In my workflow, I am building an image and pushing it to local registry
- name: build and push to local registry
uses: docker/build-push-action#v3.3.0
with:
context: ${{ inputs.context }}
file: ${{ inputs.context }}/${{ inputs.dockerfile }}
no-cache: ${{ inputs.no_cache }}
build-args: ${{ inputs.build_args }}
push: true
tags: ${{ env.LOCAL_IMAGE }}
outputs: type=image,oci-mediatypes=false
I then use buildx to copy the image to a GCR registry
- name: copy tagged image to sre gcr
if: inputs.image_build == true
shell: bash
run: |
docker buildx imagetools create \
--tag "${{ steps.set-images.outputs.base }}:${{ inputs.image_tag }}" \
${{ env.LOCAL_IMAGE }}
Instead of having one image created, I get this:
My workflow uses the local registry service for the initial build of a localhost image that is later copied to various gcr registries through the docker buildx imagetools create command.
services:
registry:
image: registry:2
ports:
- 5000:5000
Why is this happening?
We are experiencing the same issue as of yesterday!.
Related
I built an image docker and push it (manually) to my Github packages (private package) then I pull it and run it and it works fine, now I want to share this image with a friend who wants to run it on his PC, I gave him the pull command but he got the following error: docker pull "url" Error response from demon : Head unauthorized
I know it is an authentication issue but since im new to GitHub package I don't know what I have to do to share the image correctly.
any idea about this issue please?
name: Publish Docker image
on:
release:
types: [published]
jobs:
push_to_registry:
name: Push Docker image to Docker Hub
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout#v3
- name: Log in to Docker Hub
uses: docker/login-action#f054a8b539a109f9f41c372932f1ae047eff08c9
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action#98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: my-docker-hub-namespace/my-docker-hub-repository
- name: Build and push Docker image
uses: docker/build-push-action#ad44023a93711e3deb337508980b4b5e9bcdc5dc
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }
I would like to semantic versioning my docker images which are built and pushed to GitHub Container Registry by the GitHub Action.
I found a satisfying solution here: https://stackoverflow.com/a/69059228/12877180
According to the solution I reproduced the following YAML.
name: Docker CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
REGISTRY: ghcr.io
jobs:
build-push:
# needs: build-test
name: Buid and push Docker image to GitHub Container registry
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout the repository
uses: actions/checkout#v2
- name: Login to GitHub Container registry
uses: docker/login-action#v1
env:
USERNAME: ${{ github.actor }}
PASSWORD: ${{ secrets.GITHUB_TOKEN }}
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.USERNAME }}
password: ${{ env.PASSWORD }}
- name: Get lowercase repository name
run: |
echo "IMAGE=${REPOSITORY,,}">>${GITHUB_ENV}
env:
REPOSITORY: ${{ env.REGISTRY }}/${{ github.repository }}
- name: Build and export the image to Docker
uses: docker/build-push-action#v2
with:
context: .
file: ./docker/Dockerfile
target: final
push: true
tags: |
${{ env.IMAGE }}:${{ secrets.MAJOR }}.${{ secrets.MINOR }}
build-args: |
ENVIRONMENT=production
- name: Update Patch version
uses: hmanzur/actions-set-secret#v2.0.0
with:
name: 'MINOR'
value: $((${{ secrets.MINOR }} + 1))
repository: ${{ github.repository }}
token: ${{ secrets.GH_PAT }}
Unfortunately this does not work.
The initial value of the MINOR secret is 0. If the build-push job is executed very first time, the docker image is perfectly pushed to the GHCR with the ghcr.io/my-org/my-repo:0.0 syntax.
The purpose of the build-push job is then increment the MINOR secret by 1.
If the action job build-push is executed again after new event, I get error while trying to build docker image using the incremented tag.
/usr/bin/docker buildx build --build-arg ENVIRONMENT=production --tag ghcr.io/my-org/my-repo:***.*** --target final --iidfile /tmp/docker-build-push-HgjJR7/iidfile --metadata-file /tmp/docker-build-push-HgjJR7/metadata-file --file ./docker/Dockerfile --push .
error: invalid tag "ghcr.io/my-org/my-repo:***.***": invalid reference format
Error: buildx failed with: error: invalid tag "ghcr.io/my-org/my-repo:***.***": invalid reference format
You need to increment the version in a bash command like this:
- name: Autoincrement a new patch version
run: |
echo "NEW_PATCH_VERSION=$((${{ env.PATCH_VERSION }}+1))" >> $GITHUB_ENV
- name: Update patch version
uses: hmanzur/actions-set-secret#v2.0.0
with:
name: 'PATCH_VERSION'
value: ${{ env.NEW_PATCH_VERSION }}
repository: ${{ github.repository }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
Github workflow returns this following error: Error response from daemon: No such image: ghcr.io/organization-project-website/controller:latest. But still pushes my docker image to the registry. Which I find weird.
Here's my yml file. Where the problem happens:
- name: Extract version for controller
id: extract_version_controller
if: steps.changed-files-controller.outputs.any_changed == 'true'
uses: Saionaro/extract-package-version#v1.1.1
with:
path: ./controller
- name: Pushing controller image
if: steps.changed-files-controller.outputs.any_changed == 'true'
run: |
docker tag ${{ env.image_name_controller }} ${{ env.tag }}
docker push ${{ env.tag }}
docker push ${{ env.image_name_controller }}:latest
env:
tag: ${{ env.image_name_controller }}:v${{ steps.extract_version_controller.outputs.version }}.${{ github.run_number }}
I have setup a kubernetes cluster on AWS using kops.
I am trying to automate deployment with github actions.
name: Build and Deploy
on:
push:
branches:
- develop
jobs:
build_docker_image:
- uses: actions/checkout#v2
- name: Build the tagged Docker image
run: docker build --target dev -t org/customer-service-backend:la
push_docker_image_to_github-packages:
- uses: docker/build-push-action#v2
with:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: docker.pkg.github.com
repository: org/customer-service-backend:latest
tag_with_ref: true
deploy_to_kubernetes_cluster:
... what to do here?
I am able to built the image and push to gihub packages.
I have created deployment.yml in the root directory of the repository.
How can I deploy to kubernetes cluster?
Also, I am tagging the images with latest. Is it fine or I need to use GITHUB_REF for tagging?
Update
I am able to configure all the things. I only need to get kubeconfig to authenticate to existing cluster.
name: Build and Deploy
on:
push:
branches:
- develop
jobs:
build_docker_image:
- uses: actions/checkout#v2
- name: Build the tagged Docker image
run: docker build --target dev -t org/customer-service-backend:${{ github.sha }}
push_docker_image_to_github_packages:
needs: build_docker_image
- uses: docker/build-push-action#v2
with:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: docker.pkg.github.com
repository: org/customer-service-backend:${{ github.sha }}
tag_with_ref: true
deploy_to_kubernetes_cluster:
needs: push_docker_image_to_github_packages
name: Set Kubernetes Context
uses: azure/k8s-set-context#v1
with:
method: kubeconfig
kubeconfig: ${{ secrets.KUBE_CONFIG }} # Use secret (https://developer.github.com/actions/managing-workflows/storing-secrets/)
run: |
sed -i'' -e 's/IMAGE_LABEL/${{ github.sha }}/g' deployment.yml
kubectl apply -f deployment.yml
By looking your workflow config file, all the jobs running parallelly.
But, probably it's not what you want.
Pushing image needs a built image and deployment job needs an updated built image.
On Access kubernetes cluster, just access into your cluster and do,
cat $HOME/.kube/config
and copy the output.
Now, create a secret in github with KUBE_CONFIG as environment variable.
Notes - this is one method to access kubernetes cluster, there are other methods as well, choose one that suits your need
name: Build and Deploy
on:
push:
branches:
- develop
jobs:
build_docker_image:
name: Build Docker Image
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout#v2
- name: Build the tagged Docker image
run: docker build --target dev -t your_org/customer-service-backend:${{ github.sha }} .
push_docker_image_to_github_packages:
name: Push Docker Image to Github Packages
needs: build_docker_image
runs-on: ubuntu-latest
steps:
- name: Push Docker Image
uses: docker/build-push-action#v2
with:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: docker.pkg.github.com
repository: your_org/customer-service-backend:${{ github.sha }}
deploy_to_kubernetes_cluster:
name: Deploy to Kubernetes Cluster
needs: push_docker_image_to_github_packages
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout#v2
- name: Set Kubernetes Context
uses: azure/k8s-set-context#v1
with:
method: kubeconfig
kubeconfig: ${{ secrets.KUBE_CONFIG }} # Use secret (https://developer.github.com/actions/managing-workflows/storing-secrets/)
- name: Deploy to Cluster
run: |
sed -i'' -e 's/IMAGE_LABEL/${{ github.sha }}/g' deployment.yml
kubectl apply -f deployment.yml
I have created a GitHub action on repo tag creation. I am successfully able to build and push the Docker image to AWS but, I don't know how to tag the image with the same name of the GitHub tag. Below is my git workflow file
name: Build Docker Image and Push to AWS ECR
on:
push:
tags:
- '*'
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v1
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login#v1
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ secrets.AWS_REGISTRY }}
ECR_REPOSITORY: repo_name
IMAGE_TAG: latest
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
Please help me in replacing the correct value at IMAGE_TAG in the above code
We decided the use the git commit sha as the image tag, as it always represents the unique state of the code.
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: reponame
IMAGE_TAG: ${{ github.sha }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
If you need or prefer to use the commit tag, you just need to extract it from the ref using something like this:
- name: Extract Git Tag
run: echo "GIT_TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
- name: Build, tag, and push image to Amazon ECR
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: reponame
IMAGE_TAG: ${{ env.GIT_TAG }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
Use GITHUB_REF_NAME variable to get latest tag:
name: Bolivia Version - Develop
on:
push:
tags: # <---- only tags, important!!!
- '*'
jobs:
build-version:
runs-on: ubuntu-latest
steps:
- name: Git checkout
uses: actions/checkout#v2
- name: Extract latest tag
run: |
GIT_TAG=$GITHUB_REF_NAME