MIssing signature for docker.io/dockereng/export-build on notary.docker.io #1177
Description
Contributing guidelines
- I've read the contributing guidelines and wholeheartedly agree
I've found a bug, and:
- The documentation does not mention anything about my problem
- There are no open or closed issues that are related to my problem
Description
The next export-build image being pulled in the "Post Build Container Image" is not signed making it log the following (non-fatal) error when DOCKER_CONTENT_TRUST is set to 1.
Expected behaviour
I would expect docker to successfully validate the docker.io/dockereng/export-build
Actual behaviour
It logs an error:
docker: Error: remote trust data does not exist for docker.io/dockereng/export-build: notary.docker.io does not have trust data for docker.io/dockereng/export-build.
Repository URL
https://github.com/radiorabe/container-image-minio
Workflow run URL
https://github.com/radiorabe/container-image-minio/actions/runs/9877531310/job/27279378066#step:38:8
YAML workflow
# https://github.com/radiorabe/actions/blob/a723e1bc33cde66126868f696f33ddeef36b2890/.github/workflows/release-container.yaml#L161-L175
- name: Push Container Image
id: docker_push
uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v') }}
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha
labels: |
${{ steps.meta.outputs.labels }}
version=${{ steps.meta.outputs.version }}
env:
DOCKER_CONTENT_TRUST: 1Workflow logs
Post job cleanup.
Generating build summary
exporting build record to /home/runner/work/_temp/docker-actions-toolkit-CpVpjs/export
/usr/bin/mkfifo /home/runner/work/_temp/docker-actions-toolkit-CpVpjs/buildx-in-ydNrmq.fifo
/usr/bin/mkfifo /home/runner/work/_temp/docker-actions-toolkit-CpVpjs/buildx-out-aBtBKI.fifo
docker buildx --builder builder-ebe838d3-26c2-40dd-98f5-1e40acdb159a dial-stdio
docker run --rm -i -v /home/runner/.docker/buildx/refs:/buildx-refs -v /home/runner/work/_temp/docker-actions-toolkit-CpVpjs/export:/out docker.io/dockereng/export-build:latest --ref-state-dir=/buildx-refs --node=builder-ebe838d3-26c2-40dd-98f5-1e40acdb159a/builder-ebe838d3-26c2-40dd-98f5-1e40acdb159a0 --ref=ze56eed1flszyge8y94a3b4nk --uid=1001 --gid=127
docker: Error: remote trust data does not exist for docker.io/dockereng/export-build: notary.docker.io does not have trust data for docker.io/dockereng/export-build.
See 'docker run --help'.
Process "docker run" exited with code 125
Warning: Process "docker run" closed with code 125
Removing temp folder /home/runner/work/_temp/docker-actions-toolkit-qMGm2L
Post cache
State not set
ERROR: read unix @->/run/docker.sock: use of closed network connection
Process "buildx dial-stdio" was killed with signal SIGKILL
BuildKit logs
No response
Additional info
No response