I'm on Linux (RHEL8) trying to use podman to push to an internal quay registry, but I get an error about the "bearer token" when I execute the podman push, as shown below:
podman login -u="quay_robot_username" -p="quay_robot_password" quay.companydomain.com
Login Succeeded!
podman push f8f914cef1ce0cc6314355ae5d16c6d5faf96e595fa1332cf40d26f9c53b9c07 quay.companydomain.com/organization/repository/a890f2e
Getting image source signatures
Error: trying to reuse blob sha256:0c23ed2428e1ef41fdb571789f6968dd47c95135311b1c8bf56462c98581694b at destination: Requesting bearer token: invalid status code from registry 400 (Bad Request)
For username and password, I'm using a quay robot that has write permission for the quay repository.
I understand that quay is looking for Authorization: Bearer <mytoken> in the http request headers.
It would be nice to see the headers of the http requests generated by podman push to verify the presence or absence of the bearer token in the headers. But, given the error, I'm assuming it's not present.
Two questions:
- How do I get the bearer token - if I don't already have it?
I did create an Oauth application in my quay organization and generated an access token there - which I was able to use successfully in a curl request:
curl -X GET -H "Authorization: Bearer <mytoken>" https://quay.companydomain.com/api/v1/repository/organization/myrepository/tag/ | jq
Will that token work for the podman push?
- Once I have the token, how do I include it in the
podman pushcommand's http request?
Note: I was initiating it from a github action, but to simplify things, I'm just trying to get it working on the command line (I get the same error either way).