-
Notifications
You must be signed in to change notification settings - Fork 521
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for multiple image refs of same sha in OCI layout #1544
Comments
Hi @saisatishkarra, thanks for filing the issue. We have a couple of questions over here. Usually these OCI manifests are used, for instance, to list different architectures of the same image (which would have different SHAs), so we are a little bit confused as to why you would have a manifest with two instances of the same exact image (same SHA). Can you provide a few more details about where this manifest came from, what build tool created it, or how to create it, and we can take a closer look? Thanks! |
@tgerla This index manifest is produced when using a build-push-action with multiple tags (list/csv) for a single architecture of the same image. Each tag is considered to produce a separate manifest within the index.json with differing |
There is a potential enhancement we can make in https://github.com/anchore/stereoscope where we check the manifest list, and if all of the digest are equal, we can proceed with the scan. @wagoodman if we find that this is only one single image we can just pick one and go right? I've added this to the backlog as a stereoscope enhancement while we wait for a 2nd from @wagoodman |
@spiffcs Is there an update on this? |
@saisatishkarra just filed a PR in stereoscope to address this. Apologies for the long response time here! |
This PR has been merged so I'll look to get this brought into syft for the next release |
What would you like to be added:
application/vnd.oci.image.index.v1+json
for the same sha in single oci-layoutWhy is this needed:
Needed to avoid scanning twice for images with the same sha and different tag
Additional context:
The text was updated successfully, but these errors were encountered: