Gradle 0.9.7 auth issue #712
Comments
|
Hi @Techtony96
|
|
Hello, I tried to check to see if the image was saved locally and it seems that it was not. I have the docker socket connected to the host docker so I believe it would have saved on the host. |
|
Sorry, I think there is a miscommuncation. I did not mean if the image was saved to the Docker daemon running in the host (in the running container). Jib works with What I meant was
|
|
Looks like you're right, I tested it locally and when putting in my username/password it pushed successfully, albeit I had to put my username/password to pull a public image from docker hub. Still having issues on Jenkins but it seems the issue is on my end. Appreciate your help in narrowing down the issue. |
|
I am still having this issue and think it may actually be related to Jib. What I see in the log is that Jib does not seem to be authenticated when making requests. Any insight is greatly appreciated. |
|
Hi @Techtony96 , I see in there that there was a response with |
I actually thought this was weird, because you can download public images from Docker Hub (such as
It's OK to see some of the following messages when pulling the base BTW, Jib makes parallel requests, so the log would mostly be not in the time order of events. What I see at the last part is the server returning "incorrect username or password", and I am leaning toward trusting the server response. |
|
Hello, I have checked to make sure the username and password is correct. It is slightly obscured from directly checking, but I did the following to make sure it is correct. I store the password in Jenkins credentials as secret text, just as I do with another secret token for my build. This secret token is stored in a file that I was able to check and was saved correctly. I also stored my docker password in the file and it is also correct. I type my username directly into the build.gradle file. If you want to take a look at the actual file, here is the link: https://github.com/DiscordBolt/BoltBot/blob/v3/build.gradle#L92 And my Jenkins file I call it from: https://github.com/DiscordBolt/BoltBot/blob/v3/Jenkinsfile#L63 |
|
@Techtony96 for what it's worth, your setup works fine for me. You could enable Google HTTP logging and verify that the authentication parameters being sent look correct. |
|
Given that it works locally, I'm tempted to check |
|
Actually, maybe task checkEnvVar {
doLast {
println 'echo $USER'.execute().text.trim()
println "$System.env.USER"
println System.getenv('USER')
}
} |
|
@briandealwis I will test that out and see what happens. @chanseokoh I have tested by printing the password out, but jenkins marks it as ***** to protect it. |
|
Just in case, I see in your original comment you typed |
|
@chanseokoh I used DOCKER_PSW when I was using Jenkins username/password secret credential. I changed to secret text and just called it DOCKER_PASSWORD. |
|
After changing back to System.getenv I get a different looking error: Jenkinsfile: https://github.com/DiscordBolt/BoltBot/blob/e587d6253c22d9e81d4c5834f73e0d6fb99e8dcf/Jenkinsfile#L63 |
|
@Techtony96 it looks like in your |
|
@Techtony96 @coollog I think there is actually something more to it. From the log, Jib says that it did not get the auth info from Whether or not providing correct passwords or having the auth section for the from-image or the to-image, if the auth sections have any values, Jib should log that the values are being picked up: The jib {
from {
image = 'openjdk:10-jre'
auth {
username = 'chanseok'
password = 'whatever'
}
}
to {
image = 'chanseok/image-built-with-jib'
auth {
username = 'chanseok'
password = 'whatever'
}
}
}Now, I am suspecting that jib {
from {
image = 'openjdk:10-jre'
auth {
username = 'chanseok'
password = System.getenv('UNDEFINED_VAR')
}
}
to {
image = 'chanseok/image-built-with-jib'
auth {
username = 'chanseok'
password = System.getenv('UNDEFINED_VAR')
}
}
}Jib ignores the auth section as the values are null and outputs the same error log as yours: So I'm guessing the environment variable |
|
@chanseokoh Nice find! We should definitely provide a better error message in that case. |
|
@coollog I went ahead and removed the auth in the from field, and it failed with this error:
Full Log: https://gist.github.com/Techtony96/2ca8178308d37dfeaaf7b5765a7cb97a I did not have an auth field originally and got this error so I assumed I needed one and added it. |
|
@chanseokoh Interesting, let me add a print statement to see if it actually is null! |
|
You're 100% right, the password is null. Looks like it was my issue all along. I appreciate you helping me figure this out! |
|
Glad you figured it out. We also discovered a few issues around logs, so your detailed feedback was very helpful.
Seems like we are printing a wrong error message. Filed a bug: #758 Also filed another bug to print a warning if either the username or the password is null: #759 |
Description of the issue:
When pushing the image to docker hub, a 401 unauthorized error occurs.
Expected behavior:
When provided with valid authentication, the application should log in and push the image successfully.
Steps to reproduce:
authdoes not seem to be valid in build.gradleEnvironment:
Running within a Docker container created by Jenkins. Build takes place in Docker container
gradle:4.9-jdk10jib-gradle-pluginConfiguration:jib { from { image = 'openjdk:10-jre' } to { image = "techtony96/boltbot:$boltBotVersion-" + getCommitHash() auth { username = System.getenv("DOCKER_USR") password = System.getenv("DOCKER_PSW") } } container { jvmFlags = ['-Xms512m', '-Xmx512m'] mainClass = 'com.discordbolt.boltbot.BoltBot' } }Log output:
Additional Information:
I get a warning from Intellij saying
authcan not be resolved, which seems to me that my login info is not being used.The text was updated successfully, but these errors were encountered: