Docker Build Action can't push to Tailscale-based registry

[jamie-at-arkifi]

I strung together a github actions job with the steps:

1. tailscale/github-action
2. docker/setup-qemu-action
3. sigstore/cosign-install
4. docker/setup-buildx-action
5. actions/checkout
6. docker/metadata-action
7. docker/build-push-action

(2-7 are pretty much default multi-platform image build pipeline github gives you.)

On my tailnet, I'm running the registry:2 container.

The problem is that when build-push-action goes to push, it can't connect:

ERROR: failed to solve: failed to push registry.redacted.ts.net/repo:tag: failed to do request: Head "https://registry.redacted.ts.net/v2/repo/blobs/sha256:9b215f6cf4b06c007e35fcc4c41c620c3728d5135472a1dd6390bb0d1dccbcd5": dial tcp: lookup registry.redacted.ts.net on 168.63.129.16:53: no such host

Adding some debug steps, I've determined:

• tailscale status runs and shows a bunch of machines
• curl -iL http://registry.redacted.ts.net/v2/_catalog shows a blob of JSON from the registry
• docker pull can pull from that registry

I'm not sure if I need to set buildx to use host networking (similar to https://github.com/tailscale/github-action/issues/101#issuecomment-1889694427) or if I should set up proxy settings, or if Docker in GitHub Actions is just Weird:tm:.

[henworth]

I found a solution that worked in my case, maybe it will work for you?

[fuomag9]

I found a solution that worked in my case, maybe it will work for you?

    - name: Add hosts to /etc/hosts
      run: |
        sudo echo "1.2.3.4 registry.example.com" | sudo tee -a /etc/hosts

This is how I did it