Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default docker-containerdriver does not support referencing local images #1176

Closed
3 tasks done
khalil-omer opened this issue Jul 10, 2024 · 1 comment
Closed
3 tasks done

Default docker-containerdriver does not support referencing local images #1176

khalil-omer opened this issue Jul 10, 2024 · 1 comment

Comments

@khalil-omer
Copy link

khalil-omer commented Jul 10, 2024
edited
Loading

Contributing guidelines

I've found a bug, and:

  • The documentation does not mention anything about my problem
  • There are no open or closed issues that are related to my problem

Description

The docker-containerdriver is needed for caching a base image, however it does not support references to local images, requiring falling back to the docker driver, which does not support caching.

Expected behaviour

As long as an image tag is loaded in a prior action step, a subsequent action step should succeed at referencing that image. (This is the actual behavior when using the dockerdriver.)

Actual behaviour

This works fine when using the docker driver, but using the docker-container default driver, as described in this stackoverflow post, even if you build an image locally prior to building a dependent image, the FROM local/base-builder line will lead to this error:

#2 [internal] load metadata for docker.io/local/base-builder:latest
#2 ERROR: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
#3 CANCELED

This occurs regardless of the format of the image name. This occurs despite verifying that the image was successfully built in a prior step and was successfully loaded.

Repository URL

No response

Workflow run URL

No response

YAML workflow

The below version works, but if I remove driver: docker the second image will fail to build despite the first image being visible in the the output of docker images.

- name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          driver: docker

      - name: Build Base Builder Image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Base.Dockerfile
          push: false
          load: true
          tags: local/base-builder
          platforms: linux/arm64
          # cache-from: type=gha
          # cache-to: type=gha,mode=max

      - name: List Docker Images
        run: docker images

      - name: Build and Push Docker Image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./apps/${{ matrix.service }}/Dockerfile
          push: true
          pull: false
          tags: ${{ steps.login-ecr.outputs.registry }}/${{ matrix.service }}:${{ github.sha }}
          platforms: linux/arm64
          # cache-from: type=gha
          # cache-to: type=gha,mode=max

Workflow logs

No response

BuildKit logs

No response

Additional info

No response
@crazy-max
Copy link
Member

Same as #1116 (comment)

You can use a local registry for such case: https://docs.docker.com/build/ci/github-actions/local-registry/

name: ci

on:
  push:

jobs:
  docker:
    runs-on: ubuntu-latest
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          driver-opts: network=host
      
      - name: Build Base Builder Image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Base.Dockerfile
          push: true
          tags: localhost:5000/local/base-builder:latest
          platforms: linux/arm64
          cache-from: type=gha
          cache-to: type=gha,mode=max
      
      - name: Inspect
        run: |
          docker buildx imagetools inspect localhost:5000/local/base-builder:latest

      - name: Build and Push Docker Image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./apps/${{ matrix.service }}/Dockerfile
          push: true
          tags: ${{ steps.login-ecr.outputs.registry }}/${{ matrix.service }}:${{ github.sha }}
          platforms: linux/arm64
          cache-from: type=gha
          cache-to: type=gha,mode=max

You would need to set localhost:5000/local/base-builder:latest in ./apps/${{ matrix.service }}/Dockerfile or better use a build arg like:

ARG BASE_IMAGE=local/base-builder
FROM $BASE_IMAGE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@crazy-max @khalil-omer