-
Notifications
You must be signed in to change notification settings - Fork 461
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Could not log in (please check credentials) #785
Comments
If By the way, Edit: Just to make sure, this error is coming from the docker-build step, correct? I'm not sure what you mean by
|
@peterwoodworth I've tried with v2 and received the same result. Yep, the error is happening on |
If this step is the one that's causing the crash, then when you remove it which step throws the error and what do those workflow logs look like? Could you post a screenshot of this by any chance? |
Sure, let me provide you the link to repo. So let's concentrate with included login ecr step. The github action config and of course the result of action. So the step
but previous ones of configure aws credentials and login to ecr are successful. |
This is strange, someone else reported a similar error recently where the credentials aren't being accepted in a subsequent workflow step. Could be a coincidence. Either way, I can't see anything going wrong with configure-aws-credentials in particular, especially if the |
@v0ldemar01 we launched v3 yesterday - in the other issue I linked someone mentioned it helped, give it a try? |
@v0ldemar01 to make sure it's not something wrong with how we're passing around credentials, could you try taking our action out of it and manually supplying the credentials to the action that's failing, according to their documentation? If this works, then we can try to look into exactly how this action is trying to read credentials and see if we can cooperate with it better. If it doesn't work, then there's likely some other issue with your setup that doesn't have to do with the credentials themselves |
@peterwoodworth I've tried your advice of v3 but it still has same error(. As for another comment, it's working properly while passing credentials instead of role |
Ok so when you're passing credentials to the action directly, does this mean that you're running that workflow step with the role credentials, or with the entity that you assume the role with? Which credentials are you passing exactly? |
So, on credentials I mean passing |
@peterwoodworth please let me know if you need more input data |
If you're succeeding with only the access key and secret access key, then I think that means that your role doesn't have the proper permissions, and your user does. I meant that you try running the action with assumed role credentials, not your user. But since your user is succeeding, that indicates to me that the user has proper permissions but the role does not. You're trying to run the action with the role, so it is failing. |
@peterwoodworth I've provided the screenshots of role and permission policy. I followed the official documentation. Maybe I was wrong with some points but I can't figure out where it is, can you advice me? |
Your debug logs for the check run show that the docker-build-with-cache action is attempting to log into ECR and failing. The log messages correspond with these lines in the docker action:
Earlier it tries to log into ECR:
Which is where the I also noticed that your most recent runs seem to be passing. Could you let us know what you've changed? |
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
@kellertk Hey, I carefully looked at your comment and checked it I've attempted to run a custom script of docker building and pushing like
and it works fine. Thanks so much guys for helping |
Comments on closed issues are hard for our team to see. |
Describe the issue
Hey, I am trying the approach of assuming the role with OIDC provider. That is my configuration:
name: Build, tag, and push backend image
![image](https://private-user-images.githubusercontent.com/43109766/261775155-4db001e0-0220-4897-afe4-f8c32a6b6776.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjEzNDcyMjUsIm5iZiI6MTcyMTM0NjkyNSwicGF0aCI6Ii80MzEwOTc2Ni8yNjE3NzUxNTUtNGRiMDAxZTAtMDIyMC00ODk3LWFmZTQtZjhjMzJhNmI2Nzc2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MTglMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzE4VDIzNTUyNVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTliMGNmNTNmZTU5YzljZDExMThmMDFkNzM2YzJjNTVmNGU5YzU3MzkxZTQxMDI1ODkzNGIwNzE5ZTc1ZGVhNTgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.a5xZcaBcEduzMTDQ4rt07AK6totvF2YZgEIFEI0JIx4)
I was trying to debug it via adding Hello from AWS: WhoAmI and it works fine. These errors appear regardless of Login to Amazon ECR step. I've tried to assign a maximum level of permissions to the role but it didn't help.
Also I attempted to use custom script instead of docker-build-with-cache-action
Can you please assist me? Please let me know if you need more additional input data)
The text was updated successfully, but these errors were encountered: