Logging in to Github Container Registry

[ghost]

Behaviour

Run docker/login-action@v1
Error: Username and password required

Steps to reproduce this issue

1. Follow your guide here: https://github.com/docker/login-action#github-container-registry

Expected behaviour

It should at least log in. I assume that the token I created should be added to the secrets (will try that in a moment)

Also project wide settings should not depend on personal tokens. IMO it's a an obviously bad design. The token is personal, the user might accidentally delete it, leave the projects etc. Either it should dynamically identify as committing user, or it should identify as the pipeline. It should not require the project to contain personal tokens in shared configs.

Actual behaviour

Isn't this the same as behaviour?

Configuration

• Repository URL (if public): N/A (not public)
• Build URL (if public): N/A (not public)

The part that fails:

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.CR_PAT }}

Logs

Download the log file of your build and attach it to this issue.

[ghost]

And the last missing piece, please also include a link to this instructing people to enable the feature: https://docs.github.com/en/packages/guides/enabling-improved-container-support

Just wasted a lot of my time fighting your guides figuring all the missing steps. Please don't expect people to be familiar with all the details around. Even for experienced users that is simply not a fair assumption (for whatever reason they might never have had the need for this yet).

[crazy-max]

@rfftrifork

I assume that the token I created should be added to the secrets (will try that in a moment)

The key ${{ secrets.xxxxx } is self-explanatory if you have the minimum knowledge to use GitHub Actions. Otherwise here is the documentation about secrets: https://docs.github.com/en/actions/reference/encrypted-secrets

Also project wide settings should not depend on personal tokens. IMO it's a an obviously bad design. The token is personal, the user might accidentally delete it, leave the projects etc. Either it should dynamically identify as committing user, or it should identify as the pipeline. It should not require the project to contain personal tokens in shared configs.

That's the current design implemented by GitHub as explained in their documentation. Nothing we (Docker) can do about that with the login-action. But there is good hope GitHub will allow to use the GITHUB_TOKEN to authenticate against this registry in the near future.

And the last missing piece, please also include a link to this instructing people to enable the feature: https://docs.github.com/en/packages/guides/enabling-improved-container-support

I will add a note about this, thanks for pointing this out.

Just wasted a lot of my time fighting your guides figuring all the missing steps. Please don't expect people to be familiar with all the details around. Even for experienced users that is simply not a fair assumption (for whatever reason they might never have had the need for this yet).

As you said you have followed the GitHub Container Registry section in the README. If so, you must have noticed the link to the GitHub documentation to create the appropriate scopes which covers the minimal steps to create a personal access token and a secret in your repository to be able to use this action.

If you are not familiar with GitHub Actions I suggest to read their quick start guide.