authenticationjenkinsjenkins-pipelinepipelinedocker-registry

Jenkins pipeline can't push the image


I faced an issue with my Jenkins pipeline. This pipeline have worked for a long time. After that it started to fail with the auth to docker registry error.

unauthorized: User is unauthorized to upload to docker-registry/kong/k/_uploads

There were no changes made in the pipeline. So maybe anyone has an idea what's wrong with the pipeline below?

// scripted pipeline
// script properties with input parameters.Version as string input parameter
properties([
  parameters([
    string(defaultValue: 'latest', description: '', name: 'tag', trim: false)
    ])
])

def registry = [
    url : 'docker-registry-url',
    credentials: "creds"
]

node('dockerhost'){
    stage('checkout'){
        cleanWs()
        checkout scm
    }
    stage('build'){
        // check if file kong_v.txt exists
        if(fileExists(file: 'kong_v.txt')){
            docker.image('python:3.9').withRun() { c ->
                sh "pip3 install jinja2 pyyaml schema"
                sh "python3 generate_dockerfile.py > Dockerfile"
            }
            // parse file, split by new line, filter out comments and empty strings.
            def kong_versions = readFile('kong_v.txt').split('\n').findAll{line -> 
                line.startsWith('#') == false && line.isEmpty() == false
            }
            // for each kong version build docker image
            kong_versions.each{kong_version -> 
                kong_version = kong_version.trim()
                withDockerRegistry(url:"https://$registry.url" ,credentialsId:"$registry.credentials"){
                    sh "docker build --build-arg=KONG_VERSION=$kong_version -t $registry.url/kong/kong-$k:$tag ."
                    sh "docker push $registry.url/kong/kong-$k:$tag"
                }
            }
        } else {
            throw new Exception("kong_v.txt file not found")
        }
    }
}

Solution

  • Thanks to all! It was an issue related to expired registry credentials stored in Jenkins secret. It was fixed after refreshing credentials.