chore(release): add registry auth diagnostic to build-live-image
Echoes OWNER, token length, and whoami before the upload so a 401 disambiguates: missing/empty token, bad OWNER resolution, or token authenticating as a different user. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -110,6 +110,24 @@ jobs:
|
|||||||
- name: Build live image
|
- name: Build live image
|
||||||
run: make live-image
|
run: make live-image
|
||||||
|
|
||||||
|
- name: Debug registry auth context
|
||||||
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
echo "OWNER='${OWNER}'"
|
||||||
|
echo "LI_VERSION='${LI_VERSION}'"
|
||||||
|
echo "REGISTRY_URL='${REGISTRY_URL}'"
|
||||||
|
echo "TOKEN_LEN=${#REGISTRY_TOKEN}"
|
||||||
|
# Probe whoami via the token to confirm it authenticates and
|
||||||
|
# resolves to the expected user. A 401 here narrows the
|
||||||
|
# failure to token/secret injection; a 200 with a different
|
||||||
|
# username narrows it to OWNER mismatch.
|
||||||
|
curl -sS -o /tmp/whoami.json -w 'whoami_status=%{http_code}\n' \
|
||||||
|
-H "Authorization: token ${REGISTRY_TOKEN}" \
|
||||||
|
"${REGISTRY_URL}/api/v1/user"
|
||||||
|
echo "whoami body:"
|
||||||
|
cat /tmp/whoami.json
|
||||||
|
echo
|
||||||
|
|
||||||
- name: Publish live-image/${{ env.LI_VERSION }}/
|
- name: Publish live-image/${{ env.LI_VERSION }}/
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|||||||
Reference in New Issue
Block a user