Is there a way to share an OCI image between jobs?

docker / build-push-action

GitHub Action to build and push Docker images with Buildx

https://github.com/marketplace/actions/build-and-push-docker-images

Apache License 2.0

4.24k stars 541 forks source link

Is there a way to share an OCI image between jobs? #897

Closed LeviPesin closed 1 year ago

LeviPesin commented 1 year ago

Is there any way to share an image built with type=oci (so that it can contain provenance, for example) between jobs? Using docker load results in an error like open /var/lib/docker/tmp/docker-import-2995601243/blobs/json: no such file or directory -- it seems it works only with type=docker?

crazy-max commented 1 year ago

It works fine on my side:

name: oci

on:
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      -
        name: Build
        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Dockerfile
          outputs: type=oci,dest=/tmp/build.tar
          tags: |
            name/app:latest
            name/app:1.0.0
      -
        name: Load
        run: docker load -i /tmp/build.tar

Can you share a full repro please?

LeviPesin commented 1 year ago

It doesn't work in different jobs -- i.e. when using upload-artifact and download-artifact to share the tarball with image.

christianbundy commented 1 year ago

Yep, the three main options:

Artifacts
Cache
Registry (e.g. GHCR)

IIRC this actions supports cache and registry, which I like more than artifacts either way. Cache and registry are basically equivalent, though I've noticed more GHCR errors using GitHub Actions and I've been on the fence about switching to the cache to avoid flakiness.

LeviPesin commented 1 year ago

I think I will use cache instead of the artifacts then, thank you!