I recently got this error when running github actions:
Run PROJECT_TAG=cmt-e9ac3476ec1280c5d3594d81094c36c1febe5b8f docker buildx bake --push p1 p2 p3 p4 p5
#1 [myproject internal] load build definition from Dockerfile
#1 transferring dockerfile: 5.05kB done
#1 DONE 0.0s
#2 [myproject internal] load .dockerignore
#2 transferring context: 48B done
#2 DONE 0.0s
#3 [myproject] resolve image config for docker.io/docker/dockerfile:1.4
#3 ERROR: failed to authorize: failed to fetch anonymous token: unexpected status: 429 Too Many Requests
------
> [myproject] resolve image config for docker.io/docker/dockerfile:1.4:
------
Dockerfile:1
--------------------
1 | >>> #syntax=docker/dockerfile:1.4
2 | # 22.04
3 | FROM ubuntu@sha256:a8fe6fd30333dc60fc5306982a7c51385c2091af1e0ee887166b40a905691fd0
--------------------
ERROR: failed to solve: failed to authorize: failed to fetch anonymous token: unexpected status: 429 Too Many Requests
Error: Process completed with exit code 1.
My job that pushed images looks like this:
build:
runs-on: [self-hosted]
needs: project_names
steps:
- name: Create private key to access private repos.
uses: webfactory/ssh-agent@v0.8.0
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
- name: Checkout myproject
uses: actions/checkout@v3
with:
ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
submodules: recursive
- name: Login to docker registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Images
run: |
PROJECT_TAG=cmt-${{ github.sha }} docker buildx bake --load ${{ needs.project_names.outputs.names_space }}
- name: Push Images
run: |
PROJECT_TAG=cmt-${{ github.sha }} docker buildx bake --push ${{ needs.project_names.outputs.names_space }}
It says I am using anonymous token. I thought it logs in by using company token, which is not anonymous, so rate limits are higher.
If I login to github docker registry using:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
Does it mean, this is anonymous login with very little requests limit? Do I need to create custom token for this?
The anonymous login is to Docker Hub is failing:
#3 [myproject] resolve image config for docker.io/docker/dockerfile:1.4
#3 ERROR: failed to authorize: failed to fetch anonymous token: unexpected status: 429 Too Many Requests
Your own login was to a different registry with registry: ${{ env.REGISTRY }}, apparently ghcr.io.
Your logins are specific to the registry, and your credentials to access one registry are not sent to another. To leverage your higher rate limits on Docker Hub, you'll want to also login to that registry (setting the appropriate variables and secrets used here):
- name: Login to docker registry
uses: docker/login-action@v2
with:
username: ${{ env.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
That said, it feels like something else is likely happening here since the docker/dockerfile image does not have rate limits and the error was for fetching the token and not for pulling the manifest. Perhaps there was a temporary outage with Docker's auth server, but none is listed on their status page.