Closed nirbenator closed 10 months ago
Also repro and discussed about it internally with @vvoland.
This is related to https://github.com/moby/buildkit/pull/4299 when pushing to an insecure registry: https://github.com/crazy-max/docker-build-push-action/actions/runs/6623261080/job/17990016733#step:11:377
ERROR: failed to solve: failed to push localhost:8081/test-docker-action/test-docker-action:test-e2e-harbor: failed commit on ref "layer-sha256:46fb11a1eeb257c79f02188ebaefafd1033faa92c06cc5dc46fd8e7973ce26d3": unexpected status from PUT request to http://localhost:8081/v2/test-docker-action/test-docker-action/blobs/uploads/aaef06c7-30d5-4494-8870-149ca532a248?_state=flumGm84a-y-BY9HQc4kW7X66UHHgAMoAEJXL2DklW97Ik5hbWUiOiJ0ZXN0LWRvY2tlci1hY3Rpb24vdGVzdC1kb2NrZXItYWN0aW9uIiwiVVVJRCI6ImFhZWYwNmM3LTMwZDUtNDQ5NC04ODcwLTE0OWNhNTMyYTI0OCIsIk9mZnNldCI6MCwiU3RhcnRlZEF0IjoiMjAyMy0xMC0yNFQwNjo0MDowMC45MjE2NDg2OFoifQ%3D%3D&digest=sha256%3A46fb11a1eeb257c79f02188ebaefafd1033faa92c06cc5dc46fd8e7973ce26d3: 401 Unauthorized
In BuildKit logs: https://github.com/docker/build-push-action/actions/runs/6545574556/job/17774356381#step:25:285
time="2023-10-17T10:03:52Z" level=debug msg="upload changed destination" digest="sha256:c7ce92c2dd2abe5f765108e6155701e9bb84322c4131a8fb40ab603d35ec8296" host="localhost:8081" mediatype=application/vnd.oci.image.layer.v1.tar+gzip scheme=http size=144
...we have this new line in the logs and seems related to the pusher logic in containerd where it strips Authorizer
when scheme/host has changed: https://github.com/containerd/containerd/blob/18c9e7ec4c692cc00b7ac75d86d60685c270d48a/remotes/docker/pusher.go#L247-L255
https://github.com/containerd/containerd/pull/9294 should fix this issue.
@nirbenator Thank you SO much for your workaround!!.
I'm assuming this fix happen by upgrading containerd to version 1.7.8? Yet Jammy repo follow 1.6 lineup https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/ is there easy way to upgrade? Dunno, if the this intended or not.
containerd/jammy-updates 1.7.2-0ubuntu1~22.04.1 amd64
daemon to control runC
containerd.io/jammy,now 1.6.24-1 amd64 [installed]
An open and reliable container runtime
still error on 0.12.4 i was losing my mind i didn't know image tag can be specify to 0.12.2
The fix has not been backported to 0.12. Keep you posted.
@klit79 is it solved for you?
we've been getting 401 errors since the release of 0.12.3 and its promotion to stable using an insecure HTTP registry
we've bypassed it by pinning the old 0.12.2 version when creating buildx builders/.
way to reproduce
toml config:
way to work around: