I'm trying to create my first GitHub Docker Compose workflow in order to:
All services images are prefixed with my registry and owner, i.e: registry.digitalocean.com/myregistry/php-prod
. If I run docker compose build --push
locally, it works just fine.
Solution 1 the workflow runs just fine, but doesn't push anything:
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Install doctl
uses: digitalocean/action-doctl@v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
- name: Log in into Container Registry
run: doctl registry login --expiry-seconds 600
- name: Build and push
run: docker compose build --push
Last jobs log lines:
#31 exporting to docker image format
#31 exporting layers
#31 exporting layers 0.4s done
#31 exporting manifest sha256:3f84ebb06488d40b1b70bc1434c5ac5f18da8d2ea730d6e9680d2663705c47e6 done
#31 exporting config sha256:c143d0652b248b4ecd500f8a8a7d9f44cab3968e59dff8e1c073946eee8106a1 done
#31 sending tarball
#31 sending tarball 2.2s done
#31 DONE 2.6s
#32 importing to docker
#32 DONE 1.5s
Solution 2: split the "Build and push" which gives me an authorization error:
- name: Build and push images
run: |
docker compose build
docker compose push
With this step definition, I've got an error about
Pushing caddy: 5bc340f6d4f5 Waiting
unauthorized: access token has insufficient scopes
Error: Process completed with exit code 1.
Why solution 1 doesn't push my images? Why, on the contrary, solution 2 seems to push something but it's failing for the token?
Why finally docker compose build --push
does not push in Github, I could not test fully, but the source shows at least different paths the command may take and I could only see there that the --push
command line option is probably taken into account only if buildkit
¹ is false.
So at the end of the day this is even more a reminder to run
docker compose build && docker compose push
in a pipeline to make it not run into this build gap (you expect the images pushed to the registry, but the images are never pushed).
¹ cf. BuildKit https://docs.docker.com/build/buildkit/