AWS Code Build - Error When Using GitHub Actions - toomanyrequests: You have reached your pull rate limit

1

Hi,

I am using the new feature of CodeBuild of being able to use GitHub Actions

I am getting the following error:

[Container] 2023/07/21 09:11:29 Sending build context to Docker daemon  26.11kB
[Container] 2023/07/21 09:11:29 
[Container] 2023/07/21 09:11:29 Step 1/11 : FROM ruby:3

[Container] 2023/07/21 09:11:29 toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit
[Container] 2023/07/21 09:11:29 ##[error]Docker build failed with exit code 1

And for context my buildspec file looks like this:

version: 0.2
phases:
  build:
    steps:
      - name: "Run JSON Syntax Check"
        uses: limitusus/json-syntax-check@v2
        with:
          pattern: "\\.json$"
      - name: "Lint Dockerfile"
        id: hadolint
        uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf
        with:
          dockerfile: app/Dockerfile
      - name: "Markdown Lint Action"
        uses: articulate/actions-markdownlint@v1
        with:
          config: .config/.markdownlint.json
          ignore: 'changelogs'

Is there a way around this?

There has been an issue raised on this error in the past but the scenario there is when GitHub runners are being used. It looks like there has been an agreement put in place between Docker and GitHub only for when runners are used.

I was also interested to know if AWS would be looking into something similar?

jans
asked a year ago499 views
2 Answers
2

This error occurs when pulling Docker images from DockerHub when starting a new build in CodeBuild. It is due to a limit set by Dockerhub to restrict access for Docker public registries. For anonymous users, as in your situation, the limit is 100 pulls every 6 hours per IP address.

To address this concern, you can consider enabling Docker layer cache in CodeBuild. The steps are:

  1. Open your codeBuild project in CodeBuild console and click on "Edit"
  2. Under "Artifacts" section, expand "Additional configuration"
  3. In "Cache type", choose "Local"
  4. Select "Docker layer cache"
  5. Apply the settings by selecting "Update project"

Another option is to authenticate to DockerHub. This will increase your rate limit to 200 pulls per 6 hour period as stated in DockerHub Download rate limit.

AWS
SUPPORT ENGINEER
Wiem
answered 4 days ago
0

Workaround is to use ECR:

https://stackoverflow.com/questions/65806330/toomanyrequests-you-have-reached-your-pull-rate-limit-you-may-increase-the-lim

aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws

So you can use something like this: (some fields are empty)

 steps:

    - name: Check out code
      uses: actions/checkout@v2
    
    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: 

    - name: Login to Amazon ECR
      id: login-ecr
      uses: aws-actions/amazon-ecr-login@v1

    - name: Build, tag, and push image to Amazon ECR
      env:
        ECR_REGISTRY: 
        ECR_REPOSITORY: 
        IMAGE_TAG: 
      run: |
        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
profile picture
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions