https://pantsbuild.org/ logo
Powered by
b

big-television-45965

02/14/2022, 9:26 PM
Is there a speific option for docker to use my docker.io login for pushing docker images? I can push my docker image, build with Pants manually, but 
./pants publish ...
always fails with 
denied: requested access to the resource is denied
I have set up no docker registry in the pants.toml so it tags the image without any registry info.
h

happy-kitchen-89482

02/14/2022, 9:29 PM
cc @curved-television-6568
c

curved-television-6568

02/14/2022, 10:01 PM
Hi, We should add this to the docs, with examples. In order to use docker auth, you need to be logged in using 
docker login
prior to invoking pants. Then pass proper env vars along for docker to pick up the correct configuration so the session is propagated. Hope you can work with that..
👍 1
b

big-television-45965

02/15/2022, 9:17 AM
@curved-television-6568 Which env vars do I need to pass so that Pants know which login to use?
c

curved-television-6568

02/15/2022, 9:22 AM
I think that 
DOCKER_CONTEXT
and/or 
DOCKER_CONFIG
are relevant here. See this thread for example: https://pantsbuild.slack.com/archives/C046T6T9U/p1637136003393600
To be clear, pants doesn’t use any login for Docker.
It is what env vars you need to pass through to the sandbox where Pants executes the Docker client in order for Docker to pick up the login session that you’ve setup outside of Pants.
👍 1
Using the 
[docker].env_vars
in pants.toml or similar: https://www.pantsbuild.org/v2.10/docs/reference-docker#section-env-vars
Also, if you’re on aws using a credential plugin, there’s work we need to do still, in order to support that.
b

big-television-45965

02/15/2022, 9:56 AM
Mhm I tried setting the DOCKER_CONTEXT and DOCKER_CONFIG env var but I don't get it to run. Is there a known problem when I'm logged in to multiple registries maybe?
AWS is definitely a use case which I need to support.
In the end I can circumvent this by using the docker daemon directly to push the image. Would be good to have everything in the build system, though.
Just resetted my docker config directory to be logged in only to one registry and it still fails.
c

curved-television-6568

02/15/2022, 10:00 AM
Is it a private registry, or docker hub, or something else?
b

big-television-45965

02/15/2022, 10:00 AM
Is there anything I can do to see more output from the pants publish command than using 
--print-stacktrace -ldebug
?
It's the docker hub
c

curved-television-6568

02/15/2022, 10:02 AM
No, 
-ldebug
gives you all the logs we have, and since the 
docker push
command runs as an interactive process, it’s not using a sandbox that we can introspect the actual command env and args used, unfortunately.
Are you on Linux or Mac?
b

big-television-45965

02/15/2022, 10:03 AM
ah that explains it 🙂
Ubuntu 21.04
👍 1
c

curved-television-6568

02/15/2022, 10:03 AM
OK, I’ll do some testing on my end, see what I can find out. I’ve only tested this on Mac myself.
b

big-television-45965

02/15/2022, 10:03 AM
I completely resetted my docker daemon config also just to be sure.
c

curved-television-6568

02/15/2022, 10:04 AM
Just for debugging purposes, try to also provide HOME and USER, see if it makes a difference..
b

big-television-45965

02/15/2022, 10:04 AM
jep, still fails
my docker version is Docker version 20.10.12, build e91ed57
Let me create an issue
👍 1
c

curved-television-6568

02/15/2022, 10:05 AM
Thanks for banging at it 🙂
👍 1
b

big-television-45965

02/15/2022, 10:09 AM
c

curved-television-6568

02/15/2022, 10:21 AM
One last thing, if you don’t mind trying, to also provide a value for DOCKER_CONFIG, so 
DOCKER_CONFIG=/home/user/.docker
or where the docker config directory is. Try with that alone (remove the other env vars from pants.toml)
b

big-television-45965

02/15/2022, 3:07 PM
Tried it with the fixed path to my docker config but still fails
c

curved-television-6568

02/15/2022, 3:09 PM
Thanks for checking. I’ll have to do a proper ubuntu setup to try this on.
3 Views
Powered by