dotnet
`docker login` should not be required for custom public images
In my mind, docker login should not be required for custom public base images. (prepending registry-1. to the image path as per https://github.com/dotnet/sdk-container-builds/issues/293)
<ContainerBaseImage>registry-1.docker.io/appifysheets/appifysheets.containerbaseimage:latest</ContainerBaseImage>
If not logged-in, this exception is returned:
/config/.nuget/packages/microsoft.net.build.containers/0.4.0/build/Microsoft.NET.Build.Containers.targets(195,5): error MSB4018: The "CreateNewImage" task failed unexpectedly.
/config/.nuget/packages/microsoft.net.build.containers/0.4.0/build/Microsoft.NET.Build.Containers.targets(195,5): error MSB4018: Microsoft.NET.Build.Containers.Credentials.CredentialRetrievalException: CONTAINER1008: Failed retrieving credentials for "registry-1.docker.io": No matching auth specified for registry 'registry-1.docker.io' in Docker config '/config/.docker/config.json'.
It works if I do docker login ..
If I remove registry-1 from the image name
<ContainerBaseImage>docker.io/appifysheets/appifysheets.containerbaseimage:latest</ContainerBaseImage>
then I get:
error MSB4018: System.NotImplementedException: CONTAINER2003: The manifest for appifysheets/appifysheets.containerbaseimage:latest from registry https://docker.io/ was an unknown type: text/html.
docker pull works without login for both, docker.io/appifysheets/appifysheets.containerbaseimage:latest and registry-1.docker.io/appifysheets/appifysheets.containerbaseimage:latest
Similar behavior is observed with other container registries, like ghcr.io and baseimage ghcr.io/appifysheets/appifysheets.docker.base:latest
I agree - this is an experience gap between our tooling and the Docker CLI. We should try to detect the 'naieve' scenarios where docker hub isn't specified at all and infer the correct registry URI to use (which is the registry-1 subdomain of docker.io).
I agree - this is an experience gap between our tooling and the Docker CLI. We should try to detect the 'naieve' scenarios where docker hub isn't specified at all and infer the correct registry URI to use (which is the registry-1 subdomain of docker.io).
Main problem is having to authenticate against a public image registry, having to specify registry-1 is a secondary issue.
This is still a problem - our error message when there are no credentials saved for a registry is horrible, too:
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: The "CreateNewImage" task failed unexpectedly. [D:\code\Scratch\custombaseimage\customb
aseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: Microsoft.NET.Build.Containers.Credentials.CredentialRetrievalException: CONTAINER1008:
Failed retrieving credentials for "docker.io": Failed to execute 'C:\Program Files\Docker\Docker\res
ources\bin\docker-credential-desktop.EXE get': [D:\code\Scratch\custombaseimage\custombaseimage.cspro
j]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: credentials not found in native keychain [D:\code\Scratch\custombaseimage\custombaseima
ge.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: ---> Valleysoft.DockerCredsProvider.CredsNotFoundException: Failed to execute 'C:\Prog
ram Files\Docker\Docker\resources\bin\docker-credential-desktop.EXE get': [D:\code\Scratch\custombase
image\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: credentials not found in native keychain [D:\code\Scratch\custombaseimage\custombaseima
ge.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Valleysoft.DockerCredsProvider.NativeStore.ExecuteCredHelper(String command, Stri
ng input) [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Valleysoft.DockerCredsProvider.NativeStore.GetCredentialsAsync(String registry) [
D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Valleysoft.DockerCredsProvider.CredsProvider.GetCredentialsAsync(String registry,
IFileSystem fileSystem, IProcessService processService, IEnvironment environment) [D:\code\Scratch\c
ustombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.AuthHandshakeMessageHandler.GetLoginCredentials(St
ring registry) in /_/src/Containers/Microsoft.NET.Build.Containers/AuthHandshakeMessageHandler.cs:lin
e 294 [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: --- End of inner exception stack trace --- [D:\code\Scratch\custombaseimage\customba
seimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.AuthHandshakeMessageHandler.GetLoginCredentials(St
ring registry) in /_/src/Containers/Microsoft.NET.Build.Containers/AuthHandshakeMessageHandler.cs:lin
e 298 [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.AuthHandshakeMessageHandler.GetAuthenticationAsync
(String registry, String scheme, AuthInfo bearerAuthInfo, CancellationToken cancellationToken) in /_/
src/Containers/Microsoft.NET.Build.Containers/AuthHandshakeMessageHandler.cs:line 151 [D:\code\Scratc
h\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.AuthHandshakeMessageHandler.SendAsync(HttpRequestM
essage request, CancellationToken cancellationToken) in /_/src/Containers/Microsoft.NET.Build.Contain
ers/AuthHandshakeMessageHandler.cs:line 331 [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, Ht
tpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTok
enSource pendingRequestsCts, CancellationToken originalCancellationToken) [D:\code\Scratch\custombase
image\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.DefaultManifestOperations.GetAsync(String reposito
ryName, String reference, CancellationToken cancellationToken) in /_/src/Containers/Microsoft.NET.Bui
ld.Containers/Registry/DefaultManifestOperations.cs:line 31 [D:\code\Scratch\custombaseimage\customba
seimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.Registry.GetImageManifestAsync(String repositoryNa
me, String reference, String runtimeIdentifier, String runtimeIdentifierGraphPath, CancellationToken
cancellationToken) in /_/src/Containers/Microsoft.NET.Build.Containers/Registry/Registry.cs:line 108
[D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.Tasks.CreateNewImage.ExecuteAsync(CancellationToke
n cancellationToken) in /_/src/Containers/Microsoft.NET.Build.Containers/Tasks/CreateNewImage.cs:line
67 [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.NET.Build.Containers.Tasks.CreateNewImage.Execute() in /_/src/Container
s/Microsoft.NET.Build.Containers/Tasks/CreateNewImage.cs:line 34 [D:\code\Scratch\custombaseimage\cus
tombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.Build.BackEnd.TaskExecutionHost.Microsoft.Build.BackEnd.ITaskExecutionH
ost.Execute() [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
C:\Program Files\dotnet\sdk\8.0.100\Containers\build\Microsoft.NET.Build.Containers.targets(202,5): e
rror MSB4018: at Microsoft.Build.BackEnd.TaskBuilder.ExecuteInstantiatedTask(ITaskExecutionHost ta
skExecutionHost, TaskLoggingContext taskLoggingContext, TaskHost taskHost, ItemBucket bucket, TaskExe
cutionMode howToExecuteTask) [D:\code\Scratch\custombaseimage\custombaseimage.csproj]
we need to clean this up - we should not blow up if no credentials can be found ofr a registry.
Note - because of the need for issuing docker login, docker-cli is required to be installed on the box executing dotnet publish
That's not strictly true - the Docker config json can be sorted without using the docker CLI and we'll use it on the SDK. This is how many CI/CD pipelines configure docker auth, for example.
