Can't push image to Docker Hub via GitHub Actions using token

Question

I am trying to build a CI pipeline that will build the image and push it to the repository. This is how the pipeline currently looks:

jobs:

  build:

    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: check ENV
      run: env
    - name: Build the Docker image
      run: docker build . --file Dockerfile --tag ${{  github.reponame }}:${{ github.run_number }} --build-arg DB_PASSWORD="${{ secrets.DB_PASSWORD }}"
  
    - name: Build and push
      uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: ${{  github.reponame }}:${{ github.run_number }}

When I'm running the job it fails on the "Build and push" job, this is the error message:

Error: buildx failed with: ERROR: unauthorized: access token has insufficient scopes 

I tried to re-create the token and make sure that it has privileges (currently allowed r/w/d) and all of the other environment variables as well.

Answer 1

Try something like this:

name: Build & Push Docker Image
on:
  push:
    branches:
      - "master"

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: docker/setup-buildx-action@v3
    - uses: docker/login-action@v3
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_PASSWORD }}
    - uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: >
          ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:${{ github.sha }},
          ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }}:latest

Use repository secrets, DOCKERHUB_USERNAME and DOCKERHUB_PASSWORD, to store your Docker Hub credentials.

The docker/build-push-action action will build your image too, so there is no need to have a separate build step.

You can find more information on this here.