DigitalOcean

Report this

What is the reason for this report?
Question

unauthorized: (Error when pushing container to docr)

Posted on October 17, 2025
Container
sgotting21

By sgotting21

This is seriously starting to piss me off.

I have an image that is being created and needs be uploaded to the container registry via github actions. I try the push 5 times in a loop if it fails because I get this issue:

15f81cb4fcaf: Preparing

12c78616ea99: Preparing

2fec746f27cc: Preparing

99617c34dcef: Preparing

5f70bf18a086: Preparing

83a995c2fab3: Preparing

2d312de0bef3: Preparing

71335cd8ec7d: Preparing

96c3316d3323: Preparing

25bde18331a6: Preparing

698d92e1248d: Preparing

1260506aec83: Preparing

a5ec5ec9d16c: Preparing

83a995c2fab3: Waiting

71335cd8ec7d: Waiting

2d312de0bef3: Waiting

96c3316d3323: Waiting

25bde18331a6: Waiting

698d92e1248d: Waiting

1260506aec83: Waiting

a5ec5ec9d16c: Waiting

unauthorized:

Push failed, retrying in 10s…

There is no rhyme or reason as to when this will work or not. It works sometimes, doesn’t work others. So please fix this issue, as I see others have been dealing with this for a long time now. Here are the github actions:

  • name: Log in to Docker Hub and DigitalOcean run: | echo “${{ secrets.DOCKER_HUB_PASSWORD }}” | docker login -u “${{ secrets.DOCKER_HUB_USER }}” --password-stdin echo “${{ secrets.DO_ACCESS_TOKEN }}” | docker login “${{ secrets.DO_REGISTRY_URL }}” -u “${{ secrets.DO_REGISTRY_USER }}” --password-stdin doctl auth init -t “${{ secrets.DO_ACCESS_TOKEN }}” doctl registry login --access-token “${{ secrets.DO_ACCESS_TOKEN }}”

  • name: Build image run: | cd game-server docker build -t ${{ secrets.DOCKER_HUB_USER }}/${{ secrets.IMAGE_NAME }}:${{ env.TAG }} .

  • name: Tag image for DigitalOcean run: | docker tag ${{ secrets.DOCKER_HUB_USER }}/${{ secrets.IMAGE_NAME }}:${{ env.TAG }}
    ${{ secrets.DO_REGISTRY_URL }}/${{ secrets.DO_REGISTRY_USER }}/${{ secrets.IMAGE_NAME }}:${{ env.TAG }}

  • name: Verify tags exist (debug) run: | docker images | grep ${{ secrets.IMAGE_NAME }} || (echo “Image not found!” && exit 1)

  • name: Push image to DigitalOcean with retries run: | IMAGE=${{ secrets.DO_REGISTRY_URL }}/${{ secrets.DO_REGISTRY_USER }}/${{ secrets.IMAGE_NAME }}:${{ env.TAG }} for i in {1…5}; do echo “Attempt $i: Pushing $IMAGE” if docker push $IMAGE; then echo “Push succeeded on attempt $i” exit 0 else echo “Push failed, retrying in 10s…” sleep 10 fi done echo “Failed to push after 5 attempts” exit 1

Like I said, it works sometimes and doesn’t work others, so it has to be on your guys’ end. It seems to work every time if done from my local machine, but I need this done via github actions



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Eliah
Eliah
October 18, 2025

This kind of flaky “unauthorized” to DigitalOcean’s registry is almost always an auth/config race in CI, not the image itself. Don’t mix ad-hoc docker login and doctl registry login in the same job; pick one and isolate credentials. The most reliable fix in GitHub Actions is to use docker/login-action twice (once for Docker Hub, once for DOCR) and then docker/build-push-action to push. For DOCR the login should be registry: registry.digitalocean.com, username: doctl, password: ${{ secrets.DO_ACCESS_TOKEN }}. Also make sure your target name is lowercase and uses the registry name, not your user, e.g. registry.digitalocean.com/<your-registry>/<repo>:${{ env.TAG }}. In practice that looks like: log in to Docker Hub, log in to DOCR as above, build with tags: registry.digitalocean.com/<registry>/<repo>:${{ env.TAG }}, push: true, and drop the retry loop. If it still intermittently fails, set DOCKER_CONFIG: ${{ runner.temp }}/.docker so Docker Hub and DOCR creds don’t stomp each other, and remove doctl registry login entirely; that combination usually makes the “sometimes unauthorized” go away.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.