login-action icon indicating copy to clipboard operation
login-action copied to clipboard
verified publisher icon docker

Succefull registry login, but I'm getting x509 error during build.

Open Reivax47 opened this issue 2 years ago • 1 comments

Contributing guidelines

I've found a bug, and:

  • [X] The documentation does not mention anything about my problem
  • [X] There are no open or closed issues that are related to my problem

Description

I can managed to login my private registry, but I can't build and push. At the top of my Dockerfile the line : FROM myregistry/myimage:latest failed. I'm getting x509 error.

Expected behaviour

Once login is done, I should build the image using Dockerfile.

Actual behaviour

The build failed with x509 error.

Repository URL

No response

Workflow run URL

No response

YAML workflow

name: ci

on:
  push:
    branches: main

jobs:
  login:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Construction du container
        uses: docker/setup-buildx-action@v3
      - name: Login to myRegistry
        uses: docker/login-action@v3
        with:
          registry: registry.athome.fr
          username: ${{ secrets.REGISTRYNAME }}
          password: ${{ secrets.REGISTRYPASS }}

      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: registry.athome.fr/monrepo:v1

Workflow logs

`

Dockerfile:1
--------------------
   1 | >>> FROM registry.athome.fr/mcusyspreweb:latest
   2 |     LABEL authors="xavier"
   3 |     CMD touch /coucou.txt
--------------------
ERROR: failed to solve: registry.athome.fr/mcusyspreweb:latest: failed to do request: Head "https://registry.athome.fr/v2/mcusyspreweb/manifests/latest": tls: failed to verify certificate: x509: certificate signed by unknown authority
Error: buildx failed with: ERROR: failed to solve: registry.athome.fr/mcusyspreweb:latest: failed to do request: Head "https://registry.athome.fr/v2/mcusyspreweb/manifests/latest": tls: failed to verify certificate: x509: certificate signed by unknown authority

BuildKit logs

No response

Additional info

I can manage to execute this command in the runner : docker login -u blabl -p blabla myrgistry.athome.fr. I've added the registry.crt file in /etc/docker/certs.d/myregistry.athome.fr/registry.crt. Thanks for your help.

Reivax47 avatar Oct 30 '23 14:10 Reivax47

Similar to https://github.com/docker/setup-buildx-action/issues/112#issuecomment-964281972, when using uses: docker/setup-buildx-action@v3 it will create container builder. Therefore you need to set up registry certificates for BuildKit.

crazy-max avatar Oct 30 '23 15:10 crazy-max