fix(build-cds-containers): drop buildkitd-config on ubuntu-latest runners#49
Closed
nvjaxzin wants to merge 1 commit into
Closed
fix(build-cds-containers): drop buildkitd-config on ubuntu-latest runners#49nvjaxzin wants to merge 1 commit into
nvjaxzin wants to merge 1 commit into
Conversation
PR #48 added 'with: buildkitd-config: /etc/buildkit/buildkitd.toml' to the Set up Docker Buildx step in this workflow. That config file is pre-populated on nv-gha-runners but does not exist on GitHub-hosted runners. The build-and-push-images job (and others in this workflow) run on 'ubuntu-latest', so post-merge to main every matrix variant failed with: ##[error]config file /etc/buildkit/buildkitd.toml not found The original rationale for the buildkitd-config setting does not apply to GitHub-hosted runners: those runners pull from Docker Hub with the runner's pre-configured authentication and do not hit the anonymous rate limit that motivated the change in the first place. This revert is scoped only to this workflow. The change in .github/actions/docker-build/action.yml (the composite action consumed by nv-gha-runners-based consumers) is correct and stays in place. Tracks: nvbug 6225636. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: Brian R. Jackson <brijackson@nvidia.com>
nvjaxzin
requested review from
abegnoche,
huaweic-nv,
lachen-nv and
mmou-nv
as code owners
5 tasks
Contributor
Author
abegnoche
approved these changes
May 26, 2026
nvjaxzin
added a commit
that referenced
this pull request
May 26, 2026
…ha-runners refactor(build-cds-containers): run on nv-gha-runners (supersedes #49)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Hotfix for the post-merge failure on `main` introduced by #48. Drops the `buildkitd-config: /etc/buildkit/buildkitd.toml` input from `Set up Docker Buildx` in `build-cds-containers.yml`.
Root cause
The jobs in this workflow run on `runs-on: ubuntu-latest` (GitHub-hosted runners), not `nv-gha-runners`. `/etc/buildkit/buildkitd.toml` is only pre-populated on the latter. As a result, every matrix variant of `build-and-push-images` failed in the post-merge `Build CDS Containers` run with:
```
##[error]config file /etc/buildkit/buildkitd.toml not found
```
Failed run: https://github.com/NVIDIA/dsx-github-actions/actions/runs/26478414457
Why this revert is safe
The fix in #48 targeted Docker Hub anonymous rate limits on self-hosted runners. GitHub-hosted runners pull Docker Hub images using the runner's pre-configured Docker Hub auth, which is not subject to the anonymous rate limit. So this workflow never needed the BuildKit mirror config in the first place.
What stays
Lesson learned (for the audit)
When applying `buildkitd-config: /etc/buildkit/buildkitd.toml`, confirm the surrounding job's `runs-on:` is an nv-gha-runner. The path is platform-specific.
Test plan
Tracks: nvbug 6225636.
cc @huaweic-nv @mmou-nv @abegnoche @lachen-nv