Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How to use google artifact registery for a pipeline service image

payamnj
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 22, 2024

Hi,

 

I am trying to use a docker image from a private google artifact registry as an image for a pipeline service as documented here.

Since Bitbucket doesn’t have support for OIDC for GCP, I created just a user account with required permission to read from the google artifact registry. Also tested the user by pulling an image locally and it worked, but when I am using the same user in the pipeline, I get the 401 unauthorised error with the message, failed to fetch oauth token. Is it a known problem or am I doing something wrong here?

 

I am sure that the username and password are defined correctly in secret variables since I have printed the MD5 of them in the pipeline and it was matched.

 

1 answer

1 accepted

2 votes
Answer accepted
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 24, 2024

Hi @payamnj and welcome to the community!

You can check the details on the following page regarding how to use an image from GCR:

Please feel free to let me know how it goes and if you have any questions.

Kind regards,
Theodora

Gisle Rognerud
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 25, 2024

But this applies for container registry, while in this case it is artifact registry.

I have the same issue, and have checked, checked and triple checked the configuration and it does not seem to work once you switch to artifact registry.

We have tested with a json credentials with ample permissions.

We have tried base64 encoding the json and just pasting it in as a variable

We get:
failed to authorize: failed to fetch anonymous token: unexpected status: 403 Forbidden

payamnj
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 26, 2024

Using the service account json key as it was documented in the link that @Theodora Boudale sent, fixed the issue for me.🙏

@Gisle Rognerud since you are getting 403 may be the problem is that your service-account has permision to access the container registery but not the artifact registery! So I guess if you change the service account permissions it should work.

Like Theodora Boudale likes this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events