-
Notifications
You must be signed in to change notification settings - Fork 259
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resource tries to pull image with incorrect digest #33
Comments
Hi there! We use Pivotal Tracker to provide visibility into what our team is working on. A story for this issue has been automatically created. The current status is as follows:
This comment, as well as the labels on the issue, will be automatically updated as the status in Tracker changes. |
Don't really know what to tell ya. We collect these versions from the registry API and then just go back and try to fetch them from the same registry. Sounds like your registry is broken or inconsistent? Are you running a v2 registry? |
I've been hit by this too, today when we upgraded the registry from from 2.3.0 to 2.4.0. @martinsbalodis Are you be any chance running a registry version >= 2.3.1? I think this change is causing the problem: distribution/distribution@d7eb5d1 It seems the docker-image Running the docker-image resource returns a digest that can't be pulled:
Fetching the manifest via curl gets me the same hash which is the v1 manifest digest
When explicitly requesting the v2 manifest header I get different digest which can be pulled
|
This is a fix for concourse#33 This fixes discovering digests on docker distribution >= 2.3.1 by explicitly requesting schema v2 manifests. Before distribution 2.3.1 the v2 schema v1 manifests contained the v2 schema digest by accident which was fixed with this commit distribution/distribution@d7eb5d1. docker pull (at least on recent versions of docker) only works with v2 digest. So this only worked by accident until it was fixed.
I think I found the problem. The docker-image-resource might be looking at the wrong digest. I dumped the communication between docker-registry and docker-image-resource with tcpdump. Below is a request that is made by the docker-image-resource client. It seems that it is requesting the manifest of the image. The docker-registry responds with a
The next request made to the docker-registry looks like this:
|
@martinsbalodis The |
Closing this out as @databus23's PR was merged (thanks!). This will be in the next release. |
…equired for fix: concourse/docker-image-resource#33) Signed-off-by: Dennis Leon <dleon@pivotal.io>
…rhub. (Required for fix: concourse/docker-image-resource#33)" This reverts commit 274f316. We no longer need this workaround, as we're moving to an RC that uses the new version of the resource in question. Signed-off-by: Jesse Alford <jalford@pivotal.io>
Hi!
I am running
fly execute
but it fails while pulling a docker image. From the output I can see that it tries to pull a version of a container that has never existed in the repository (private http repository).Here is the task.yml part:
Fly command:
Output of the fly command:
The docker registry doesn't contain a version of this image that has sha256 like
59795eb87abd
. I also checked the directory where the images are stored to make sure.The text was updated successfully, but these errors were encountered: