Fix OCI images not being processed correctly #12

This commit changes the way remote images are checked for updates. Instead of being based off the local image hash, which changes locally for OCI images with application/vnd.oci.image.index.v1+json manifests, all remote images now base themselves off the manifest list content digest, present in the docker-content-digest response header for the Docker Registry API v2/manifests endpoint and in RepoDigests with the command docker image inspect.

Local images do not have content digests, so they still follow the local image hash system.

A few things (non-extensive list) need to be tested thoroughly before pulling to main:

Does the manifest list content digest change on all updates?
Does the manifest list content digest change when changes are made to an architecture that is not ours? If so, is it done very often, causing unnecessary pulls?
Do all images have a manifest list?
Are there any regressions with local images?

This commit changes the way remote images are checked for updates. Instead of being based off the local image hash, which changes locally for OCI images with application/vnd.oci.image.index.v1+json manifests, all remote images now base themselves off the manifest list content digest, present in the `docker-content-digest` response header for the Docker Registry API v2/manifests endpoint and in RepoDigests with the command `docker image inspect`. Local images do not have content digests, so they still follow the local image hash system. A few things (non-extensive list) need to be tested thoroughly before pulling to main: * Does the manifest list content digest change on all updates? * Does the manifest list content digest change when changes are made to an architecture that is not ours? If so, is it done very often, causing unnecessary pulls? * Do all images have a manifest list? * Are there any regressions with local images?

I believe that moving to this system might require all images to be removed and repulled, since the content digest might not be in the right format if the image was pulled with a image id.

While testing, I ran into an issue with trying to get the locally stored content digests by using the {{index .RepoDigests 0}} format with the docker inspect image command. The digest was there, but that syntax did not work, only {{.RepoDigests}} would work.

I believe that moving to this system might require all images to be removed and repulled, since the content digest might not be in the right format if the image was pulled with a image id. While testing, I ran into an issue with trying to get the locally stored content digests by using the `{{index .RepoDigests 0}}` format with the `docker inspect image` command. The digest was there, but that syntax did not work, only `{{.RepoDigests}}` would work.

Works in production. Couldn’t test child image rebuilds but I believe it’ll be unaffected by those changes.
Thanks for the rework!

Works in production. Couldn’t test child image rebuilds but I believe it’ll be unaffected by those changes. Thanks for the rework!

Labels Milestones

Fix OCI images not being processed correctly #12