简体繁体中英

Is there a way to find what a layer was made from only with its sha?

原文 2022-04-26 10:12:16 0 1 docker

This docker image https://hub.docker.com/layers/hseeberger/scala-sbt/8u222_1.3.5_2.13.1/images/sha256-c332b90d6141f34517dec9285601b246f4df7861d421d1fb8cc70ee157a098f2

does not use the usual FROM as a base, but rather ADD file:fdf0128645db4c8b990073dc4fe3fabad50411032c9aa4f86538d46e0e8f158f in /

Is there a way to see what this layer was build from / what are its contents / basically make sure that it is safe to run?

1 answers

I don't know of an automated way. But the image is based on an OpenJDK image and I found the same hash in this image https://hub.docker.com/layers/openjdk/library/openjdk/8u222-stretch/images/sha256-c9170435c6535402241fc24cd9b426aa3db527be345231147775ad83ba145705?context=explore

The OpenJDK image was published on Oct 17th 2019 and because it has 'stretch' in the name, I guessed that the base image probably was Debian, I found the same hash in the Debian image from Oct 14th 2019 https://hub.docker.com/layers/debian/library/debian/stretch-20191014/images/sha256-06888500a6e8fc2e2a06ddf83417b10660d457b1ba1e4a06bdcd427cfd394b31?context=explore

So the base image is the official debian:stretch-20191014 image. The ADD command is often used to create the official OS base images, since you can create a full filesystem from a single tar file.

How to find out what a Docker image layer is from its hash?

“bind: An attempt was made to access a socket in a way forbidden by its access permissions”

pulling image from private docker registry causes filesystem layer verification failed for digest sha256:

Docker image SHA of layer inside my image

Docker SQL bind: An attempt was made to access a socket in a way forbidden by its access permissions

System.Net.Sockets.SocketException: 'An attempt was made to access a socket in a way forbidden by its access permissions.'

Ports are not available: listen tcp 0.0.0.0/50070: bind: An attempt was made to access a socket in a way forbidden by its access permissions

How can I find the images being pulled from the SHA1s?

Is there a way to add only changed files to a docker image as a new layer - without resorting to docker commit?

What does each sha mean in a docker image

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to find out what a Docker image layer is from its hash? “bind: An attempt was made to access a socket in a way forbidden by its access permissions” pulling image from private docker registry causes filesystem layer verification failed for digest sha256: Docker image SHA of layer inside my image Docker SQL bind: An attempt was made to access a socket in a way forbidden by its access permissions System.Net.Sockets.SocketException: 'An attempt was made to access a socket in a way forbidden by its access permissions.' Ports are not available: listen tcp 0.0.0.0/50070: bind: An attempt was made to access a socket in a way forbidden by its access permissions How can I find the images being pulled from the SHA1s? Is there a way to add only changed files to a docker image as a new layer - without resorting to docker commit? What does each sha mean in a docker image

Related Tags

Is there a way to find what a layer was made from only with its sha?

Question

1 answers

solution1 1 2022-04-26 14:08:18

solution1
1 2022-04-26 14:08:18