chore(release): add registry auth diagnostic to build-live-image
Echoes OWNER, token length, and whoami before the upload so a 401 disambiguates: missing/empty token, bad OWNER resolution, or token authenticating as a different user. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -110,6 +110,24 @@ jobs:
|
||||
- name: Build live image
|
||||
run: make live-image
|
||||
|
||||
- name: Debug registry auth context
|
||||
run: |
|
||||
set -euo pipefail
|
||||
echo "OWNER='${OWNER}'"
|
||||
echo "LI_VERSION='${LI_VERSION}'"
|
||||
echo "REGISTRY_URL='${REGISTRY_URL}'"
|
||||
echo "TOKEN_LEN=${#REGISTRY_TOKEN}"
|
||||
# Probe whoami via the token to confirm it authenticates and
|
||||
# resolves to the expected user. A 401 here narrows the
|
||||
# failure to token/secret injection; a 200 with a different
|
||||
# username narrows it to OWNER mismatch.
|
||||
curl -sS -o /tmp/whoami.json -w 'whoami_status=%{http_code}\n' \
|
||||
-H "Authorization: token ${REGISTRY_TOKEN}" \
|
||||
"${REGISTRY_URL}/api/v1/user"
|
||||
echo "whoami body:"
|
||||
cat /tmp/whoami.json
|
||||
echo
|
||||
|
||||
- name: Publish live-image/${{ env.LI_VERSION }}/
|
||||
run: |
|
||||
set -euo pipefail
|
||||
|
||||
Reference in New Issue
Block a user