I am trying to host a node application using aws ec2 instance. and I am using Docker hub so that i can use GitHub to push the changes. I have created a free tier account in Docker hub and created a repository. and created a cicd.yml file inside .github/workflows. the yml file looks like this
name: Deploy Node Application
on:
push:
branches:
- mern-ec2-docker
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Login to docker hub
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build Docker Image
run: docker build -t ziendocker/zien-backend .
- name: Publish Image to docker hub
run: docker push ziendocker/zien-backend:latest
deploy:
needs: build
runs-on: self-hosted
steps:
- name: Pull image from docker hub
run: docker pull ziendocker/zien-backend
- name: Delete old container
run: docker rm -f nodejs-app-container
- name: Run Docker Container
run: docker run -d -p 4000:4000 --name nodejs-app-container -e MONGO_PASSWORD='${{ secrets.MONGO_PASSWORD }}' ziendocker/zien-backend
The Dockerfile created along looks like this
FROM node:alpine3.18
WORKDIR /app
COPY package.json ./
RUN npm install
COPY . .
EXPOSE 5000
CMD [ "npm","run","start"]
the build job runs successfully, login successfully and the image has been pushed to the Docker hub. But when running the job deploy in Pull image from docker hub results an in an error
Run docker pull ziendocker/zien-backend
docker pull ziendocker/zien-backend shell: /usr/bin/bash -e {0} Using default tag: latest Error response from daemon: pull access denied for ziendocker/zien-backend, repository does not exist or may require 'docker login': denied: requested access to the resource is denied Error: Process completed with exit code 1.
since the image is already published to the docker hub the access credentials are correct.where did i go wrong?
i tried docker pull ziendocker/zien-backend:latest
resulted in same error .changed the initial login to
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
it resulted in
Run docker/login-action@v3
with:
password: ***
ecr: auto
logout: true
Error: Username and password required
tried a new access token from docker. same error on deploy
Both approaches should work, but you are using two different secret variable names (DOCKER_USERNAME
vs DOCKERHUB_USERNAME
). Which one is correct, and are you sure they are configured to secrets
and not variables
?
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
Anyway, the real problem is here:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Login to docker hub
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
...
deploy:
needs: build
runs-on: self-hosted
steps:
- name: Pull image from docker hub
run: docker pull ziendocker/zien-backend
...
You have two different jobs, the first one does the pushing and the other one the pulling. First of all, the login does not persist between jobs. Neither does the runner, each job spins up a fresh one. And that does not apply here anyway since your runners are anyway configured as different.
It's the same if you logged in on your desktop first and expected the pull to work on your brand new laptop next.
So, what you need to do is to just add the login also to the second job:
steps:
- name: Login to docker hub
run: docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
- name: Pull image from docker hub
run: docker pull ziendocker/zien-backend
...
and it should work just by doing that.