You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When Cosign signs containers (after build and push), it downloads layers and publishes an attestation. Cosign doesn't seem to authenticate pull requests to the container registry, which leads to error from Docker Hub.
GitHub registry is not impacted as the throttling is set higher.
CI fails after 2 runs within 1 hour. Then, cannot retry for more than one hour.
Short logs
error during command execution: signing [docker.io/xxx]: accessing entity: GET https://index.docker.io/v2/clemlesne/xxx: TOOMANYREQUESTS: You have reached your pull rate limit.
Full logs
Signing docker.io/clemlesne/blue-agent:bookworm-7.0.1
WARNING: Image reference docker.io/clemlesne/blue-agent:bookworm-7.0.1 uses a tag, not a digest, to identify the image to sign.
This can lead you to sign a different image than the intended one. Please use a
digest (example.com/ubuntu@sha256:abc123...) rather than tag
(example.com/ubuntu:latest) for the input to cosign. The ability to refer to
images by tag will be removed in a future release.
Problem
When Cosign signs containers (after build and push), it downloads layers and publishes an attestation. Cosign doesn't seem to authenticate pull requests to the container registry, which leads to error from Docker Hub.
GitHub registry is not impacted as the throttling is set higher.
Tried to fix with 793908a but hasn't worked.
See:
Impact
CI fails after 2 runs within 1 hour. Then, cannot retry for more than one hour.
Short logs
error during command execution: signing [docker.io/xxx]: accessing entity: GET https://index.docker.io/v2/clemlesne/xxx: TOOMANYREQUESTS: You have reached your pull rate limit.
Full logs
Signing docker.io/clemlesne/blue-agent:bookworm-7.0.1
WARNING: Image reference docker.io/clemlesne/blue-agent:bookworm-7.0.1 uses a tag, not a digest, to identify the image to sign.
This can lead you to sign a different image than the intended one. Please use a
digest (example.com/ubuntu@sha256:abc123...) rather than tag
(example.com/ubuntu:latest) for the input to cosign. The ability to refer to
images by tag will be removed in a future release.
Error: signing [docker.io/clemlesne/blue-agent:bookworm-7.0.1]: accessing entity: GET https://index.docker.io/v2/clemlesne/blue-agent/manifests/bookworm-7.0.1: TOOMANYREQUESTS: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit
main.go:74: error during command execution: signing [docker.io/clemlesne/blue-agent:bookworm-7.0.1]: accessing entity: GET https://index.docker.io/v2/clemlesne/blue-agent/manifests/bookworm-7.0.1: TOOMANYREQUESTS: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit
Deployment
na
Version
b478735
The text was updated successfully, but these errors were encountered: