How to use a multiarch base docker image when specifying SHA
I'm stuck following our internal procedure that requires pinning a docker base image to a specific SHA. And, I'm stuck needing to build a mulitarch image for both x86_64 and ARM.
The base image that I'm looking at has a SHA for each architecture (which I would expect, makes total sense). So how can I specify a specific SHA in the FROM if the resulting image is also supposed to be multiarch? Am I stuck using a Dockerfile for each arch??
Update: Docker Hub now shows the digest for the multi-platform index, so you can use that, or one of the tools listed below to get that digest:
The manifest list for a multi-platform image has its own digest, and that is what you want to provide to tools. There are a variety of tools that can get this. My own tool is regclient with the regctl CLI, go-containerregistry from Google has crane, and Docker has been including an imagetools CLI under buildx:
$ regctl image digest bitnami/minideb
sha256:713d1fbd2edbc7adf0959721ad360400cb39d6b680057f0b50599cba3a4db09f
$ crane digest bitnami/minideb
sha256:713d1fbd2edbc7adf0959721ad360400cb39d6b680057f0b50599cba3a4db09f
$ docker buildx imagetools inspect bitnami/minideb
Name: docker.io/bitnami/minideb:latest
MediaType: application/vnd.docker.distribution.manifest.list.v2+json
Digest: sha256:713d1fbd2edbc7adf0959721ad360400cb39d6b680057f0b50599cba3a4db09f
Manifests:
Name: docker.io/bitnami/minideb:latest@sha256:2abaa4a8ba2c3ec9ec3cb16a55820db8d968919f41439e1e8c86faca81c8674a
MediaType: application/vnd.docker.distribution.manifest.v2+json
Platform: linux/amd64
Name: docker.io/bitnami/minideb:latest@sha256:3c44390903734b2657728fcad8fb33dcdf311bdeaafcc3b9f179d78bdf4da669
MediaType: application/vnd.docker.distribution.manifest.v2+json
Platform: linux/arm64
- Docker Compose wait for container X before starting Y
- How to use rules_oci to run an image local via Docker?
- Getting error "Get http://localhost:9443/metrics: dial tcp 127.0.0.1:9443: connect: connection refused"
- How to install pyarrow on an Alpine Docker image?
- Unable to push image to ACR from terraform - could not get auth config (the credentialhelper did not work or was not found):
- Docker returning Error 133: Failed to create temporary file with plenty of disk space
- Database's backup location that created by Azure Data Studio on Mac M1
- ubuntu wslregisterdistribution failed with error: 0x80041002
- System.InvalidOperationException: Failed to deploy distro docker-desktop to <localpath>: exit code: -1
- Installing specific version of NodeJS and NPM on Alpine docker image
- intellij idea wsl 2 can't load projet from \\WSL.LOCALHOST\[distrib]
- Docker "protocol not available" after context change
- How to configure different dockerfile for development and production
- Is it possible to convert the publish method of an App Service from Code to Docker?
- Jib create folder for temporary files and changing folder ownership
- Heroku: How to release an existing image in gitlab CI/CD?
- Access to full /proc in Docker container
- lookup registry-1.docker.io: no such host
- Nestjs doesn't handle request from nginx proxy_pass using docker-compose
- PackagesNotFoundError : The following packages are not available from current channels:
- Prisma openssl version issue
- why are alpine versions of node throwing an error that @jridgewell/gen-mapping module not found?
- Safe ways to specify postgres parameters for healthchecks in docker compose
- How to get a list of images on docker registry v2
- Docker is in volume in use, but there aren't any Docker containers
- PhpStorm inserts wrong client_host IP when trying to run debug session
- How to Properly Inject Service Account Credentials in Google Cloud Build for Cloud Run Deployment?
- Docker - COPY file from different working directory to another is not working
- starting container process caused: exec: "fastapi": executable file not found in $PATH: unknown
- docker login fails while using docker-credential-secretservice