With GCR I could authenticate but with artifact registry I cannot. Are the scopes wrong? Are the permissions wrong on the service account? Is this supposed to work?
I expect the access token to let me in. The instructions seem to be the same.
https://cloud.google.com/artifact-registry/docs/docker/authentication#token
https://cloud.google.com/container-registry/docs/advanced-authentication#token
I am prompted for a username and password
on:
workflow_dispatch:
permissions:
id-token: write
contents: read
jobs:
build:
- name: ๐๏ธ Authenticate to Google Cloud
id: auth
uses: google-github-actions/[email protected]
with:
access_token_scopes: 'email, openid, https://www.googleapis.com/auth/cloud-platform, https://www.googleapis.com/auth/firebase'
workload_identity_provider: ${{ secrets.IDENTITY_PROVIDER }}
service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }}
create_credentials_file: true
- name: ๐๏ธ Authenticate Docker to Google Cloud works
uses: docker/[email protected]
with:
registry: gcr.io
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: ๐๏ธ Authenticate Docker to Google Cloud fails
uses: docker/[email protected]
with:
registry: us-central1-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}No response
No response
Hi there @steveoh
Thank you for opening an issue. Our team will triage this as soon as we can. Please take a moment to review the troubleshooting steps which lists common error messages and their resolution steps.
| Owner Name | google-github-actions |
| Repo Name | auth |
| Full Name | google-github-actions/auth |
| Language | TypeScript |
| Created Date | 2021-09-16 |
| Updated Date | 2023-03-24 |
| Star Count | 573 |
| Watcher Count | 16 |
| Fork Count | 116 |
| Issue Count | 3 |
| Issue Title | Created Date | Updated Date |
|---|