-
Notifications
You must be signed in to change notification settings - Fork 551
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot push docker image to Google Artifact Registry #171
Comments
Looks like the same issue as docker/setup-buildx-action#29. Can you try my suggestion? cc. @tonistiigi |
@crazy-max it worked! Thank you! |
You tried with:?
|
Yes, exactly. My GCP_SA_KEY is not base64 encoded. |
However above fix does not work for Google's Artifact Registry: europe-west4-docker.pkg.dev, where the problem still persists. |
@jacek-jablonski Looks similar too oras-project/oras#157 (comment). You should ask to Google support about that. |
@jacek-jablonski Will be solved through moby/buildkit#1730 |
@crazy-max thanks for information! |
@jacek-jablonski PR has been merged to master on buildkit repo. Can you test with the following step please? Thanks. - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
driver-opts: image=moby/buildkit:master |
@crazy-max, unfortunately, it still does not work:
|
@jacek-jablonski I believe you need a third path component:
e.g. europe-west4-docker.pkg.dev/xxx/something-else/node:14.13.1-2 |
I could not repro anymore with moby/buildkit:master moby/buildkit#1730 so need a new report with new reproduction details. I was testing with |
I tested the In the logs:
So what @jonjohnsonjr suggested is correct, you need third component in the name. After that everything worked fine again. @jonjohnsonjr Could you look at updating containerd client code https://github.com/containerd/containerd/tree/master/remotes/docker so that it returns a more meaningful error instead of just 400 ? |
It looks like containerd knows how to parse these errors, so I'm not sure why the response body is getting dropped. I see that this error is passed through to the pipereader CloseWithError: https://github.com/containerd/containerd/blob/c408aa90867eb11bd444152a33b1a13da0e5b8f9/remotes/docker/pusher.go#L252 So I would expect that we'd read the error when we go to close the pipe: https://github.com/containerd/containerd/blob/c408aa90867eb11bd444152a33b1a13da0e5b8f9/remotes/docker/pusher.go#L335-L337 But instead we get down to here and see the unexpected status error, which also drops the body: https://github.com/containerd/containerd/blob/c408aa90867eb11bd444152a33b1a13da0e5b8f9/remotes/docker/pusher.go#L351 My guess is that you are racing the goroutine and you need to move this blocking channel read up above the pipe close to allow the goroutine a chance to finish calling CloseWithError before Commit calls Close to check for that error: https://github.com/containerd/containerd/blob/c408aa90867eb11bd444152a33b1a13da0e5b8f9/remotes/docker/pusher.go#L341
Nevermind, looks like this isn't displayed. I assume there's something in containerd like "attempt to parse this response's body as a registry error, otherwise return a reasonable error" somewhere? This seems close. I don't often (ever?) contribute to containerd so I don't have a lot of context here to confidently make this change (though I'm happy to) -- based on git blame: @dmcgowan does my assessment seem reasonable? |
@jacek-jablonski You should now be able to use the default values for - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1 |
@crazy-max I can confirm that it was due to missing repository_id from the path. After adding a new segment, everything works as expected. |
Thanks everyone for your help. |
Hi,
I've got quite a simple workflow using build-push-action v2, but I am unfortunately unable to push image successfully to Google Artifact Registry.
Here is the workflow:
It is failing with:
I tried to debug it using a troubleshooting note, but it seems that ctr accepts only docker login and password, but not GCP's service account JSON file.
Here is a full log of workflow:
1_docker.txt.zip
The text was updated successfully, but these errors were encountered: