How to use a mixture of private and public blocks in local mode

I am working with a setup that uses multiple blocks in a single docker-compose.yml file. Some are public ones, and some are private ones.

If I balena push to a fleet there is no issue: the build succeeds and all blocks get deployed fine. However, if I try to push to a machine in local mode, I get one of two outcomes:

By default, the push fails with:

Some services failed to build:
        <service-name>: (HTTP code 404) unexpected - pull access denied for<myorg>/<private-block>, repository does not exist or may require 'docker login': denied: requested access to the resource is denied

which is not surprising because the block is private.

However, when I then set up a registry-secrets.yml following the documentation, and pass it along with the --registry-secrets argument, I now get:

Some services failed to build:
        foxglove-studio: (HTTP code 500) server error - Get "": unauthorized: authentication required 

where the error is about this public block. There is no issue with the private one any more in this case.

It seems that logging into with the provided secrets causes public blocks to become unavailable. Is there a way to get this working? Or if this is a bug, what would be the best place to file this issue?

Hello @sgvandijk first of all welcome to the balena community!

Some questions:

  • Could you please provide more details related to what openBalena and balena CLI versions are you using?
  • Did you use balena login ?

Let’s stay connected

Hello @mpous and thanks!

In the meantime I found my issue: I thought I had seen in the documentation that you can use your BalenaCloud session key as password in the registry secrets, but I guess that’s wrong, and I can’t find where that is mentioned any more now.

I now used a proper API key and all works fine. Sorry for the noise!

1 Like

Thanks for confirming that with your API key worked fine @sgvandijk

Let us know if we can help you more!