Search code examples
githubdocker-composegithub-actions

GitHub workflow action: docker compose build --push does nothing, no errors, but doesn't push?

I'm trying to create my first GitHub Docker Compose workflow in order to:

  • Build a Docker Compose
  • Push images to a custom registry (Digital Ocean)

All services images are prefixed with my registry and owner, i.e: registry.digitalocean.com/myregistry/php-prod. If I run docker compose build --push locally, it works just fine.

Solution 1 the workflow runs just fine, but doesn't push anything:

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Install doctl
        uses: digitalocean/action-doctl@v2
        with:
          token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

      - name: Log in into Container Registry
        run: doctl registry login --expiry-seconds 600

      - name: Build and push
        run: docker compose build --push

Last jobs log lines:

#31 exporting to docker image format
#31 exporting layers
#31 exporting layers 0.4s done
#31 exporting manifest sha256:3f84ebb06488d40b1b70bc1434c5ac5f18da8d2ea730d6e9680d2663705c47e6 done
#31 exporting config sha256:c143d0652b248b4ecd500f8a8a7d9f44cab3968e59dff8e1c073946eee8106a1 done
#31 sending tarball
#31 sending tarball 2.2s done
#31 DONE 2.6s

#32 importing to docker
#32 DONE 1.5s

Solution 2: split the "Build and push" which gives me an authorization error:

- name: Build and push images
  run: |
    docker compose build
    docker compose push

With this step definition, I've got an error about

Pushing caddy: 5bc340f6d4f5 Waiting 
unauthorized: access token has insufficient scopes
Error: Process completed with exit code 1.

Why solution 1 doesn't push my images? Why, on the contrary, solution 2 seems to push something but it's failing for the token?

Solution

  • Why finally docker compose build --push does not push in Github, I could not test fully, but the source shows at least different paths the command may take and I could only see there that the --push command line option is probably taken into account only if buildkit¹ is false.

    So at the end of the day this is even more a reminder to run

    docker compose build && docker compose push

    in a pipeline to make it not run into this build gap (you expect the images pushed to the registry, but the images are never pushed).

    ¹ cf. BuildKit https://docs.docker.com/build/buildkit/