[ubuntu] Update docker to 29.1.5, compose to 2.40.3#13633
Merged
shamil-mubarakshin merged 1 commit intoactions:mainfrom Feb 5, 2026
Merged
[ubuntu] Update docker to 29.1.5, compose to 2.40.3#13633shamil-mubarakshin merged 1 commit intoactions:mainfrom
shamil-mubarakshin merged 1 commit intoactions:mainfrom
Conversation
erik-bershel
approved these changes
Feb 5, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates Docker and Docker Compose versions on Ubuntu 22.04 and Ubuntu 24.04 runner images to address issue #13474. The updates bring Docker from version 28.0.4 to 29.1.5 and Docker Compose from 2.38.2 to 2.40.3.
Changes:
- Updated docker-ce and docker-ce-cli packages from version 28.0.4 to 29.1.5 in Ubuntu toolset files
- Updated docker compose plugin from version 2.38.2 to 2.40.3 in Ubuntu toolset files
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| images/ubuntu/toolsets/toolset-2204.json | Updated Docker and Docker Compose versions for Ubuntu 22.04 |
| images/ubuntu/toolsets/toolset-2404.json | Updated Docker and Docker Compose versions for Ubuntu 24.04 |
dwydler
pushed a commit
to wydler/runner-images-hetzner-cloud
that referenced
this pull request
Feb 6, 2026
dwydler
added a commit
to wydler/runner-images-hetzner-cloud
that referenced
this pull request
Feb 6, 2026
|
This is a bit of a stab in the dark, but one of my jobs (using 29.1.5) now fails with a pretty strange error: The same job from the day before (with 28.0.4) seems fine. The TL;DR of the job is that I build a docker image, push it to GHCR, then pull it back, re-tag it, and push it a second time to GHCR and Docker Hub. The error message suggests that somehow I've built an image that isn't Do you have any gut feeling if this Docker update might not play well with GHCR or something? |
2 tasks
amaanq
added a commit
to obsidiansystems/nix
that referenced
this pull request
Feb 16, 2026
… compression Docker 28+ defaults to the containerd image store, which changes layer compression during `docker push`. The GHA runner image updated Docker to 29.x (actions/runner-images#13633), causing the `nixos/nix:2.33.3` image to balloon from 138 MB to 505 MB compressed, with layers pushed as zstd or uncompressed instead of gzip. OCI clients that only support gzip (e.g. go-containerregistry, used by Concourse CI) fail with "gzip: invalid header". This commit disables the containerd snapshotter in the release workflow before any Docker operations, restoring the classic storage driver that preserves gzip compression through the `docker load` / `docker push` pipeline. Fixes: NixOS#15246
amaanq
added a commit
to amaanq/nix
that referenced
this pull request
Feb 16, 2026
… compression Docker 28+ defaults to the containerd image store, which changes layer compression during `docker push`. The GHA runner image updated Docker to 29.x (actions/runner-images#13633), causing the `nixos/nix:2.33.3` image to balloon from 138 MB to 505 MB compressed, with layers pushed as zstd or uncompressed instead of gzip. OCI clients that only support gzip (e.g. go-containerregistry, used by Concourse CI) fail with "gzip: invalid header". This commit disables the containerd snapshotter in the release workflow before any Docker operations, restoring the classic storage driver that preserves gzip compression through the `docker load` / `docker push` pipeline. Fixes: NixOS#15246
amaanq
added a commit
to amaanq/nix
that referenced
this pull request
Feb 16, 2026
… compression Docker 28+ defaults to the containerd image store, which changes layer compression during `docker push`. The GHA runner image updated Docker to 29.x (actions/runner-images#13633), causing the `nixos/nix:2.33.3` image to balloon from 138 MB to 505 MB compressed, with layers pushed as zstd or uncompressed instead of gzip. OCI clients that only support gzip (e.g. go-containerregistry, used by Concourse CI) fail with "gzip: invalid header". This commit disables the containerd snapshotter in the release workflow before any Docker operations, restoring the classic storage driver that preserves gzip compression through the `docker load` / `docker push` pipeline. Fixes: NixOS#15246
amaanq
added a commit
to obsidiansystems/nix
that referenced
this pull request
Feb 16, 2026
… compression Docker 28+ defaults to the containerd image store, which pushes layers uncompressed instead of gzip. The GHA runner image updated Docker to 29.x (actions/runner-images#13633), causing the `nixos/nix:2.33.3` image to balloon from 138 MB to 505 MB, with all 70 layers pushed as `application/vnd.docker.image.rootfs.diff.tar` instead of `.tar.gzip`. OCI clients that only support gzip (e.g. `go-containerregistry`, used by Concourse CI) fail with "gzip: invalid header". This commit disables the containerd snapshotter in the release workflow before any Docker operations, restoring the classic storage driver that preserves gzip compression through the `docker load` / `docker push` pipeline. Fixes NixOS#15246
amaanq
added a commit
to amaanq/nix
that referenced
this pull request
Feb 16, 2026
… compression Docker 28+ defaults to the containerd image store, which pushes layers uncompressed instead of gzip. The GHA runner image updated Docker to 29.x (actions/runner-images#13633), causing the `nixos/nix:2.33.3` image to balloon from 138 MB to 505 MB, with all 70 layers pushed as `application/vnd.docker.image.rootfs.diff.tar` instead of `.tar.gzip`. OCI clients that only support gzip (e.g. `go-containerregistry`, used by Concourse CI) fail with "gzip: invalid header". This commit disables the containerd snapshotter in the release workflow before any Docker operations, restoring the classic storage driver that preserves gzip compression through the `docker load` / `docker push` pipeline. Fixes NixOS#15246
| { | ||
| "package": "docker-ce-cli", | ||
| "version": "28.0.4" | ||
| "version": "29.1.5" |
There was a problem hiding this comment.
Heads-up, Docker Engine 29.0.0 uses containerd as the default image store now.
containerdimage store is now the default for fresh installs. This doesn't apply to daemons configured withuserns-remap(see moby#47377).-- 29.0.0 (2025-11-10), https://docs.docker.com/engine/release-notes/29/#2900*
This appears to cause behavioral changes with how local vs remote images are chosen. As experienced with our CI breaking, element-hq/synapse#19460 (comment)
To add onto containerd being the problem, previously another developer was experiencing the same problem locally and noticed containerd being the only difference with their setup (resolved after disabling), see element-hq/synapse#18210 (comment)
I'm guessing this is also what is contributing to the problems that @shepmaster is experiencing, #13633 (comment)
There was a problem hiding this comment.
For people following along in this thread, this PR was reverted in #13708
MadLittleMods
added a commit
to element-hq/synapse
that referenced
this pull request
Feb 18, 2026
…mages being chosen over local) (#19475) Fix remote images being chosen over the local ones we just built with Complement in CI (any Docker environment using the `containerd` image store). This problem means that Complement jobs in CI don't actually test against the code from the PR (since 2026-02-10). This PR approaches the problem the same way that @AndrewFerr proposed in #18210. This is better than the alternative listed below as we can just make our code compatible with whatever image store is being used. ### Problem Spawning from #19460 (comment) where we found that our Complement jobs in CI don't actually test against the code from the PR at the moment. This is caused by a change in Docker Engine 29.0.0: > `containerd` image store is now the default for **fresh installs**. This doesn't apply to daemons configured with `userns-remap` (see [moby#47377](moby/moby#47377)). > > *-- 29.0.0 (2025-11-10), https://docs.docker.com/engine/release-notes/29/#2900* And our `ubuntu-latest` GitHub runner (`Current runner version: '2.331.0'`) [points](https://github.com/actions/runner-images/blob/ubuntu24/20260209.23/images/ubuntu/Ubuntu2404-Readme.md) to using Docker client/server `29.1.5` 🎯 This Docker version bump happened on actions/runner-images@416418d (2026-02-10) (`28.0.4` -> `29.1.5`). Specific PR: actions/runner-images#13633 --- I found this because I reviewed and remembered #18210 was a thing that @AndrewFerr ran into. And then running `dockers system prune` also revealed the problematic `containerd` in CI. Checking the Docker changelogs, I found the new default culprit and then could trace down where the GitHub runners made the dependency update. --------- Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
shamil-mubarakshin
added a commit
to shamil-mubarakshin/runner-images
that referenced
this pull request
Feb 20, 2026
4 tasks
erik-bershel
pushed a commit
that referenced
this pull request
Feb 20, 2026
dwydler
added a commit
to wydler/runner-images-hetzner-cloud
that referenced
this pull request
Feb 21, 2026
brittonr
pushed a commit
to brittonr/nix
that referenced
this pull request
Apr 1, 2026
… compression Docker 28+ defaults to the containerd image store, which pushes layers uncompressed instead of gzip. The GHA runner image updated Docker to 29.x (actions/runner-images#13633), causing the `nixos/nix:2.33.3` image to balloon from 138 MB to 505 MB, with all 70 layers pushed as `application/vnd.docker.image.rootfs.diff.tar` instead of `.tar.gzip`. OCI clients that only support gzip (e.g. `go-containerregistry`, used by Concourse CI) fail with "gzip: invalid header". This commit disables the containerd snapshotter in the release workflow before any Docker operations, restoring the classic storage driver that preserves gzip compression through the `docker load` / `docker push` pipeline. Fixes NixOS#15246
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR updates
dockeranddocker composeon ubuntu images:29.1.52.40.3Related issue: #13474
Check list