chlouska
Reputation: 81
How to pull GCR images from a GCE instance through GitHub Actions
I am implementing my GitHub Action workflow file which is supposed to update my docker images hosted on GCR, and then log into my GCE instance to pull the newly updated images with docker compose. The problem is I am getting an error at docker compose pull :
err: frontend Error Head "https://europe-west9-docker.pkg.dev/v2/***/registry/frontend/manifests/latest": unauthorized: authentication failed
If I ssh into my GCE instance, and run : sudo gcloud auth login, follow instructions to login and then run the workflow file, it succeeds to pull the images.
What changes can I make to my git actions file so that I don’t need to auth login in my VM for it to pull my images ?
Here is what my git action workflow file looks like:
name: Deploy App on Dev Env
on:
push:
branches:
- 'develop'
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up Google Cloud SDK (service with admin rights for GCR)
uses: google-github-actions/setup-gcloud@v0
with:
project_id: ${{ secrets.GOOGLE_PROJECT }}
service_account_key: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
export_default_credentials: true
- name: Authenticate Docker with GCR
run: |
gcloud auth configure-docker europe-west9-docker.pkg.dev
- name: Build and push backend Docker image
env:
GOOGLE_PROJECT: ${{ secrets.GOOGLE_PROJECT }}
run: |
docker build -f Dockerfile.backend -t europe-west9-docker.pkg.dev/$GOOGLE_PROJECT/registry/backend:latest .
docker push europe-west9-docker.pkg.dev/$GOOGLE_PROJECT/registry/backend:latest
- name: Build and push frontend Docker image
env:
GOOGLE_PROJECT: ${{ secrets.GOOGLE_PROJECT }}
run: |
docker build -f frontend/Dockerfile -t europe-west9-docker.pkg.dev/$GOOGLE_PROJECT/registry/frontend:latest frontend/
docker push europe-west9-docker.pkg.dev/$GOOGLE_PROJECT/registry/frontend:latest
- name: Deploy to GCP VM
uses: appleboy/[email protected]
with:
host: ${{ secrets.GCP_VM_IP }}
username: ${{ secrets.GCP_VM_USER }}
key: ${{ secrets.GCP_VM_SSH_KEY }}
script: |
sudo docker compose pull
sudo docker compose up -d --remove-orphans
sudo docker image prune -a -f
I've been looking for ways to authenticate to my instance through git actions, but couldn't find one that works.
Upvotes: 0
Views: 202
Answers (0)
Related Questions
- How to get the current branch within GitHub Actions?
- How to copy Docker images from one host to another without using a repository
- Push to origin from GitHub action
- how to get docker-compose to use the latest image from repository
- Authenticate Google Compute Engine (GCE) to Pull Image from Google Container Registry (GCR)
- GitHub Actions workflow fails to download image from GHCR during build
- docker compose can't pull image from google container registory
- How to pull/push from/to GCR from GKE node
- Pull from GCR inside GCE vm on Ubuntu 20.04