Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to use google artifact registery for a pipeline service image

payamnj
payamnj April 22, 2024

Hi,

 

I am trying to use a docker image from a private google artifact registry as an image for a pipeline service as documented here.

Since Bitbucket doesn’t have support for OIDC for GCP, I created just a user account with required permission to read from the google artifact registry. Also tested the user by pulling an image locally and it worked, but when I am using the same user in the pipeline, I get the 401 unauthorised error with the message, failed to fetch oauth token. Is it a known problem or am I doing something wrong here?

 

I am sure that the username and password are defined correctly in secret variables since I have printed the MD5 of them in the pipeline and it was matched.

 

Answer
Watch
Like Be the first to like this
172 views

1 answer

1 accepted

2 votes
Answer accepted
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 24, 2024

Hi @payamnj and welcome to the community!

You can check the details on the following page regarding how to use an image from GCR:

Please feel free to let me know how it goes and if you have any questions.

Kind regards,
Theodora

View More Comments
Gisle Rognerud
Gisle Rognerud
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 25, 2024

But this applies for container registry, while in this case it is artifact registry.

I have the same issue, and have checked, checked and triple checked the configuration and it does not seem to work once you switch to artifact registry.

We have tested with a json credentials with ample permissions.

We have tried base64 encoding the json and just pasting it in as a variable

We get:
failed to authorize: failed to fetch anonymous token: unexpected status: 403 Forbidden

Like
payamnj
payamnj April 26, 2024

Using the service account json key as it was documented in the link that @Theodora Boudale sent, fixed the issue for me.🙏

@Gisle Rognerud since you are getting 403 may be the problem is that your service-account has permision to access the container registery but not the artifact registery! So I guess if you change the service account permissions it should work.

Like Theodora Boudale likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events