Error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again:

I am able to log in with the same credentials, pull and push images to the Harbor repository from CLI. However, I am encountering the following error through the GitLab CI job.

$ echo “{"auths":{"$DOCKER_REGISTRY":{"username":"$DFWP_HARBOR_USER","password":"$DFWP_HARBOR_PASS"}}}” > /kaniko/.docker/config.json

$ /kaniko/executor \ # collapsed multi-line command

(https://xxx.com/xx/xx/dxx/xxx/-/jobs/2xxx4#Lxx)error checking push permissions – make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for “xxx.xx.com/exxx/pxxx/nxxx:release-integration-xxx-0xxx”: POST https://xxxx.com/v2/exxx/xxxt/xxx/blobs/uploads/: UNAUTHORIZED: unauthorized to access repository: xxx/xxx-rxx/nxxx, action: push: unauthorized to access repository: exxxx/pxxxtionxx-react/nxx-cxxx, action: push

• GitLab Version`):. GitLab Enterprise Edition 15.0.5-ee

• CI configuration from .gitlab-ci.yml

.docker-publish:
stage: deploy
variables:
DOCKER_REGISTRY: xxxxx
DOCKERFILE: Dockerfile
# DOCKER_REPOSITORY can be used to override the ecommerce/$CI_PROJECT_NAME or ecommerce/$CI_PROJECT_NAME/$APP defaults
# KANIKO_FLAGS can be used to add additional flags to Kaniko
# CONTEXT can be used for subdirectories in monorepos
CONTEXT: .
KANIKO_FLAGS: --skip-tls-verify
image:
name: gcr.io/kaniko-project/executor:debug
script:
- mkdir -p /kaniko/.docker
- export DOCKER_REPOSITORY=${DOCKER_REPOSITORY:-ecommerce/$CI_PROJECT_NAME${APP:+/}$APP}
- export DOCKER_TAG=${CI_COMMIT_REF_SLUG}-$(date ‘+%Y%m%d%H%M’)-${CI_COMMIT_SHORT_SHA}
- echo “{"auths":{"$DOCKER_REGISTRY":{"username":"$DFWP_HARBOR_USER","password":"$DFWP_HARBOR_PASS"}}}” > /kaniko/.docker/config.json
- |
/kaniko/executor
–context $CI_PROJECT_DIR/$CONTEXT/
–dockerfile $CI_PROJECT_DIR/$CONTEXT/$DOCKERFILE
–destination $DOCKER_REGISTRY/$DOCKER_REPOSITORY:$DOCKER_TAG
–destination $DOCKER_REGISTRY/$DOCKER_REPOSITORY:$CI_COMMIT_REF_SLUG-latest
–cache=true
–cache-ttl=12h $KANIKO_FLAGS
rules:
- if: $CI_COMMIT_TAG
when: never
- if: $CI_COMMIT_REF_PROTECTED == “true”
changes:
- $CONTEXT/**/*

Tried the Gitlab variable with protected and unmasking

Hey there,

You have tons of variable concatenation here. My suggestion would be to print out all of those and make sure they are correct, especially $DOCKER_TAG (I’m a bit suspicious about that date command) and $DOCKER_REPOSITORY.

Also, please for the future format your code and logs properly so it’s easier to read.