build-push-action
build-push-action copied to clipboard
docker
After successfully logging into my registry, the image push fails as it's trying against the local IP
Contributing guidelines
- [x] I've read the contributing guidelines and wholeheartedly agree
I've found a bug, and:
- [ ] The documentation does not mention anything about my problem
- [ ] There are no open or closed issues that are related to my problem
Description
I have a registry running locally, externally accessibly via registry.example.com. The Github action can log into my registry fine, but the docker push fails. Has anyone had this before?
Expected behaviour
Docker image pushes to my registry
Actual behaviour
It resolves the internal IP address and tries to push there
#38 [auth] sharing credentials for registry.example.com
#38 DONE 0.0s
#37 exporting to image
#37 33.19 error: failed to copy: failed to do request: Put "https://192.168.1.171/v2/repo-name/blobs/uploads/941b40a9-d6fb-4701-aded-385eec9dcb55?_state=_syVg7StDX9rNYAzmMqpuTIdHItl9e_dkJQ29zDiiO17Ik5hbWUiOiJob3BraW5zb24tY21zIiwiVVVJRCI6Ijk0MWI0MGE5LWQ2ZmItNDcwMS1hZGVkLTM4NWVlYzlkY2I1NSIsIk9mZnNldCI6MCwiU3RhcnRlZEF0IjoiMjAyNC0xMS0zMFQxMDowNjoxNi43MjM4NDAxMDJaIn0%3D&digest=sha256%3A17f01ce0086807fa706f33dba43b139ee9b1f8b38eed3825f6eea4005d7a4d3d": dial tcp 192.168.1.171:443: i/o timeout
Repository URL
No response
Workflow run URL
No response
YAML workflow
- name: Login to My Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.DOCKER_REGISTRY }}
username: ${{ vars.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to My Pull Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.DOCKER_PULL_REGISTRY }}
username: ${{ vars.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWOR
- name: Build Docker image
uses: docker/build-push-action@v6
with:
provenance: false # Fails with or without this, just here from testing
push: true
tags: |
registry.example.com/${{ github.event.repository.name }}:${{ github.sha }}
registry.example.com/${{ github.event.repository.name }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max
env:
BUILDKIT_PROGRESS: plain
DOCKER_BUILDKIT_DEBUG: "true"
Workflow logs
No response
BuildKit logs
Additional info
No response
My nginx config to expose the registry
server {
server_name registry.example.com;
location / {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin 'https://registry-ui.example.com';
add_header Access-Control-Allow-Methods 'GET, OPTIONS, PUT, POST, DELETE';
add_header Access-Control-Allow-Credentials 'true';
add_header Access-Control-Allow-Headers 'Accept, *';
add_header Content-Type text/plain;
add_header Content-Length 0;
return 204;
}
proxy_pass http://192.168.1.171;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
add_header Access-Control-Allow-Origin 'https://registry-ui.example.com';
add_header Access-Control-Allow-Methods 'GET, OPTIONS, PUT, POST, DELETE';
add_header Access-Control-Allow-Credentials 'true';
add_header Access-Control-Allow-Headers 'Accept, *';
client_max_body_size 2G;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/registry.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/registry.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
I'm having the same issue. Been running that local registry for years and this issue only appeared this week.
Maybe worth noting that I upgraded to Docker version 28.5.1 last week. I had been pinned to 28.1.1 for quite a while before this because of some Swarm issue. I also run an old v2 registry version still, I think 2.7.x . I'll try upgrading to 2.8 or 3.0 as soon as I get a chance.
