By vatar
I’ve been trying to get Kaniko to push to our DO container registry. Our dev team can do it normally but when I try running Kaniko I end up receiving a 401 unauthorized error.
Using docker to push to the registry works well with the same config.json file and always has.
My Docker Run Command:
docker run \
-ti \
-v <path-to-project>:/workspace \
-v <path-to-docker-creds>/config.json:/kaniko/.docker/ \
gcr.io/kaniko-project/executor:debug \
--dockerfile /workspace/Dockerfile \
--destination "registry.digitalocean.com/<my-org>/<my-image>:<tag>" \
--skip-tls-verify \ # I tried with and without this option
--context dir:///workspace/ \
Output:
error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for "registry.digitalocean.com/<my-org>/<my-image>:<tag>": creating push check transport for registry.digitalocean.com failed: GET https://api.digitalocean.com/v2/registry/auth?scope=repository%3A<myorg>%2F<image-name>%3Apush%2Cpull&service=registry.digitalocean.com: unexpected status code 401 Unauthorized: {"id": "Unauthorized", "message": "Unable to authenticate you" }
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hey there!
Getting a 401 unauthorized error when using Kaniko to push to your DigitalOcean container registry? That’s no fun. But don’t worry, I’m here to help.
This error usually means that there’s a problem with authentication. So, let’s go through some things to check:
- Make sure you’re using the correct Docker configuration file. This is the file that contains your Docker registry credentials. You can check the contents of the file by running
cat ~/.docker/config.json. If you’re not sure which file to use, you can try mounting the default Docker configuration file into Kaniko’s container using the-vflag. - Check that you’re mounting the configuration file to the correct location. The default location is
/kaniko/.docker. - Make sure your Docker CLI is configured correctly. You can check this by running
docker login. If you’re not sure how to configure your Docker CLI, you can check the documentation. - Double-check the image name and tag. Make sure that you’re trying to push to the correct repository.
- Try skipping TLS verification. This can sometimes help resolve authentication issues, but it’s not recommended for production use. To skip TLS verification, add the
--skip-tls-verifyflag to your Kaniko command. - Review the debug output. Kaniko’s debug output can sometimes provide more information about authentication issues. To enable debug output, add the
--executor=gcr.io/kaniko-project/executor:debugflag to your Kaniko command.
If you’ve gone through all of these steps and you’re still getting a 401 unauthorized error, please let me know. I’ll be happy to help you troubleshoot further.
Hope that this helps!
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.