Can someone help to understand why image digest (SHA) gets changed when imported using ctr
#8176
-
Hi, We have vulnerability scanner which is sensitive of the SHA, It looks at the SHA of running pod image and then it tries to pull image from docker hub. But it fails since the local image SHA does not match with one in remote even though they are same images. Docker pull and load
|
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
The original digest ( $ docker save bitnami/postgresql:13.9.0-debian-11-r21@sha256:6f57d7212b34ed17dc148f08269b1cf15ed278e1395a047e82c713868b0337a1 | tar xv
6f6acf2b77228cd91d2a79f4a770d3fbdf05aa45b0d51d3b4dd3b457c9f481ba/
6f6acf2b77228cd91d2a79f4a770d3fbdf05aa45b0d51d3b4dd3b457c9f481ba/VERSION
6f6acf2b77228cd91d2a79f4a770d3fbdf05aa45b0d51d3b4dd3b457c9f481ba/json
6f6acf2b77228cd91d2a79f4a770d3fbdf05aa45b0d51d3b4dd3b457c9f481ba/layer.tar
f82a58bcec5134210caf952155a1894efa25b87c864096431aa3c27522861dd2/
f82a58bcec5134210caf952155a1894efa25b87c864096431aa3c27522861dd2/VERSION
f82a58bcec5134210caf952155a1894efa25b87c864096431aa3c27522861dd2/json
f82a58bcec5134210caf952155a1894efa25b87c864096431aa3c27522861dd2/layer.tar
fe2ebce8a61abca3e36812e3dc451493844362c0082f031192ad9af7d69008cc.json
manifest.json
$ jq . < manifest.json
[
{
"Config": "fe2ebce8a61abca3e36812e3dc451493844362c0082f031192ad9af7d69008cc.json",
"RepoTags": null,
"Layers": [
"f82a58bcec5134210caf952155a1894efa25b87c864096431aa3c27522861dd2/layer.tar",
"6f6acf2b77228cd91d2a79f4a770d3fbdf05aa45b0d51d3b4dd3b457c9f481ba/layer.tar"
]
}
] (However, |
Beta Was this translation helpful? Give feedback.
The original digest (
sha256:6f57d7212b34ed17dc148f08269b1cf15ed278e1395a047e82c713868b0337a1
) is lost ondocker save
, soctr import
can't reproduce it.