I am modifying my docker-publish file to build a docker image so it can work with Arm64. The previous version was working fine with x86 architecture, but now I need to make it work for Arm 64 so I just changed the way the docker builds the images.
The build process works fine but somehow the git push stopped working and I am getting the error
Error response from daemon: No such image: myimage-arm64:latest
This is my docker-publish.yml
name: Docker
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
env:
IMAGE_NAME: myimage-arm64
jobs:
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
runs-on: ubuntu-latest
if: github.event_name == 'push'
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout#v2
- name: Set up QEMU
uses: docker/setup-qemu-action#v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Prepare multiarch docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Builder create
run: docker buildx create --use
- name: Log into registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
- name: Build image
run: |
docker buildx build \
--tag $IMAGE_NAME \
--file Dockerfile \
--platform linux/arm64 .
- name: Push image
run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
# VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# I changed this so it takes the version from a file on my project
VERSION=$(cat version)
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
###
The two previous echo print the correct stuff
I get the error in these last two lines
###
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
Any help? The push phase was working fine previously and I haven't touched it to make it work with arm64
EDIT 1:
I modified the procedure following the answers but still it does not work (error: tag is needed when pushing to register)
- name: Log into registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
- name: Builder create
run: docker buildx create --use
- name: Build image
run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
VERSION=$(cat version)
echo TAG=$IMAGE_ID:$VERSION
docker buildx build --push \
--tag $IMAGE_ID:$VERSION \
--file Dockerfile \
--platform linux/arm64 .
Precisely, the logs are these ones:
Run IMAGE_ID=docker.pkg.github.com/GiamBoscaro/portfolio-website/$IMAGE_NAME
TAG=docker.pkg.github.com/UserName/RepoName/ImageName:1.2.0
#1 [internal] booting buildkit
#1 sha256:bfa0dddd89a9c970aa189079c1d31d17f7a75edd434bb19ad90432b27b266e3a
#1 pulling image moby/buildkit:buildx-stable-1
#1 pulling image moby/buildkit:buildx-stable-1 0.4s done
#1 creating container buildx_buildkit_intelligent_volhard0
#1 creating container buildx_buildkit_intelligent_volhard0 0.9s done
#1 DONE 1.3s
error: tag is needed when pushing to registry
Error: Process completed with exit code 1.
EDIT 2: Finally fixed the issue. Even if it's not the best way, here's the code that works. I switched over to the new container registry and moved the docker login in the same job of docker buildx:
jobs:
push:
runs-on: ubuntu-latest
if: github.event_name == 'push'
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout#v2
- name: Set up QEMU
uses: docker/setup-qemu-action#v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Prepare multiarch docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Builder create
run: docker buildx create --use
- name: Build image
run: |
IMAGE_ID=ghcr.io/${{ github.actor }}/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
VERSION=$(cat version)
echo TAG=$IMAGE_ID:$VERSION
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
docker buildx build --push \
--tag $IMAGE_ID:$VERSION \
--file Dockerfile.arm \
--platform linux/arm64 .
Buildx runs builds within a separate container, not directly in your docker engine. And the output of buildx does not store the resulting image in the local docker engine. This doesn't work when you get into multi-platform images anyway, so you typically push directly to the registry. It's much more efficient to avoid moving layers around that didn't change in the registry, and allows you to manage multi-platform images (everything loaded into the docker engine is dereferenced to a single platform).
If you really want to save the output to the local docker engine, you can use --load in the buildx command. However, the preferred option is to use the build-push-action that builds your tag directly and pushes it in one step. This would mean reordering your steps to determine the versions and other variables first, and then run the build against that. You can see an example of this in my own project which was assembled from various other docker examples out there.
Here's a quick untested attempt to make that change:
- name: Prepare
id: prep
run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
# VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# I changed this so it takes the version from a file on my project
VERSION=$(cat version)
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
echo ::set-output name=version::${VERSION}
echo ::set-output name=docker_tag::${IMAGE_ID}:${VERSION}
- name: Build and push
uses: docker/build-push-action#v2
with:
context: .
file: Dockerfile
platforms: linux/arm64
push: true
tags: ${{ steps.prep.outputs.docker_tag }}
From the updated question, this is the entire command being run:
docker buildx build --push
The next command to run would be:
--tag $IMAGE_ID:$VERSION ...
I'm sure you're saying "Wait, what? There's a trailing slash, that's a multi-line command!" But there's also whitespace after that slash, so instead of escaping a linefeed, you've escaped a space character. Docker treats that space as the one arg and will attempt to build with the context being a directory named . To fix, remove the trailing whitespace after the backslash.
Related
My goal is to export data from a unit test inside a multistage docker container. I have a docker create, docker cp, and docker rm that work in my terminal but when I added it to my docker-image.yml it fails to run and displays this error "Error: Process completed with exit code .". Also, I added in the unit test code for a github action that can't be accessed since the build fails.
[enter image description here][1]
- name: Build the Docker image
run: |
echo "${{ env.app_version }}"
echo "${{ github.run_number }}"
BUILD_NUMBER=${{ github.run_number }}
VERSION_NUMBER=${{ env.app_version }}
FULL_VERSION=${VERSION_NUMBER}.${BUILD_NUMBER}
docker build . --file Dockerfile --tag placeholder/${SERVICE_NAME}:${FULL_VERSION} --build-arg BUILD_NUMBER=${BUILD_NUMBER}
docker tag placeholder/${SERVICE_NAME}:${FULL_VERSION} placeholder/${SERVICE_NAME}:latest
echo "full_version=$FULL_VERSION" >> $GITHUB_ENV
**docker create --name unit_test test-export
docker cp unit_test:/app/surefire-reports extracted
docker rm unit_test**
# Runs a set of commands using the runners shell
- name: Run a multi-line script
run: |
echo Add other actions to build,
echo test and deploy your project.
ls -lath target/surefire-reports/
- name: Publish Unit Test Results
# You may pin to the exact commit or the version.
# Uses: EnricoMi/publish-unit-test-result-action#4a00ba50806e7658e5005bb91acdb3274714595a
uses: EnricoMi/publish-unit-test-result-action#v1.31
with:
files: target/surefire-reports/*.xml
I had a script previously working from Docker Hub that I now want to run that pulls from GitHub Container registry instead. I'm sure I've got the syntax wrong somehow. I keep going between errors like "can not have using and with" to now, I'm getting a syntax error reporting on link 41 with no error (41 is the third line below).
I basically want to build my Docker image, then push it when my action file changes.
- name: Run step if any of the listed files above change # UPDATE
if: steps.changed-files-specific.outputs.any_changed == 'true'
- uses: docker/login-action#v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- run: |
RELEASEVERSION=11.09
# RELEASEVERSION=$(cat version.txt)
# https://github.community/t/wanting-to-add-a-build-date-and-time-to-my-github-action/220185/6'
#
RELEASEDATE1=$(date +"%m/%d/%YT%H:%M:%S%p")
RELEASEDATE=$(TZ=":US/Pacific" date +%c)
# https://unix.stackexchange.com/questions/164826/date-command-iso-8601-option
RELEASEDATEISO=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
#
# removes any previous lines that might have contained VERSION or DATE (not tested)
perl -ni -e 'next if /^RELEASE(?:VERSION|DATE)=/;print' .env.production
# record in `.env.production`
(
echo "RELEASEVERSION=$RELEASEVERSION"
echo "RELEASEDATE=$RELEASEDATE"
echo "RELEASEDATEISO=$RELEASEDATEISO"
) >> .env.production
echo "Docker webdevsvcc changed so building then pushing..."
docker build . --file Dockerfile --tag ghcr.io/pkellner/svccwebsitedev --tag ghcr.io/pkellner/svccwebsitedev:$RELEASEVERSION
docker push ghcr.io/pkellner/svccwebsitedev --all-tags
I watched a good video on Yaml and that helped a lot. Here is the file that I wanted that works now.
jobs:
build:
runs-on: ubuntu-latest # windows-latest | macos-latest
defaults:
run:
working-directory: ApolloServerSvcc # UPDATE
name: docker build and push
steps:
- name: Checkout code
uses: actions/checkout#v2
# setup Docker buld action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Login to Github Packages
uses: docker/login-action#v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GH_TOKEN }}
- name: Image digest
echo "One or more files in /ApolloServerSvcc changed in branch webdevsvccmobi-release"
run: |
RELEASEVERSION=11.02
# RELEASEVERSION=$(cat version.txt)
# https://github.community/t/wanting-to-add-a-build-date-and-time-to-my-github-action/220185/6'
#
RELEASEDATE1=$(date +"%m/%d/%YT%H:%M:%S%p")
RELEASEDATE=$(TZ=":US/Pacific" date +%c)
# https://unix.stackexchange.com/questions/164826/date-command-iso-8601-option
RELEASEDATEISO=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
#
# removes any previous lines that might have contained VERSION or DATE (not tested)
perl -ni -e 'next if /^RELEASE(?:VERSION|DATE)=/;print' .env.production
# record in `.env`
(
echo "RELEASEVERSION=$RELEASEVERSION"
echo "RELEASEDATE=$RELEASEDATE"
echo "RELEASEDATEISO=$RELEASEDATEISO"
) >> .env
echo "building then pushing..."
docker build . --file Dockerfile --tag ghcr.io/pkellner/apolloserversvccdev:latest --tag ghcr.io/pkellner/apolloserversvccdev:$RELEASEVERSION
docker push ghcr.io/pkellner/apolloserversvccdev --all-tags
Im trying to run a cron job in a digital ocean kubernetes cluster. The image is hosted as a github package. I am getting an authenticatin error when the image is being pulled. I also get the same error when trying to pull directly from docker in the command line. Is that the same problem? Or do I need to auth in 2 differnet places?
docker publish github
source: https://github.com/actions/starter-workflows/blob/aa9d3bc6cc46ac11a53ca196e504d4f901a8de8d/ci/docker-publish.yml
name: Docker
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
env:
# TODO: Change variable to your image's name.
IMAGE_NAME: image
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
ru fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- uses: actions/checkout#v2
- name: Build image
run: docker build . --file Dockerfile --tag $IMAGE_NAME
- name: Log into registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
- name: Push image
run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
docker build . --file Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- uses: actions/checkout#v2
- name: Build image
run: docker build . --file Dockerfile --tag $IMAGE_NAME
- name: Log into registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
- name: Push image
run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
cron service
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: test1
spec:
schedule: "*/15 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: data
image: docker.pkg.github.com/lambda-capital/k8s-test/image:latest
restartPolicy: OnFailure
You can't pull anonymously from docker.pkg.github.com, you'll have to create a dockercfg with some GitHub access token and use it as imagePullSecret.
If you want to publicly host your image on GitHub you can use the newer ghcr.io container registry, which provides anonymous pulling capabilities for public images.
I am trying to use gsutil to copy a file from GCS into a Run container during the build step.
The steps I have tried:
RUN pip install gsutil
RUN gsutil -m cp -r gs://BUCKET_NAME $APP_HOME/artefacts
The error:
ServiceException: 401 Anonymous caller does not have storage.objects.get access to the Google Cloud Storage object.
CommandException: 1 file/object could not be transferred.
The command '/bin/sh -c gsutil -m cp -r gs://BUCKET_NAME $APP_HOME/artefacts' returned a non-zero code: 1
ERROR
ERROR: build step 0 "gcr.io/cloud-builders/docker" failed: step exited with non-zero status: 1
The service account (default compute & cloudbuild) does have access to GCS, and I have also tried to gsutil config -a and with various other flags with no success!
I am not sure on exactly how I should authenticate to successfully access the bucket.
Here my github action job
jobs:
build:
name: Build image
runs-on: ubuntu-latest
env:
BRANCH: ${GITHUB_REF##*/}
SERVICE_NAME: ${{ secrets.SERVICE_NAME }}
PROJECT_ID: ${{ secrets.PROJECT_ID }}
steps:
- name: Checkout
uses: actions/checkout#v2
# Setup gcloud CLI
- uses: google-github-actions/setup-gcloud#master
with:
service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }}
project_id: ${{ secrets.PROJECT_ID }}
export_default_credentials: true
# Download the file locally
- name: Get_file
run: |-
gsutil cp gs://BUCKET_NAME/path/to/file .
# Build docker image
- name: Image_build
run: |-
docker build -t gcr.io/$PROJECT_ID/$SERVICE_NAME .
# Configure docker to use the gcloud command-line tool as a credential helper
- run: |
gcloud auth configure-docker -q
# Push image to Google Container Registry
- name: Image_push
run: |-
docker push gcr.io/$PROJECT_ID/$SERVICE_NAME
You have to set 3 secrets:
SERVICE_ACCOUNT_KEY: which is your service account key file
SERVICE_NAME: the name of your container
PROJECT_ID: the project where to deploy your image
Because you download the file locally, the file is locally present in the Docker build. Then, simply COPY it in the docker file and do what you want with it.
UPDATE
If you want to do this in docker, you can achieve this like that
Dockerfile
FROM google/cloud-sdk:alpine as gcloud
WORKDIR /app
ARG KEY_FILE_CONTENT
RUN echo $KEY_FILE_CONTENT | gcloud auth activate-service-account --key-file=- \
&& gsutil cp gs://BUCKET_NAME/path/to/file .
....
FROM <FINAL LAYER>
COPY --from=gcloud /app/<myFile> .
....
The Docker build command
docker build --build-arg KEY_FILE_CONTENT="YOUR_KEY_FILE_CONTENT" \
-t gcr.io/$PROJECT_ID/$SERVICE_NAME .
YOUR_KEY_FILE_CONTENT depends on your environment. Here some solution to inject it:
On Github Action: ${{ secrets.SERVICE_ACCOUNT_KEY }}
On your local environment: $(cat my_key.json)
I see you tagged Cloud Build,
You can use step like this:
steps:
- name: gcr.io/cloud-builders/gsutil
args: ['cp', 'gs://mybucket/results.zip', 'previous_results.zip']
# operations that use previous_results.zip and produce new_results.zip
- name: gcr.io/cloud-builders/gsutil
args: ['cp', 'new_results.zip', 'gs://mybucket/results.zip']
My aim is to have continuous deployment of a nodejs-express application to my digital ocean droplet.
I have a dockerized nodejs application, I am building an image and pushing the image into github packages registry. Now I want deploy this image into digital ocean droplet using github actions.
How can I do that?
My current github action file is the following:
name: Docker
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
env:
# TODO: Change variable to your image's name.
IMAGE_NAME: image
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker build . --file Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- uses: actions/checkout#v2
- name: Build image
run: docker build . --file Dockerfile --tag $IMAGE_NAME
- name: Log into registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com -u ${{ github.actor }} --password-stdin
- name: Push image
run: |
IMAGE_ID=docker.pkg.github.com/${{ github.repository }}/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
For SCP should the following code be fine? Please correct me if I am not using the correct file name variable here
copy:
# Ensure test job passes before pushing image.
needs: push
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: Copy file via scp
uses: appleboy/scp-action#master
env:
HOST: ${{ secrets.HOST }}
USERNAME: ${{ secrets.USERNAME }}
PORT: ${{ secrets.PORT }}
KEY: ${{ secrets.SSHKEY }}
with:
source: "$IMAGE_NAME"
target: "/usr/images/"
``