build-push-action icon indicating copy to clipboard operation
build-push-action copied to clipboard

Published 20 hours ago verified publisher icon docker

Feature Request: Save and Push

Open deavisdude opened this issue 2 years ago • 4 comments

I would like to be able to use this action to build a docker image, and then both save the image locally AND push it to a container registry. I want to be able to perform other actions on the image like a container image scan as a part of my CI workflow. Currently, I am only able to give either push: true OR outputs: type=docker,dest=/tmp/myimage.tar meaning that I have to do one of the following:

  • build the image twice, once with local outputs and once with a push
  • build the image locally and just use another action/job to do the push
  • go and fetch it from the registry I just pushed it to to perform additional actions

Ideally I would just like to use this action to build my image and push it to the container registry, while retaining a local file for use in other jobs.

deavisdude avatar Nov 22 '22 15:11 deavisdude

This looks similar to https://github.com/moby/buildkit/pull/2760 - currently multiple exporters aren't supported.

You can work around this today by creating multiple invocations of the build-push-action, the invocations after the first won't be re-run (as long as no content has changed), since all the content should be cached.

jedevc avatar Nov 22 '22 15:11 jedevc

@jedevc I followed your idea but, although it uses the cached layers, thus speeding up the process, it still produces "different" images.

ricardo-dematos avatar Jan 10 '23 10:01 ricardo-dematos

It would be nice to have an option to save the image as an artifact. Just to remove the extra duplicated YML to run Docker build twice. Sure, could move that job to a reusable workflow, but that just adds more complexity.

JoshMcCullough avatar May 16 '23 20:05 JoshMcCullough

Is this possible now that https://github.com/moby/buildkit/pull/4134 has merged?

DaAwesomeP avatar Feb 12 '24 05:02 DaAwesomeP

Will be with next Buildx 0.13 and BuildKit 0.13.

crazy-max avatar Feb 29 '24 12:02 crazy-max

@crazy-max I tried using this Github actions configuration but still got the error ERROR: push and load may not be set together at the moment. Any idea why? The needed changes should be in these pre-releases.

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: v0.13.0-rc2
          driver-opts: image=moby/buildkit:v0.13.0-rc3

Setting up successfully:

image

Fail message:

Run docker/build-push-action@v5

Buildx version
  /usr/bin/docker buildx version
  github.com/docker/buildx v0.13.0-rc2 e273a53c88832df6dceebd727a259cae2fd5be88
/usr/bin/docker buildx build --ssh default=/tmp/ssh-XXXXXXeOnRQE/agent.2698 --tag europe-west3-docker.pkg.dev/my-project/my-project/my-project:main --target dev --load --metadata-file /home/runner/work/_temp/docker-actions-toolkit-4m2nWl/metadata-file --push docker/desktop/
ERROR: push and load may not be set together at the moment
Error: buildx failed with: ERROR: push and load may not be set together at the moment

tonynajjar avatar Mar 01 '24 13:03 tonynajjar

@tonynajjar Thanks for trying this out! I'm looking at it and keep you posted.

crazy-max avatar Mar 01 '24 13:03 crazy-max

Ok after looking at it we indeed forgot to handle the push and load shorthand. I tested local changes on my side and it seems to work. I'm opening a PR on buildx repo asap to have this in v0.13.

$ docker buildx --builder builder build --load --push --tag crazymax/test:buildx013 .
...
...
#17 [gobase 3/3] WORKDIR /src
#17 CACHED

#18 importing to docker
#18 DONE 0.0s

#19 exporting to docker image format
#19 exporting layers done
#19 exporting manifest sha256:e00c6a8b8abd1a8894f04bc42ba7790dd4fc65827749131b38c94cc5f7edc542 0.0s done
#19 exporting config sha256:f531890d23f1061bbab561329fd116ed1eb292d96c4d21f5313ca05289a0f573 done
#19 sending tarball 0.1s done
#19 DONE 0.1s

#20 exporting to image
#20 exporting layers done
#20 exporting manifest sha256:c4ec88b12080da795ce65e208b8c63eb46489a8ddc7826903e888d212aeb6c4b 0.0s done
#20 exporting config sha256:f531890d23f1061bbab561329fd116ed1eb292d96c4d21f5313ca05289a0f573 0.0s done
#20 exporting attestation manifest sha256:159347107ebe1d2cf2a50c9202cc66bf7e1fbc71d2021a6552c7ddee3edddd86 0.1s done
#20 exporting manifest list sha256:42572ae22030649847750526830d4324b4eef5d2d16ace609d5ad7cdfa84524d 0.0s done
#20 pushing layers
#20 ...

#21 [auth] crazymax/test:pull,push token for registry-1.docker.io
#21 DONE 0.0s

#20 exporting to image
#20 pushing layers 4.5s done
#20 pushing manifest for docker.io/crazymax/test:buildx013@sha256:42572ae22030649847750526830d4324b4eef5d2d16ace609d5ad7cdfa84524d
#20 pushing manifest for docker.io/crazymax/test:buildx013@sha256:42572ae22030649847750526830d4324b4eef5d2d16ace609d5ad7cdfa84524d 1.2s done
#20 DONE 5.8s

View build details: docker-desktop://dashboard/build/builder/builder0/r4tqwahepxipca10ytz6kwzjl

crazy-max avatar Mar 01 '24 14:03 crazy-max

@tonynajjar Can you try with this step and let us know?:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: https://github.com/crazy-max/buildx.git#multi-load-push
          driver-opts: image=moby/buildkit:v0.13.0-rc3

crazy-max avatar Mar 01 '24 14:03 crazy-max

on it

EDIT: I'm affected by https://www.githubstatus.com/incidents/wcl1sw4mzg60 so it might take a bit longer

tonynajjar avatar Mar 01 '24 14:03 tonynajjar

From my very basic test looks like it works! :rocket:

tonynajjar avatar Mar 01 '24 16:03 tonynajjar

@tonynajjar Just made some tests in this repo as well and looks good: https://github.com/docker/build-push-action/pull/1075

crazy-max avatar Mar 08 '24 13:03 crazy-max

May someone provide an example of the original configuration in question? Is this correct?

uses: docker/build-push-action@v5
with:
  push: true
  outputs: |
    docker,dest=image.tar
  push: true

DaAwesomeP avatar Apr 18 '24 01:04 DaAwesomeP