github-action icon indicating copy to clipboard operation
github-action copied to clipboard
verified publisher icon tailscale

Docker Build Action can't push to Tailscale-based registry

Open jamie-at-arkifi opened this issue 1 year ago • 2 comments

I strung together a github actions job with the steps:

  1. tailscale/github-action
  2. docker/setup-qemu-action
  3. sigstore/cosign-install
  4. docker/setup-buildx-action
  5. actions/checkout
  6. docker/metadata-action
  7. docker/build-push-action

(2-7 are pretty much default multi-platform image build pipeline github gives you.)

On my tailnet, I'm running the registry:2 container.

The problem is that when build-push-action goes to push, it can't connect:

ERROR: failed to solve: failed to push registry.redacted.ts.net/repo:tag: failed to do request: Head "https://registry.redacted.ts.net/v2/repo/blobs/sha256:9b215f6cf4b06c007e35fcc4c41c620c3728d5135472a1dd6390bb0d1dccbcd5": dial tcp: lookup registry.redacted.ts.net on 168.63.129.16:53: no such host

Adding some debug steps, I've determined:

  • tailscale status runs and shows a bunch of machines
  • curl -iL http://registry.redacted.ts.net/v2/_catalog shows a blob of JSON from the registry
  • docker pull can pull from that registry

I'm not sure if I need to set buildx to use host networking (similar to https://github.com/tailscale/github-action/issues/101#issuecomment-1889694427) or if I should set up proxy settings, or if Docker in GitHub Actions is just Weird:tm:.

jamie-at-arkifi avatar Jan 31 '24 17:01 jamie-at-arkifi

I found a solution that worked in my case, maybe it will work for you?

henworth avatar Mar 15 '24 13:03 henworth