How can I execute a command (i.e. run) an image which is only part of the (local) build cache in docker (in GHA) and was not pushed to a registry?
The full example here: https://github.com/geoHeil/containerfun
Dockerfile:
FROM ubuntu:latest as builder
RUN echo hello >> asdf.txt
FROM builder as app
RUN cat asdf.txt
ci.yaml GHA workflow:
name: ci
on:
push:
branches:
- main
jobs:
testing:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: cache base builder
uses: docker/build-push-action@v3
with:
push: True
tags: ghcr.io/geoheil/containerfun-cache:latest
target: builder
cache-from: type=gha
cache-to: type=gha,mode=max
- name: build app image (not pushed)
run: docker buildx build --cache-from type=gha --target app --tag ghcr.io/geoheil/containerfun-app:latest .
- name: run some command in image
run: docker run ghcr.io/geoheil/containerfun-app:latest ls /
- name: one some other command in image
run: docker run ghcr.io/geoheil/containerfun-app:latest cat /asdf.txt
When using the pushed image:
docker run ghcr.io/geoheil/containerfun-cache:latest cat /asdf.txt
it works just fine. When using the non-pushed (cached only one) docker fails with:
docker run ghcr.io/geoheil/containerfun-app:latest cat /asdf.txt
fails with
Unable to find image 'ghcr.io/geoheil/containerfun-app:latest' locally
why does it fail? Shouldn`t the image at least reside in the local build cache?
edit
obviously:
- name: fooasdf
#run: docker buildx build --cache-from type=gha --target app --tag ghcr.io/geoheil/containerfun-app:latest --build-arg BUILDKIT_INLINE_CACHE=1 .
uses: docker/build-push-action@v3
with:
push: True
tags: ghcr.io/geoheil/containerfun-app:latest
target: app
cache-from: ghcr.io/geoheil/containerfun-cache:latest
Is a potential workaround, and docker run ghcr.io/geoheil/containerfun-app:latest cat /asdf.txt now works fine. However:
- this is using the registry and not
type=ghaas the cache - requires to push the internal builder image to the registry (what I not want)
- requires to use the image (pull in the run step) from the registry. I would expect to be able to simply run the already existing local image (which was built in the step before
CodePudding user response:
It's failing because now you built the image with buildx and it's available only inside the buildx context. If you have to use the image in docker context, you have to load that image into the docker side by using the parameter --load when you build the image using buildx.
See https://docs.docker.com/engine/reference/commandline/buildx_build/#load
So change the step to something like this
- name: build app image (not pushed)
run: docker buildx build --cache-from type=gha --target app --load --tag ghcr.io/geoheil/containerfun-app:latest .
NOTE: The --load parameter doesn't support multi-arch builds atm