Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fatal: Not a valid object name during load git source triggered by on: push: (with self-hosted runner) #1083

Closed
3 tasks done
aderk opened this issue Mar 21, 2024 · 5 comments
Closed
3 tasks done

fatal: Not a valid object name during load git source triggered by on: push: (with self-hosted runner) #1083

aderk opened this issue Mar 21, 2024 · 5 comments
Labels
status/needs-more-info

Comments

@aderk
Copy link

aderk commented Mar 21, 2024
edited by crazy-max
Loading

Contributing guidelines

I've found a bug, and:

  • The documentation does not mention anything about my problem
  • There are no open or closed issues that are related to my problem

Description

build-push-action@v5.3.0 fails to get the ref during on: push: trigger (on: pull_request: works as expected). It then falls back to downloading cloning the entire repo (slow).

#1 [internal] load git source https://github.com/OWNER_NAME/REPO_NAME.git#SHA
#1 0.033 Initialized empty Git repository in /var/lib/buildkit/runc-overlayfs/snapshots/snapshots/1/fs/
#1 0.051 fatal: Not a valid object name SHA^{commit}
#1 331.5 From https://github.com/OWNER_NAME/REPO_NAME
#1 331.5  * [new branch]              BRANCH1
#1 331.5  * [new branch]              BRANCH2
...

Succinctly, build-push-action@v5.3.0 succeeds with refs of the form https://github.com/OWNER_NAME/REPO_NAME.git#refs/pull/PULL_NUMBER/merge and fails (with fallback to full clone) with the form https://github.com/OWNER_NAME/REPO_NAME.git#SHA

Expected behaviour

Only the ref w/ depth=1 is fetched (fast) as with on: pull_request: triggers.

Actual behaviour

The whole repo is cloned (slow). In my case it takes 8m instead of 1m

Repository URL

No response

Workflow run URL

No response

YAML workflow

- name: Build Source Image
        uses: docker/build-push-action@v5
        with:
          context: "{{defaultContext}}"
          cache-from: |
            type=registry,ref=REDACTED
            type=registry,ref=REDACTED
          cache-to: type=registry,ref=REDACTED,mode=max
          push: true
          tags: |
            REDACTED-${{ github.sha }}
            REDACTED-latest
          file: REDACTED/Dockerfile.build

Workflow logs

No response

BuildKit logs

No response

Additional info

#638 is somewhat similar, in that the initial error log line is identical fatal: Not a valid object name
@aderk
Copy link
Author

aderk commented Mar 22, 2024

More discussion here: https://stackoverflow.com/questions/72049008/docker-build-push-action-not-a-valid-object-name-outputs-all-branches-and-tag

@willcl-ark willcl-ark mentioned this issue Mar 27, 2024
Closed
@major-mayer
Copy link

Can confirm that this is still a problem.
Switching to file context is a workaround that removes this error.

@crazy-max
Copy link
Member

@aderk Sorry for the delay, do you have a link to your repo? Are you using submodules?

#1 0.051 fatal: Not a valid object name SHA^{commit}

Also this message should not fail your build and still fetch correctly per moby/buildkit#2888.

@crazy-max crazy-max closed this as not planned Won't fix, can't repro, duplicate, stale Jul 22, 2024
@amouat
Copy link

amouat commented Nov 1, 2024

I've been hitting this as well, weirdly removing "permissions" from the YAML seemed to help. I'm planning to open source the repo in a week or so, if I remember I'll post links to the failing action.

@amouat
Copy link

amouat commented Nov 6, 2024

In the meantime this action should reproduce it, I don't think you'll need the Dockerfile:

name: Simple Build

on:
  push:

jobs:
  docker:
    permissions: # needed for signing and attestations
      id-token: write # write seems weird, but it is correct per docs

    runs-on: ubuntu-latest

    steps:
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      -
        name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            amouat/images-bite-back
      -
        name: Build and push
        uses: docker/build-push-action@v6
        with:
          #file: Dockerfile
          platforms: linux/amd64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      -
        name: Attest
        uses: actions/attest-build-provenance@v1
        id: attest
        with:
          subject-name: index.docker.io/images-bite-back
          subject-digest: ${{ steps.build.outputs.digest }}
          push-to-registry: true

If I comment out id-token: write it works, but I can't do attestations then.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/needs-more-info
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@amouat @crazy-max @major-mayer @aderk