docker pull integrity完整性

we use ubuntu as example：

open the ubuntu docker hub, https://hub.docker.com/_/ubuntu

# with the right sha256, can works, suffix with 20
docker pull ubuntu:jammy@sha256:b060fffe8e1561c9c3e6dea6db487b900100fc26830b9ea2ec966c151ab4c020

# without the right sha256, cannot works, suffix with 21
docker pull ubuntu:jammy@sha256:b060fffe8e1561c9c3e6dea6db487b900100fc26830b9ea2ec966c151ab4c021

check the docker image

IMAGE=ubuntu

docker inspect --format='{{index .Id}}' $IMAGE

docker images --no-trunc --quiet $IMAGE
docker inspect --format='{{.RepoDigests}}' $IMAGE
docker inspect --format='{{.RepoDigests}}' $IMAGE | sed 's:^.\(.*\).$:\1:' | tr " " "\n"
docker inspect --format='{{index .RepoDigests 0}}' $IMAGE
docker image inspect $IMAGE --format "{{json .RepoDigests}}" | jq -r .[0]

run the container

# with the right sha256, can works, suffix with 20
docker run --rm -it --name ubtest1 ubuntu:jammy@sha256:b060fffe8e1561c9c3e6dea6db487b900100fc26830b9ea2ec966c151ab4c020 bash

REF:

https://stackoverflow.com/questions/25445318/docker-how-do-i-pull-a-specific-build-id

https://stackoverflow.com/questions/32046334/where-can-i-find-the-sha256-code-of-a-docker-image

https://stackoverflow.com/questions/39375421/can-i-get-an-image-digest-without-downloading-the-image

posted @ 2023-07-05 14:20 lvmxh 阅读(17) 评论(0) 编辑收藏举报

刷新页面返回顶部

docker pull integrity完整性

公告