I am trying to host a node application using aws ec2 instance. and I am using Docker hub so that i can use GitHub to push the changes. I have created a free tier account in Docker hub and created a repository. and created a cicd.yml file inside .github/workflows. the yml file looks like this
name: Deploy Node Application
on:
push:
branches:
- mern-ec2-docker
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Login to docker hub
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker Image
run: docker build -t ziendocker/zien-backend .
- name: Publish Image to docker hub
run: docker push ziendocker/zien-backend:latest
deploy:
needs: build
runs-on: self-hosted
steps:
- name: Pull image from docker hub
run: docker pull ziendocker/zien-backend
- name: Delete old container
run: docker rm -f nodejs-app-container
- name: Run Docker Container
run: docker run -d -p 4000:4000 --name nodejs-app-container -e MONGO_PASSWORD='${{ secrets.MONGO_PASSWORD }}' ziendocker/zien-backend
The Dockerfile created along looks like this
FROM node:alpine3.18
WORKDIR /app
COPY package.json ./
RUN npm install
COPY . .
EXPOSE 5000
CMD [ "npm","run","start"]
the build job runs successfully, login successfully and the image has been pushed to the Docker hub. But when running the job deploy in Pull image from docker hub results an in an error
Run docker pull ziendocker/zien-backend
docker pull ziendocker/zien-backend shell: /usr/bin/bash -e {0} Using default tag: latest Error response from daemon: pull access denied for ziendocker/zien-backend, repository does not exist or may require 'docker login': denied: requested access to the resource is denied Error: Process completed with exit code 1.
since the image is already published to the docker hub the access credentials are correct.where did i go wrong?
i tried docker pull ziendocker/zien-backend:latest resulted in same error .changed the initial login to
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
it resulted in
Run docker/login-action@v3
with:
password: ***
ecr: auto
logout: true
Error: Username and password required
tried a new access token from docker. same error on deploy
Explanation
Both approaches should work, but you are using two different secret variable names (
DOCKER_USERNAMEvsDOCKERHUB_USERNAME). Which one is correct, and are you sure they are configured tosecretsand notvariables?Anyway, the real problem is here:
You have two different jobs, the first one does the pushing and the other one the pulling. First of all, the login does not persist between jobs. Neither does the runner, each job spins up a fresh one. And that does not apply here anyway since your runners are anyway configured as different.
It's the same if you logged in on your desktop first and expected the pull to work on your brand new laptop next.
Solution
So, what you need to do is to just add the login also to the second job:
and it should work just by doing that.