Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-23061

Store last N number of images in Artifactory docker registry based on their digest SHA instead of tags

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Done
    • Priority: 4 - Normal
    • Resolution: Done
    • Affects Version/s: 6.20.1
    • Fix Version/s: 7.12.5
    • Component/s: Docker, Docker Image
    • Labels:
      None
    • Environment:

      Docker client version : 19.03.12

    • Release Notes:
      Yes

      Description

      Problem statement: Docker images have digests based on the sha256 of the manifest, When pulling images from a docker registry, we can "pull by digest", which means we can use the digest instead of a tag.

      docker pull localhost:8081/docker-local/myimage@sha256:87330a20b34750f3ca7iu876
      

      When we push the image to Artifactory without a tag for the first time then Artifactory will store the image with the latest tag and we can pull the image with digest, but when we push an image (with some changes)again without tag then the image will be overwritten and the digest will be changed. We cannot pull the images from the earlier digest. However, if we try the above steps in the docker local registry or with Docker Hub then we can pull the image with both the digest.

      Steps to reproduce:
      In Artifactory Docker registry (Tried with both subdomain and repository path method)
      1. Build an image

      docker image build -t localhost:8081/docker-local/myimage:latest -<<EOF
      FROM busybox
      RUN echo version 2 > /version.txt
      EOF
      

      2. Push an image to Artifactory docker local repository ----->Digest-1 is generated.

      docker push localhost:8081/docker-local/myimage
      The push refers to repository [localhost:8081/docker-local/myimage]
      1f3b7c0802c8: Pushed
      514c3a3e64d4: Pushed
      latest: digest: sha256:87330a20b34750f3ca72a754ca7c75da5843f3758bc7340cdd47f1a0bdf85d3a size: 734 ----->Digest-1
      

       3. Delete the image in the local client machine

      docker rmi localhost:8081/docker-local/myimage
      

      4. Build an image again with the same name and tag 

      docker image build -t localhost:8081/docker-local/myimage:latest -<<EOF
      FROM busybox
      RUN echo version 1 > /version1.txt
      RUN echo version 2 > /version2.txt
      RUN echo version 3 > /version3.txt
      EOF
      

      5. Push an image again to Artifactory docker local repository ----->Digest-2 is generated.

      docker push localhost:8081/docker-local/myimage
      The push refers to repository [localhost:8081/docker-local/myimage]
      f80f72f7115e: Pushed
      481c18bca1c6: Pushed
      514c3a3e64d4: Layer already exists
      latest: digest: sha256:dc1364246f0f244cb8ede6e89f190bdb384194801992f567a33eb13af7ea46ee size: 941  ----->Digest-2
      

      6. Delete the image in the local client machine

      docker rmi localhost:8081/docker-local/myimage
      

      7. Pull the image with the Digest-1----> Not able to pull the image.

      docker pull localhost:8081/docker-local/myimage@sha256:87330a20b34750f3ca72a754ca7c75da5843f3758bc7340cdd47f1a0bdf85d3a
      Error response from daemon: manifest for localhost:8081/docker-local/myimage@sha256:87330a20b34750f3ca72a754ca7c75da5843f3758bc7340cdd47f1a0bdf85d3a not found: manifest unknown: The named manifest is not known to the registry.
      

      With Docker Hub/Docker local registry

      1. Build an image

      docker image build -t test/dockerdemo:latest -<<EOF
      FROM busybox
      RUN echo version 1 > /version1.txt
      EOF
      

      2. Push an image to docker hub repository ----->Digest-1 is generated.

      docker push test/dockerdemo
      The push refers to repository [docker.io/test/dockerdemo]
      943468c08540: Pushed
      514c3a3e64d4: Mounted from library/busybox
      latest: digest: sha256:a3971646af0dc4c5cffeca6a6e577f3f8daf9d999f46548f21f0ae6279ed9fe6 size: 734 ----->Digest-1
      

       3. Delete the image in the local client machine

      docker rmi test/dockerdemo
      

      4. Build an image again with the same name and tag

      docker image build -t test/dockerdemo:latest -<<EOF
      FROM busybox
      RUN echo version 1 > /version1.txt
      RUN echo version 2 > /version2.txt
      RUN echo version 3 > /version3.txt
      EOF
      

      5. Push an image again to docker hub repository ----->Digest-2 is generated.

      docker push test/dockerdemo
      The push refers to repository [docker.io/test/dockerdemo]
      d5fb2423992b: Pushed
      514c3a3e64d4: Layer already exists
      latest: digest: sha256:d57b2570901baf9272d1b6ad532f13a866946399a1ce6c23e3024a8282b6edc4 size: 892 ----->Digest-2
      

      6. Delete the image in the local client machine

      docker rmi test/dockerdemo
      

      7. Pull the image with the Digest-1----> able to pull successfully

      docker pull test/dockerdemo@sha256:a3971646af0dc4c5cffeca6a6e577f3f8daf9d999f46548f21f0ae6279ed9fe6
      sha256:a3971646af0dc4c5cffeca6a6e577f3f8daf9d999f46548f21f0ae6279ed9fe6: 
      Pulling from test/dockerdemo61c5ed1cbdf8: Already exists8bb27bccca2d: Pull completeDigest: sha256:a3971646af0dc4c5cffeca6a6e577f3f8daf9d999f46548f21f0ae6279ed9fe6Status: Downloaded newer image for test/dockerdemo@sha256:a3971646af0dc4c5cffeca6a6e577f3f8daf9d999f46548f21f0ae6279ed9fe6docker.io/test/dockerdemo@sha256:a3971646af0dc4c5cffeca6a6e577f3f8daf9d999f46548f21f0ae6279ed9fe6
      

        

        Attachments

          Activity

            People

            Assignee:
            tomern Tomer Nir
            Reporter:
            jayanths Jayanth Suresh
            Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Sync Status

                Connection: RTFACT Sync
                RTMID-23061 -
                SYNCHRONIZED
                • Last Sync Date: