Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Getting unauthorised for github container registry #232

Open
Sabreen-Parveen opened this issue Jun 28, 2023 · 2 comments
Open

Getting unauthorised for github container registry #232

Sabreen-Parveen opened this issue Jun 28, 2023 · 2 comments

Comments

@Sabreen-Parveen
Copy link

I am using this action to scan images present in github container registry, I have set the registery-username variable to my username and have used ${{ secrets.GITHUB_TOKEN }} for my password. But when the action is running it is giving me unauthorised. To authenticate with GITHUB_TOKEN, I have followed this github doc.

My github action:

scan:
    name: 🛡️ Scan docker images
    runs-on: ubuntu-latest
    permissions:
      packages: read
      contents: read
    needs: get_images
    strategy:
      fail-fast: false
      matrix: ${{ fromJSON(needs.get_images.outputs.images) }}
    steps:
      - name: scan ghcr images
        uses: anchore/scan-action@v3
        if: ${{ startsWith( matrix.images, 'ghcr.io' ) }}
        id: scan-ghcr
        with:
         image: ${{ matrix.images }}
         fail-build: true
         severity-cutoff: critical
         output-format: json
         registry-username: sabreen-parveen
         registry-password: ${{ secrets.GITHUB_TOKEN }}

Error

Getting following warning and error message:
image

image
@lek-x
Copy link

lek-x commented Aug 26, 2023

The same behavior.

Scan-image:
    needs: [Build-docker-Airflow]
    runs-on:
      - self-hosted
    steps:
      - name: Scan image
        uses: anchore/[email protected]
        with:
          image: ${{ env.repo }}/${{ secrets.DOCKER_USERNAME }}/${{ env.image_name }}:$GITHUB_RUN_NUMBER
          fail-build: false
          registry-username: ${{ secrets.DOCKER_USERNAME }}
          registry-password: ${{ secrets.DOCKER_PASSWORD }} 

image

@DaleBinghamSoteriaSoft
Copy link

I get the same still with anchore/scan-action@v3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants