Skip to content

Fix manifest digest extraction for multi-arch Docker images#77

Merged
JaredHatfield merged 3 commits intomainfrom
copilot/fix-push-image-issue
Mar 29, 2026
Merged

Fix manifest digest extraction for multi-arch Docker images#77
JaredHatfield merged 3 commits intomainfrom
copilot/fix-push-image-issue

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 29, 2026
edited
Loading

docker buildx imagetools inspect --format '{{.Manifest.Digest}}' is unreliable on the GitHub Actions runner used by this workflow. Instead of returning only the digest, buildx ignores the plain template and emits the default multi-line inspection output (MediaType: application/vnd.oci.image.index.v1+json, etc.), which breaks $GITHUB_OUTPUT parsing.

  • Use the buildx JSON template workaround to extract only the manifest digest:
# Before (broken on this runner)
DIGEST=$(docker buildx imagetools inspect "${IMAGE}:${META_VERSION}" --format '{{.Manifest.Digest}}')

# After
DIGEST=$(docker buildx imagetools inspect "${IMAGE}:${META_VERSION}" --format '{{json .Manifest.Digest}}' | jq -r '.')

This returns a clean single-line sha256:... digest for the multi-arch manifest, which can be safely written to $GITHUB_OUTPUT and passed to actions/attest-build-provenance.

The change is intentionally minimal and scoped to the manifest job in the release Docker workflow.

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

@JaredHatfield
fix: use --raw + sha256sum for manifest digest extraction
ea558e1 
The previous approach using `--format '{{.Manifest.Digest}}'` produced
multi-line output for multi-platform images (OCI index), including
struct fields like MediaType which broke $GITHUB_OUTPUT parsing.

Computing sha256 of the raw manifest bytes is the standard and most
reliable way to get a manifest list digest.

Agent-Logs-Url: https://github.com/UnitVectorY-Labs/hellorest/sessions/c8d87948-abf6-4926-90fd-d919ec581b33

Co-authored-by: JaredHatfield <208119+JaredHatfield@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix issues with image pushing for hellorest Fix manifest digest extraction for multi-arch Docker images Mar 29, 2026
Copilot AI requested a review from JaredHatfield March 29, 2026 17:02
@JaredHatfield
Copy link
Copy Markdown
Member

JaredHatfield commented Mar 29, 2026

@copilot

I think this is totally wrong. Look into this again and come up with the correct solution after performing the appropriate research using subagents.

@JaredHatfield
fix: use buildx json template for manifest digest
5244659 
Agent-Logs-Url: https://github.com/UnitVectorY-Labs/hellorest/sessions/f66800c3-f199-4862-a76d-e1decd80db08

Co-authored-by: JaredHatfield <208119+JaredHatfield@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Mar 29, 2026

@copilot

I think this is totally wrong. Look into this again and come up with the correct solution after performing the appropriate research using subagents.

Updated in 5244659. I re-ran the investigation with subagent research plus local reproduction on docker buildx and switched the workflow to the buildx --format workaround: --format '{{json .Manifest.Digest}}' | jq -r '.'. On this runner, plain {{.Manifest.Digest}} is ignored and emits the multi-line MediaType: output that breaks $GITHUB_OUTPUT; the JSON form returns a clean single-line sha256:... digest.

@JaredHatfield JaredHatfield marked this pull request as ready for review March 29, 2026 17:11
@codecov
Copy link
Copy Markdown

codecov bot commented Mar 29, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0.00%. Comparing base (38a7783) to head (5244659).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files 
@@          Coverage Diff          @@
##            main     #77   +/-   ##
=====================================
  Coverage   0.00%   0.00%           
=====================================
  Files          1       1           
  Lines         17      17           
=====================================
  Misses        17      17

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@JaredHatfield JaredHatfield merged commit 910dd13 into main Mar 29, 2026
5 checks passed
@JaredHatfield JaredHatfield deleted the copilot/fix-push-image-issue branch March 29, 2026 17:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JaredHatfield JaredHatfield Awaiting requested review from JaredHatfield

Assignees

@JaredHatfield JaredHatfield

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JaredHatfield