I’ve been trying to get Kaniko to push to our DO container registry. Our dev team can do it normally but when I try running Kaniko I end up receiving a 401 unauthorized error.

Using docker to push to the registry works well with the same config.json file and always has.

My Docker Run Command:

docker run \
                      -ti \
                       -v <path-to-project>:/workspace \
                       -v <path-to-docker-creds>/config.json:/kaniko/.docker/ \
                       gcr.io/kaniko-project/executor:debug \
                       --dockerfile /workspace/Dockerfile \
                       --destination "registry.digitalocean.com/<my-org>/<my-image>:<tag>" \
                       --skip-tls-verify \   # I tried with and without this option
                       --context dir:///workspace/ \

Output:

error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for "registry.digitalocean.com/<my-org>/<my-image>:<tag>": creating push check transport for registry.digitalocean.com failed: GET https://api.digitalocean.com/v2/registry/auth?scope=repository%3A<myorg>%2F<image-name>%3Apush%2Cpull&service=registry.digitalocean.com: unexpected status code 401 Unauthorized: {"id": "Unauthorized", "message": "Unable to authenticate you" }