Open afbjorklund opened 3 years ago
related: #11322
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
Hi @afbjorklund , I am interested in working on this issue, could you assign it to me?
Currently we are using the name:tag of an image, which has some issues
:latest
Previously we have also used digests, which is another can of worms
So it would be better to add support for the "id" to our image loading code.
This is calculated based on the contents of the image itself, and also in CRI.
It looks something like this:
sha256:c55b0f125dc65ee6a9a78307d9a2dfc446e96af7477ca29ddd4945fd398cc698
Instead of
busybox:latest
(short name) ordocker.io/library/busybox:latest
(canonical name)Then we can compare this with
crictl images
(or
docker images
, when not using CRI)So we should avoid digests, which is confusing because they look similar:
And instead use the "image id", for separating two images from eachother:
Note that the image id changes with the architecture, while the repo digest remains the same.
We can still use digests for the kicbase of course, this was about handling in
cache
andimage
.Some pseudo-code
Docker
similar to the CLI:
Podman
(no daemon, no api - we just call the CLI instead.)
podman doesn't have
sha256:
prefix in id? add it, for comparisonneed to make sure to add it to the
crictl
output, when using cri-oTarball
Implementation details:
nil
, to get all)python:latest
)Previous issues:
10060
10075
11276