Open borja-rivera opened 2 weeks ago
ashnamehrotra
commented
2 weeks ago Hi @borja-rivera, patching with only digest is something we can look into. If you want to patch with both the tag and digest however that is possible using the following format: image-name:tag@digest. For example copa patch -i nginx:1.21.6@sha256:2bcabc23b45489fb0885d69a06ba1d648aeda973fae7bb981bafbb884165e514.
sozercan
commented
2 weeks ago agreed, as a workaround you can do the above. tag will be ignored in this case, so it can be anything
borja-rivera
commented
2 weeks ago Great! I didn't know about this hack. So, in the tag it doesn't matter what I put and what is scanned is the sha256? I could invent a tag and put it there, or the tag must really exist?
Thanks!
ashnamehrotra
commented
2 weeks ago @borja-rivera yes, the tag doesn't need to exist and it doesn't matter which tag of the image you scanned for the report - it will still patch the image with the sha256 you entered.
borja-rivera
commented
2 weeks ago Amazing, thanks for your help!!
What kind of request is this?
New feature
What is your request or suggestion?
Hello!
I am testing the tool you have developed and I find it amazing. However, I have seen that currently it only allows to patch with COPA an image with tag. It would be great if you could provide the image with the sha256 hash instead of the tag, as it would be very useful in many occasions.
Is it planned to implement it?
Thank you very much and congratulations for the tool!
Are you willing to submit PRs to contribute to this feature request?