One of the differences between AKS and OpenShift, it's that on OpenShift, the internal registry is built-in, so pulls and pushes are mostly automatic for workflows because the operator can access the internal registry via the service account.

However, on AKS (upstream Kubernetes), pushing images built by workflows with Kaniko is not straight-forward. On AKS, there is no internal registry, so you must define a destination registry (like Azure Container Registry, Quay or Dockerhub).

When pushing to dockerhub, this error is thrown:

checking push permission for "docker.io/user/test-osl/greeting:latest": POST https://index.docker.io/v2/user/test-osl/greeting/blobs/uploads/: UNAUTHORIZED: authentication required; [map[Action:pull Class: Name:user/test-osl/greeting Type:repository] map[Action:push Class: Name:user/test-osl/greeting Type:repository]

 
The operator is trying to push into a sub-repository under your DockerHub account user → ns/project:  eg: test-osl/greeting.

On DockerHub, repos are flat. So it's not possible to have a nested repo like test-osl/greeting inside user (It doesn't seem feasible to create it, at least from the web interface).

apiVersion: sonataflow.org/v1alpha08
kind: SonataFlowPlatform
metadata:
  name: sonataflow-platform
spec:
  build:
    config:
      registry:
        address: docker.io/user    # Example: docker.io/mydockerhubuser
        secret: dockerhub-push-secret   # The secret you created
      strategy: operator
      timeout: 5m
  services:
    dataIndex:
      enabled: true
    jobService:
      enabled: true