podman does not support both tag and digest for pulling images

Created on 23 Jun 2020  ·  12Comments  ·  Source: containers/podman

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

Docker will accept a tag and a digest to pull an image. It will pull that specific digest only, and completely ignore the tag.

Steps to reproduce the issue:

[jammy@ibm007470 ~]$ skopeo inspect docker://docker.io/fedora:32 | jq .Digest
"sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326"
[jammy@ibm007470 ~]$ podman pull docker.io/fedora:32@sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326
Error: invalid image reference "docker.io/fedora:32@sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326"
[jammy@ibm007470 ~]$ docker pull docker.io/fedora:32@sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326
sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326: Pulling from library/fedora
0169c1449c16: Downloading  4.832MB/70.73MB

Describe the results you received:
Podman does not pull

Describe the results you expected:
Podman pulls successfully

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

[jammy@ibm007470 ~]$ podman version
Version:            1.9.3
RemoteAPI Version:  1
Go Version:         go1.14.2
OS/Arch:            linux/amd64

Package info (e.g. output of rpm -q podman or apt list podman):

podman-1.9.3-1.fc32.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.):
Laptop

kinbug kinfeature
Source
picture Jamstah
👍1

Most helpful comment

Generally speaking, we do consider Docker compatibility issues bugs (aside from a few places where we've deliberately decided to be somewhat different, e.g. no --link support).

picture mheon on 11 Aug 2020
👍2

All 12 comments

Thanks for opening the issue, @Jamstah!

@mtrmac PTAL

vrothberg picture vrothberg on 23 Jun 2020

(Just linking earlier discussions:) The problem space has been described in https://github.com/containers/buildah/issues/1407#issuecomment-472575647 . An implementation https://github.com/cri-o/cri-o/pull/3060 , with the PR review pointing out gotchas with simpler implementations.

mtrmac picture mtrmac on 23 Jun 2020

A friendly reminder that this issue had no activity for 30 days.

github-actions[bot] picture github-actions[bot] on 24 Jul 2020

@mtrmac still working on this?

rhatdan picture rhatdan on 24 Jul 2020

If you check my PR, this is technically a feature rather than a bug- I fixed the error messages. I'll look into getting it working soon!

ParkerVR picture ParkerVR on 10 Aug 2020

If you check my PR, this is technically a feature rather than a bug- I fixed the error messages. I'll look into getting it working soon!

I may have been a little cheeky marking as a bug, but I was working under the assumption that docker compatibility was supposed to have been achieved, and therefore things that work in docker but not podman are bugs.

Thanks for taking a look, feel free to change to feature :)

Jamstah picture Jamstah on 11 Aug 2020

Generally speaking, we do consider Docker compatibility issues bugs (aside from a few places where we've deliberately decided to be somewhat different, e.g. no --link support).

mheon picture mheon on 11 Aug 2020
👍2

The PR in c/image was closed as it was decided to change the code in Podman directly. It was intentionally not implemented in this way (https://github.com/containers/buildah/issues/1407#issuecomment-472575647) but this functionality may be added

ParkerVR picture ParkerVR on 10 Sep 2020

From #1407, "Later versions of Docker interpret this as “ask for the image with the specified digest, ignore the tag completely”, misses one way this actually makes sense: it provides a way to know what that digest is for humans, just like a comment.

Jiehong picture Jiehong on 7 Nov 2020

Yes, that case has been explicitly considered in the linked GitHub comment.

mtrmac picture mtrmac on 7 Nov 2020

Sadly no one has worked on this one, seems to be still an issue.

rhatdan picture rhatdan on 24 Dec 2020

pull with both a tag and digest

$ docker pull docker.io/fedora:32@sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326
$ docker images | grep fedora
fedora              <none>              2a8d315e6208        7 months ago        201MB
$ docker rmi 2a8d

pull without a tag

$ docker pull docker.io/fedora@sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326
$ docker images | grep fedora
fedora              <none>              2a8d315e6208        7 months ago        201MB

pull with a wrong tag with the digest

$ docker pull docker.io/fedora:31@sha256:e69b5a62ce23c673885bddc94e6679c9b2af683059637ceddb9cff458537a326
$ docker images | grep fedora
fedora              <none>              2a8d315e6208        7 months ago        201MB

so the tag will be ignore when with the digest

zhangguanzhang picture zhangguanzhang on 25 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rossturk picture rossturk  ·  54Comments
Noah-Huppert picture Noah-Huppert  ·  51Comments
alitvak69 picture alitvak69  ·  50Comments
AkihiroSuda picture AkihiroSuda  ·  50Comments
4383 picture 4383  ·  58Comments