kompose: Unable to push Docker image for service web: Unable to retrieve .docker/config.json authentication details.

I got this error while running: kompose up I have been using the following docker-compose.yml:

version: ‘3’

services: db: image: mysql:5.5 container_name: db-container ports: - “3406:3306” environment: MYSQL_ROOT_PASSWORD: mypassword MYSQL_USER: root MYSQL_DATABASE: mydb web: build: . container_name: web-container command: python3 manage.py runserver 0.0.0.0:8000 volumes: - .:/code image: “ruddra/web-image” ports: - “8000:8000” depends_on: - db

I ran the following commands:

kompose convert --provider=openshift kompose up --provider=openshift

I was able to push to my dockerhub repository using: docker-compose push

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Reactions: 6
  • Comments: 30 (10 by maintainers)

Most upvoted comments

I pushed it manually and removed build from compose file. It worked!

It feels like kompose is having issues accessing the credentials to push the images.

+11
nullifiedaccount on May 21, 2018

@cdrage , I’ve found out what’s the problem. It’s because dockerclient isn’t integrated with osxkeychain. See fsouza/go-dockerclient#677

Also it relates to docker/for-mac#1584 Docker for Mac by default uses osxkeychain for storing credentials.

So the current solution is to edit config.json: { "auths": { "localhost:5000": { "auth": "...base64encoded credentials..." } }, "credsStore": "osxkeychain" } And need to ensure that there are no auths without auth string (fsouza/go-dockerclient#677 (comment) ).

First thank you very much, solve my problems, here I have some supplements. “base64encoded credentials” can be generated by
echo -n “username:password” | base64 -n used to omit ‘\n’ which added by echo

+7
eic-aibee on Dec 3, 2018

@cdrage , I’ve found out what’s the problem. It’s because dockerclient isn’t integrated with osxkeychain. See https://github.com/fsouza/go-dockerclient/issues/677

Also it relates to https://github.com/docker/for-mac/issues/1584 Docker for Mac by default uses osxkeychain for storing credentials.

So the current solution is to edit config.json: { "auths": { "localhost:5000": { "auth": "...base64encoded credentials..." } }, "credsStore": "osxkeychain" } And need to ensure that there are no auths without auth string (https://github.com/fsouza/go-dockerclient/issues/677#issuecomment-360269441 ).

+5
coodix on Jan 24, 2018

So I solved this on OSX by disabling the keychain password storage:

  1. rm ~/.docker/config.json (maybe skip this part actually)
  2. in Docker for Mac preferences, untick “Securely store Docker logins in macOS keychain”
  3. restart Docker for Mac
  4. docker login

Or for glcoud and pushing to gcr: gcloud auth print-access-token | docker login -u oauth2accesstoken --password-stdin https://eu.gcr.io

now your ~/.docker/config.json should contain base64 encoded passwords. Working, not safe though!

If someone gets the keychain storage to work that would be nice…

+3
wuestkamp on Jan 11, 2019

This is still not working properly. I have no idea what’s the problem (permissions? corrupted cache?)

INFO Build key detected. Attempting to build and push image 'x/fetcher'
INFO Building image 'x/fetcher' from directory 'x-fetcher'
INFO Image 'x/fetcher' from directory 'x-fetcher' built successfully
INFO Pushing image 'x/fetcher:latest' to registry 'docker.io'
WARN Unable to retrieve .docker/config.json authentication details. Check that 'docker login' works successfully on the command line.: Failed to read authentication from dockercfg
INFO Authentication credentials are not detected. Will try push without authentication.
INFO Attempting authentication credentials 'docker.io
ERRO Unable to push image 'x/fetcher:latest' to registry 'docker.io'. Error: denied: requested access to the resource is denied
FATA Error while deploying application: k.Transform failed: Unable to push Docker image for service fetcher: unable to push docker image(s). Check that `docker login` works successfully on the command line

note that both docker and docker-compose are pushing properly and I am running macOS 10.14 Mojave.

It seems like a file permission issue with kubernetes, which I’ve installed via homebrew. Also my kubectl is not reading anything from my desktop folder.

+2
PeterBocan on Nov 12, 2018

So I’d like to add a bit to what everyone else has said. The message WARN Unable to retrieve .docker/config.json authentication details seems to be caused by there being ANY empty auth objects in the ~/.docker/config.json file. docker login in many cases seems to create empty auth blocks so doing as the warning tells you can actually make this problem happen. Now if you, like me, do not want to put your personal google credentials into a text file, there is a way to make this work for a JSON key file (as described here https://cloud.google.com/container-registry/docs/advanced-authentication#json_key_file).

Once you have the key file, you can generate a base-64-encoded auth block using the same method they use for the docker login command. Combining that with the answer above from @eic-aibee , what you want to do is run this command: echo -n "_json_key:$(cat key.json)" | base64 which will spit out the auth block to the console.

+1
alanbly on Jan 10, 2019

@huntal seems like not a kompose issue, because docker-compose push is not working too. Maybe wrong dockerhub user namespace. The output shows that you are trying to push to library, this is the official image account… The image format is <you-user-name>/<image-name>:<tag> I think.

+1
hangyan on Mar 28, 2018
Read more comments on GitHub
← kompose: Unable to kompose up my django container from windows or azure cloudshell.
kompose: Unable to push to Google Cloud →