You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Error: unknown flag: --bug-report
but:
./act_runner-0.2.11-linux-amd64 --version
act_runner version v0.2.11
### Command used with act
```sh
./act_runner daemon --config /etc/act_runner/config.yaml
Describe issue
When docker is correctly logged in to a registry, but the user does not have permission to access the container it is trying to pull, gitea act_runner silently fails the step without providing any feedback on the problem.
Upon a lot of debugging, I reached the error message:
Failed to pull docker image registry.gitlab.com/path_to_the_image_I_want/image_name:hamster: Error response from daemon: Head "https://registry.gitlab.com/v2/path_to_the_image_I_want/image_name/manifests/hamster": denied: access forbidden
The problem is not that access is forbidden, as expected, but that failure is completely silent.
Apologies if this arrives from gitea, but after reviewing the code I see that this issue happens inside act itself, as that's the one that is handling the step.
Link to GitHub repository
No response
Workflow content
jobs:
monolith:
runs-on: ubuntu-lateststeps:
- name: Login to GitLab Registryuses: docker/login-action@v3with:
registry: registry.gitlab.comusername: ${{ secrets.GITLAB_LOGIN }}password: ${{ secrets.GITLAB_TOKEN }}
- uses: actions/checkout@v4
- name: Do somethinguses: docker://registry.gitlab.com/path_to_the_image_I_want/image_name:hamsterwith:
args: echo "We never get to see this"
Relevant log output
Jan 10 20:24:26 dev-01 act_runner[747]: [testing/monolith] [DEBUG] 🐳 docker pull registry.gitlab.com/path_to_the_image_I_want/image_name:hamster
Jan 10 20:24:27 dev-01 act_runner[747]: [testing/workflow] ❌ Failure - Do something
Jan 10 20:24:27 dev-01 act_runner[747]: [testing/workflow] [DEBUG] expression '${{ github.workspace }}/.cache' rewritten to 'format('{0}/.cache', github.workspace)'
Additional information
No response
The text was updated successfully, but these errors were encountered:
Yes, I am aware of the soft mirror, I will still send a PR there too if that works.
The error is being completely eaten, simply because the logDockerResponse receives a nil reader and bails out immediately, and because in this case (where I logged in with a different action), it results in imagePullOptions.RegistryAuth being an empty string, therefore, nothing logs the error.
Mind that this is an edge case, the docker client already has valid credentials, but the credentials are not good enough to reach the image I'm trying to pull (hence the "forbidden" rather than "unauthorized")
The last line in the method returns a nil thus the error ends up being completely eaten.
I have another version with a lot more logging (and some rewrites) I used to troubleshoot this one, but didn't wanted to push that one as I thought that was going to be a lot more intrusive.
Bug report info
Describe issue
When docker is correctly logged in to a registry, but the user does not have permission to access the container it is trying to pull,
gitea act_runner
silently fails the step without providing any feedback on the problem.Upon a lot of debugging, I reached the error message:
The problem is not that access is forbidden, as expected, but that failure is completely silent.
Apologies if this arrives from
gitea
, but after reviewing the code I see that this issue happens insideact
itself, as that's the one that is handling the step.Link to GitHub repository
No response
Workflow content
Relevant log output
Additional information
No response
The text was updated successfully, but these errors were encountered: