SHA to checkout. default: "" workspaces: - name: source-workspace - name: dockerconfiginput tasks: - name: fetch-repository taskRef: name: git-clone workspaces: - name: output workspace: source-workspace params: - name: url value: "$(params.SOURCE_URL)" - name: revision value: "$(params.SOURCE_REVISION)" - name: subdirectory value: "" - name: deleteExisting value: "true" - name: build-kaniko taskRef: name: kaniko runAfter: - fetch-repository params: - name: IMAGE value: docker.io/solvedshared/kanikodemo - name: DOCKERFILE value: ./Dockerfile - name: CONTEXT value: ./ workspaces: - name: source workspace: source-workspace - name: dockerconfig workspace: dockerconfiginput---apiVersion: tekton.dev/v1beta1kind: PipelineRunmetadata: name: buildpacks-kaniko-pipeline-runspec: pipelineRef: name: buildpacks-kaniko-pipeline workspaces: - name: source-workspace persistentVolumeClaim: claimName: source-kaniko-pvc - name: dockerconfiginput secret: secretName: docker-credential serviceAccountName: build-bot params: - name: SOURCE_URL value: http://gitea-gitea-http.default.svc.cluster.local:3000/gituser/kaniko-demo.git - name: SOURCE_REVISION value: masterI also tried to use another BUILD_IMAGE:
- name: BUILDER_IMAGE value: bitnami/kaniko:1.19.2This time I go this error message:
error checking push permissions -- make sure you entered the correcttag name, and that you are authenticated correctly, and try again:checking push permission for "docker.io/xyz/myimage": POSThttps://index.docker.io/v2/xyz/myimage/blobs/uploads/:UNAUTHORIZED: authentication required; [map[Action:pull Class:Name:xyz/myimage Type:repository] map[Action:push Class:Name:xyz/myimage Type:repository]]
