Use digests when pulling mkimage images. #170
Conversation
With DOCKER_CONTENT_TRUST=1 docker run <image>:<tag> the docker command will print on stdout something like: Tagging <image> with ... on the first pull which then ends up the in the output image. Pulling with digest stops that message Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
|
This seems OK as a workaround for now, but this shouldn't be needed -- I think it is a moby bug if it is logging to stdout when it is not a tty, since it breaks the |
|
Hrm. should we be using |
|
I’m on a bus to an airport so can’t test. But if you have a better fix that would be great
… On 20 Oct 2017, at 15:59, Ian Campbell ***@***.***> wrote:
Hrm. should we be using --attach=STDIN rather than -i? Maybe this is our fault?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
I'm having a play now. |
|
I can't seem to repro the behaviour seen in linuxkit/linuxkit#2612 with 17.09 or 17.10, either with moby tool with or manually with: Maybe it is related to the version of docker? I'll try some older versions. |
|
I needed to |
|
Using Doing the pull separately first does avoid the issue, which might be better than having to mess around with digests until Docker CLI can be fixed, it's slightly racy in that someone could delete the image between the pull and the run, but that seems unlikely... |
|
Reported at docker/cli#631. I have an alternative workaround at #171. |
|
Closing as merged #171 |
With DOCKER_CONTENT_TRUST=1 docker run![]()
:
the docker command will print on stdout something like:
Tagging![]()
with ... on the first pull which then ends
up the in the output image.
Pulling with digest stops that message
Signed-off-by: Rolf Neugebauer rolf.neugebauer@docker.com