docker-credential-gcr: gcloud docker cannot push to gcr.io anymore?

If the goal is to use gcloud docker, you should disassociate docker-credential-gcr as the credential helper for GCR’s repositories. This can be done by removing all credsStore and credHelpers entries from the docker config (~/.docker/config.json) which specify gcr.

seems this is a fairly recent change from gcloud side?

gcloud docker was a hack that was necessary to authenticate GCR’s users before the advent of Docker credential helpers. There is no one way to authenticate all versions of the Docker client in all OSs/environments that we wish to support, which has lead to an increasing number of hacks added on over the years. A few releases ago, we encountered an issue with some newer versions/environments which was fixed by eliminating the usability hack which made gcloud docker a no-op when it detected that docker-credential-gcr was configured.

We believe that an error is the correct decision in this case because it eliminates a major source of confusion and debugging headaches which arise when users are unable to determine how their requests to GCR are being authenticated, and where the access_token originates.

If you use gcloud in both your dev and build environments, one option would be to use the gcloud-specific credential helper, docker-credential-gcloud. docker can be configured to use it using the following command: gcloud beta auth configure-docker, which then allows you to use naked docker push gcr.io... which will automatically be authenticated by the currently active gcloud account’s credentials.

well, never mind, user error 😃 I was trying to push to the wrong project ID.

my bad.

@dekkagaijin , Thanks it works now after updating.

thanks for the explanation @dekkagaijin!