build-push-action: buildx call failed with: failed to solve: rpc error: code = Unknown desc = unexpected status: 403 Forbidden
In continuation of https://github.com/docker/build-push-action/issues/200 Fixing registry URLs and image names didn’t work. Action fails with 403, but with slightly different text. Better descriptive error messages might help a lot.
Error: buildx call failed with: failed to solve: rpc error: code = Unknown desc = unexpected status: 403 Forbidden
jobs:
publish:
name: Publish Image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Preparation
id: prep
run: |
REGISTRY="docker.pkg.github.com"
IMAGE="${REGISTRY}/${{ github.repository }}/${{ github.event.repository.name }}"
TAGS="${IMAGE}:${{ github.sha }}"
if [[ $GITHUB_REF == ref/head/master ]]; then
TAGS="${TAGS},${IMAGE}:latest"
fi
echo ::set-output name=tags::${TAGS}
- name: Docker Buildx setup
uses: docker/setup-buildx-action@v1
- name: Login in to registry
uses: docker/login-action@v1
with:
registry: docker.pkg.github.com
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Push to registry
uses: docker/build-push-action@v2
with:
push: true
file: src/Dockerfile
tags: ${{ steps.prep.outputs.tags }}
Initialization
...
Run docker/login-action@v1
🔑 Logging into docker.pkg.github.com...
🎉 Login Succeeded!
# --------------------
Run docker/build-push-action@v2
📣 Buildx version: 0.4.2
🏃 Starting build...
/usr/bin/docker buildx build --build-arg MY_SECRET="***" --tag docker.pkg.github.com/example-org/my-app/my-app:c7c6023ea9af524234444387000a2553aa20a7f6 --iidfile /tmp/docker-build-push-8RVwsf/iidfile --secret id=GIT_AUTH_TOKEN,src=/tmp/docker-build-push-8RVwsf/tmp-3034-k9IcoU4X5lva --file src/Dockerfile --push https://github.com/example-org/my-app.git#heads/deploy-den-gh-actions
time="2020-10-26T08:08:24Z" level=warning msg="invalid non-bool value for BUILDX_NO_DEFAULT_LOAD: "
#1 [internal] load git source https://github.com/example-org...
#1 0.034 Initialized empty Git repository in /var/lib/buildkit/runc-overlayfs/snapshots/snapshots/1/fs/
#1 0.229 c7c6023ea9af524234444387000a2553aa20a7f6 refs/heads/deploy-den-gh-actions
#1 0.484 From https://github.com/example-org/my-app
#1 0.484 * [new branch] deploy-den-gh-actions -> heads/deploy-den-gh-actions
#1 0.484 * [new branch] deploy-den-gh-actions -> origin/deploy-den-gh-actions
#1 DONE 0.5s
#3 [internal] load metadata for docker.io/library/node:12-alpine
#3 ...
...
# usual build
...
#18 exporting to image
#18 exporting layers
#18 exporting layers 1.0s done
#18 exporting manifest sha256:65a39d9de33f06b9b0bfcc4a1d263b35c11f65619c2d4b8af4253e8620a01b45 done
#18 exporting config sha256:c14e402195f459fe81fa566401906e32668263bc838fe0bcf2ab7c5ed635ce27 done
#18 pushing layers
#18 pushing layers 0.9s done
#18 ERROR: unexpected status: 403 Forbidden
------
> exporting to image:
------
failed to solve: rpc error: code = Unknown desc = unexpected status: 403 Forbidden
Error: buildx call failed with: failed to solve: rpc error: code = Unknown desc = unexpected status: 403 Forbidden
I don’t have full root privileges on that repo. But I definitely can write to that repo. Docs state that everyone with write permissions can push packages.
Using ${{ github.repository_owner }} instead of ${{ github.actor }} as by docs - didn’t work either and outputs new error:
#18 exporting to image
#18 exporting layers
#18 exporting layers 1.2s done
#18 exporting manifest sha256:0c0726d898aa0d899919b55741f97b008a05b638dda4e6773d493c4b5bb7bd24 done
#18 exporting config sha256:f1ca744c973712076749ffaf0917d3786d85fc0f32b488e2f839106c8defce83 done
#18 pushing layers
#18 pushing layers 0.9s done
#18 ERROR: failed commit on ref "layer-sha256:680be72a94bda769d50675fcdbf6f0bfe1474ca61e23131a3dff49b25e390c08": invalid content digest in response: invalid checksum digest format
------
> exporting to image:
------
failed to solve: rpc error: code = Unknown desc = failed commit on ref "layer-sha256:680be72a94bda769d50675fcdbf6f0bfe1474ca61e23131a3dff49b25e390c08": invalid content digest in response: invalid checksum digest format
Error: buildx call failed with: failed to solve: rpc error: code = Unknown desc = failed commit on ref "layer-sha256:680be72a94bda769d50675fcdbf6f0bfe1474ca61e23131a3dff49b25e390c08": invalid content digest in response: invalid checksum digest format
Referenced docs: https://github.com/docker/login-action/tree/ddf06e1fed3619d4c000ccc251072e2f261f532a#github-packages-docker-registry https://docs.github.com/en/free-pro-team@latest/packages/publishing-and-managing-packages/publishing-a-package https://docs.github.com/en/free-pro-team@latest/packages/using-github-packages-with-your-projects-ecosystem/configuring-docker-for-use-with-github-packages
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 15 (3 by maintainers)
We had this issue when trying to push to ghcr.io, doing the steps here solved the problem. https://docs.github.com/en/free-pro-team@latest/packages/getting-started-with-github-container-registry/enabling-improved-container-support
thanks for above comment, that fixed it for me
GHCR images are listed in repo packages sidebar and packages pages. This was fixed a couple weeks ago but was a consistent problem from the beginning.
${{ github.actor }}is the person who triggered the action so that won’t be a good choice for generating tag names as its variable to the PR author.@den-is It’s an org as I can see from your screenshot and as I said in https://github.com/docker/build-push-action/issues/127#issuecomment-696317582:
That’s why I suggest you open a support ticket to GitHub as it seems to be an issue with your org.
@den-is Same as #148 #127. I suggest you open a support ticket to GitHub about this: https://support.github.com/contact (cc. @clarkbw).