httpbin icon indicating copy to clipboard operation
httpbin copied to clipboard

Published 20 hours ago verified publisher icon psf

Unable to pull or run docker image

Open Guts opened this issue 2 years ago • 16 comments

Running docker commands as copied from readme:

> docker run -p 80:8080 ghcr.io/psf/httpbin
Unable to find image 'ghcr.io/psf/httpbin:latest' locally
docker: Error response from daemon: Head "https://ghcr.io/v2/psf/httpbin/manifests/latest": unauthorized.
See 'docker run --help'.
> docker pull ghcr.io/psf/httpbin
Using default tag: latest
Error response from daemon: Head "https://ghcr.io/v2/psf/httpbin/manifests/latest": unauthorized

Environment:

Ubuntu 22.04.x up to date

> docker --version
Docker version 24.0.5, build ced0996

Guts avatar Aug 31 '23 10:08 Guts

You need to do a docker login first using a Personal Access Token. See this page on Github.

But even so, the pull itself will give a denied so I think there's something on the permissions with this particular image which the author needs to fix since I am able to pull other public images from ghcr.io.

$ echo $CR_PAT | docker login ghcr.io -u smeedy --password-stdin
Login Succeeded
$ docker pull ghcr.io/psf/httpbin

Using default tag: latest
Error response from daemon: denied

Smeedy avatar Sep 18 '23 16:09 Smeedy

Thanks @Smeedy.

So the image is not meant to be publicly used without authentication (quota)?

Guts avatar Sep 21 '23 06:09 Guts

I'm seeing Error response from daemon: denied after having logged in with a token:

$ docker login ghcr.io -u edsu
$ docker pull ghcr.io/psf/httpbin
Using default tag: latest
Error response from daemon: denied

edsu avatar Sep 22 '23 09:09 edsu

@kevin1024 The image is currently not available publicly on ghcr.io. Can something be done with the permissions of the registry? If not, we may need to shift back to docker-hub.

exhuma avatar Sep 28 '23 08:09 exhuma

Thanks @Smeedy.

So the image is not meant to be publicly used without authentication (quota)?

I don't think it's intentional. The deployment/publishing procedure was recently updated with increased automation. As we currently can't push to the original "Kenneth Reitz" namespace we shifted over to ghcr.io. We may need to revise that decision if ghcr.io turns out to be problematic for public hosting.

Note: I am not a maintainer of the project but I am the author of the PR which is responsible for this change.

exhuma avatar Sep 28 '23 08:09 exhuma

Thanks you for your inputs, that helps to wait 😉.

Guts avatar Sep 28 '23 17:09 Guts

Can ghcr support accessing images without authenticating?

sambercovici avatar Oct 18 '23 09:10 sambercovici

Can ghcr support accessing images without authenticating?

I'm pretty sure it does. For example, I'm intensively using GDAL images which have been moved from dockerhub to GHCR: https://github.com/OSGeo/gdal/tree/master/docker

Guts avatar Oct 18 '23 10:10 Guts

Can ghcr support accessing images without authenticating?

I'm pretty sure it does. For example, I'm intensively using GDAL images which have been moved from dockerhub to GHCR: https://github.com/OSGeo/gdal/tree/master/docker Great!

What is different here?

sambercovici avatar Oct 18 '23 10:10 sambercovici

What is different here?

Not sure to get your point.
The difference is the issue's topic: it's not possible to pull (authenticated or not) this repo container package from GHCR.

Guts avatar Oct 18 '23 11:10 Guts

I apologize for the briefness. What I mean is, is it clear why this specific repo is not allowing public access and/or what needs to be changed?

sambercovici avatar Oct 18 '23 11:10 sambercovici

I'm pretty sure it's just an oversight from the migration. I assume that it's only a permission setting for the GitHub project. This needs to be done by one of the project owners/admins. Pinging @kevin1024 again ;)

exhuma avatar Oct 21 '23 14:10 exhuma

Any updates on this? Looks like it's still an issue.

simon-weber avatar Apr 19 '24 13:04 simon-weber

What is different here?

To point out the documentation here, the package needs to be made public. From GitHub docs:

However, in the Container registry, public packages allow anonymous access and can be pulled without authentication or signing in via the CLI.

And these are the instructions about how to make it public to anyone: Configuring visibility of packages for an organization.

There is a publish workflow that publishes the docker image already. So, it is only a matter of the package's visibility configuration.

Maybe @sigmavirus24 @nateprewitt have access to do it?

marcospereira avatar May 17 '24 15:05 marcospereira

@marcospereira please don't mention people. As a general rule, if I could have fixed this already, I would have. I don't have the ability to configure anything about this repository beyond some very basic features around pull requests.

sigmavirus24 avatar May 18 '24 11:05 sigmavirus24

Okay, apologize about that. Where would be the appropriate place to discuss it?

Again, sorry about the noise.

marcospereira avatar May 18 '24 14:05 marcospereira

If the maintainers of this repo are 👍🏼, I'm happy to flip the bit to make the published image public. cc @psf/httpbin

ewdurbin avatar Jun 17 '24 19:06 ewdurbin

I think Kevin was the only one involved with the image, neither Ian or I were involved with the setup for docker. I don't have an issue with making it public, but we may want comment from Kevin first.

nateprewitt avatar Jun 17 '24 19:06 nateprewitt

I think we should make it public!

kevin1024 avatar Jun 18 '24 08:06 kevin1024

It's done!

Screenshot 2024-06-18 at 7 39 01 AM

ewdurbin avatar Jun 18 '24 11:06 ewdurbin

Nice! Thank you.

kevin1024 avatar Jun 18 '24 12:06 kevin1024

Thanks you!

Guts avatar Jun 18 '24 12:06 Guts

@kevin1024 I opened a PR to address the lack of ARM64 images as well: https://github.com/psf/httpbin/pull/46

ewdurbin avatar Jun 18 '24 12:06 ewdurbin