Debug pipeline
This commit is contained in:
@@ -61,58 +61,30 @@ jobs:
|
|||||||
fi
|
fi
|
||||||
echo "version=${next}" >> "$GITHUB_OUTPUT"
|
echo "version=${next}" >> "$GITHUB_OUTPUT"
|
||||||
|
|
||||||
- name: Single shell test
|
|
||||||
env:
|
|
||||||
REG_USER: ${{ secrets.REGISTRY_USERNAME }}
|
|
||||||
REG_PASS: ${{ secrets.REGISTRY_PASSWORD }}
|
|
||||||
run: |
|
|
||||||
set -x
|
|
||||||
# All in one shell
|
|
||||||
mkdir -p /tmp/dc
|
|
||||||
AUTH=$(printf '%s:%s' "$REG_USER" "$REG_PASS" | base64 -w 0)
|
|
||||||
printf '{"auths":{"registry.c5ai.ch":{"auth":"%s"}}}' "$AUTH" > /tmp/dc/config.json
|
|
||||||
export DOCKER_CONFIG=/tmp/dc
|
|
||||||
|
|
||||||
# Verify the file is there RIGHT NOW
|
|
||||||
ls -la /tmp/dc/
|
|
||||||
cat /tmp/dc/config.json
|
|
||||||
|
|
||||||
# Push something — anything — using this config
|
|
||||||
docker pull alpine:3.20
|
|
||||||
docker tag alpine:3.20 registry.c5ai.ch/pieced/pieced-portal:debug-auth
|
|
||||||
docker push registry.c5ai.ch/pieced/pieced-portal:debug-auth
|
|
||||||
docker info 2>&1 | grep -i config
|
|
||||||
|
|
||||||
- name: Build and push image
|
- name: Build and push image
|
||||||
# Combine login + build + push in a single run block. act_runner can
|
|
||||||
# use ephemeral per-step containers in some configurations, in which
|
|
||||||
# case `docker login` from one step doesn't leave its cached
|
|
||||||
# ~/.docker/config.json visible to the next step. Doing everything
|
|
||||||
# in one shell session sidesteps that entirely.
|
|
||||||
env:
|
env:
|
||||||
REG_USER: ${{ secrets.REGISTRY_USERNAME }}
|
REG_USER: ${{ secrets.REGISTRY_USERNAME }}
|
||||||
REG_PASS: ${{ secrets.REGISTRY_PASSWORD }}
|
REG_PASS: ${{ secrets.REGISTRY_PASSWORD }}
|
||||||
VERSION: ${{ steps.version.outputs.version }}
|
VERSION: ${{ steps.version.outputs.version }}
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
mkdir -p /root/.docker
|
||||||
# Write docker auth config directly. This guarantees the Authorization
|
|
||||||
# header is sent on every request — including PATCH during blob
|
|
||||||
# upload — without depending on a credential store or `docker login`
|
|
||||||
# state. Resolves a known issue where docker-in-docker drops auth
|
|
||||||
# mid-push.
|
|
||||||
mkdir -p /tmp/docker-config
|
|
||||||
AUTH=$(printf '%s:%s' "$REG_USER" "$REG_PASS" | base64 -w 0)
|
AUTH=$(printf '%s:%s' "$REG_USER" "$REG_PASS" | base64 -w 0)
|
||||||
cat > /tmp/docker-config/config.json <<EOF
|
cat > /root/.docker/config.json <<EOF
|
||||||
{
|
{
|
||||||
"auths": {
|
"auths": {
|
||||||
"${REGISTRY}": {
|
"registry.c5ai.ch": {
|
||||||
|
"auth": "${AUTH}"
|
||||||
|
},
|
||||||
|
"https://registry.c5ai.ch": {
|
||||||
|
"auth": "${AUTH}"
|
||||||
|
},
|
||||||
|
"https://registry.c5ai.ch/v1/": {
|
||||||
"auth": "${AUTH}"
|
"auth": "${AUTH}"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
export DOCKER_CONFIG=/tmp/docker-config
|
|
||||||
|
|
||||||
docker build --pull \
|
docker build --pull \
|
||||||
-t "${REGISTRY}/${IMAGE}:${VERSION}" \
|
-t "${REGISTRY}/${IMAGE}:${VERSION}" \
|
||||||
|
|||||||
Reference in New Issue
Block a user