search

docker / build-push-action

GitHub Action to build and push Docker images with Buildx
https://github.com/marketplace/actions/build-and-push-docker-images
Apache License 2.0
4.11k stars 527 forks source link

Local Image Not Being Recognized in GitHub Actions Workflow #1015

Closed ghost closed 7 months ago

ghost commented 7 months ago

Contributing guidelines

I've found a bug, and:

Description

I am experiencing an issue where a Docker image, built and available locally within a GitHub Actions workflow, is not being recognized in subsequent steps. The workflow attempts to pull the image from an external registry instead of using the local version.

Expected behaviour

The expected behavior is for docker/build-push-action to utilize the locally built Docker image test/base in the GitHub Actions workflow, rather than attempting to pull it from an external registry. This should allow subsequent steps that depend on this image to execute smoothly within the same job.

Actual behaviour

Currently, despite test/base being successfully built and available locally within the GitHub Actions workflow, the docker/build-push-action is attempting to pull this image from an external registry during the build of Dockerfile.ecr. This results in a failure because the image is not found in the external registry, disrupting the continuity of the CI pipeline.

Repository URL

No response

Workflow run URL

No response

YAML workflow

name: CI

on:
  pull_request:

jobs:
  ci_docker:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build Dockerfile.base
        uses: docker/build-push-action@v5
        with:
          file: .github/docker/Dockerfile.base
          push: false
          load: true
          tags: test/base

      - name: List images
        run: docker images

      - name: Build Dockerfile.ecr
        uses: docker/build-push-action@v5
        with:
          file: .github/docker/Dockerfile.ecr
          push: false
          tags: test/ecr:latest

      - name: Build Dockerfile.venv
        uses: docker/build-push-action@v5
        with:
          file: .github/docker/Dockerfile.venv
          push: false
          tags: test/venv:latest

Workflow logs

#0 building with "builder-e71906d5-1461-4cfd-9527-aa15f9ac1cb5" instance using docker-container driver

#1 [internal] load git source https://github.com/test#refs/pull/44/merge
#1 0.307 67b1bcebd5709e106844c481e7f87902800a3f52   refs/pull/44/merge
#1 CACHED

#2 [auth] test/base:pull token for registry-1.docker.io
#2 DONE 0.0s

#3 [internal] load metadata for docker.io/test/base:latest
#3 ERROR: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
------
 > [internal] load metadata for docker.io/test/base:latest:
------
WARNING: No output specified with docker-container driver. Build result will only remain in the build cache. To push result image into registry use --push or to load image into docker use --load
.github/docker/Dockerfile.ecr:3
--------------------
   1 |     # -*- mode: shell-script -*-
   2 |     
   3 | >>> FROM test/base
   4 |     
   5 |     # Copy the scripts needed for setting up the environment
--------------------
ERROR: failed to solve: test/base: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
Error: buildx failed with: ERROR: failed to solve: test/base: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed

BuildKit logs

No response

Additional info

No response

crazy-max commented 7 months ago

This is similar to https://github.com/docker/build-push-action/issues/807

When using the setup-buildx-action, it will create a docker-container builder as explained in the README: https://github.com/docker/setup-buildx-action#about

Build Dockerfile.base step will build and load the image to the store but as you're using a container builder, Build Dockerfile.venv will not have access to the store.

Best is to use a named context so you can use an image in subsequent steps but looking at your workflow I don't think you need a docker-container builder so you can just remove the Set up Docker Buildx step and it will use the docker builder by default which has access to the docker store.

ghost commented 7 months ago

This is similar to #807

When using the setup-buildx-action, it will create a docker-container builder as explained in the README: https://github.com/docker/setup-buildx-action#about

Build Dockerfile.base step will build and load the image to the store but as you're using a container builder, Build Dockerfile.venv will not have access to the store.

Best is to use a named context so you can use an image in subsequent steps but looking at your workflow I don't think you need a docker-container builder so you can just remove the Set up Docker Buildx step and it will use the docker builder by default which has access to the docker store.

Thanks! But if I don't use docker-container, can I use the cache options? It's something I'm going to implement later.

crazy-max commented 7 months ago

if I don't use docker-container, can I use the cache options? It's something I'm going to implement later.

Cache providers like gha are not available with the docker driver atm so yeah you need to use the docker-container builder in that case.