Contributing guidelines
I've found a bug and checked that ...
Description
The sha256 hash that is output when I invoke docker buildx build --quiet --load ... is different than the hash written to an image ID file with --iidfile. (using the docker-container driver) Moreover, the hash printed on standard output is not accessible from the local Docker daemon. (it appears to be for an image manifest that was not transferred to the daemon with the image)
Expected behaviour
The output from docker buildx build --quiet should be usable in other docker commands.
Actual behaviour
The output of the build command is a hash of an object not present in the local Docker daemon. A different hash is written to the image ID file, and this hash refers to an image that has been loaded into the local Docker daemon.
Buildx version
github.com/docker/buildx v0.10.4 c513d34
Docker info
Client: Docker Engine - Community
Version: 24.0.0
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.10.4
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.17.3
Path: /usr/libexec/docker/cli-plugins/docker-compose
index: Docker Index (Docker Inc.)
Version: v0.0.6
Path: /home/david/.docker/cli-plugins/docker-index
Server:
Containers: 3
Running: 1
Paused: 0
Stopped: 2
Images: 130
Server Version: 24.0.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: false
userxattr: true
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc version: v1.1.7-0-g860f061
init version: de40ad0
Security Options:
seccomp
Profile: builtin
rootless
cgroupns
Kernel Version: 5.19.0-41-generic
Operating System: Ubuntu 22.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.35GiB
Name: david-ThinkPad-X13-Gen-2i
ID: EQPP:DRNA:WOR2:FOFW:RF6A:3BCA:XCAS:OQME:OXNA:OTMC:OOM5:GACY
Docker Root Dir: /home/david/.local/share/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Builders list
NAME/NODE DRIVER/ENDPOINT STATUS BUILDKIT PLATFORMS
stupefied_mclaren * docker-container
stupefied_mclaren0 unix:///run/user/1000/docker.sock running v0.11.6 linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/amd64/v4, linux/386
default docker
default default running v0.11.6 linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/amd64/v4, linux/386
rootless docker
rootless rootless running v0.11.6 linux/amd64, linux/amd64/v2, linux/amd64/v3, linux/amd64/v4, linux/386
Configuration
FROM scratch
ADD empty.txt empty.txt
$ rm -f imageid.txt && docker buildx build --quiet --load --iidfile=imageid.txt . && cat imageid.txt && echo
sha256:a1073cc10b4891c1f17ee66cb948d865c927a3dd4711bb17c0e5d80e87678719
sha256:d6f2caf94bbafca729eb2917b250d09d3b40f2f9f52b95aa43711cbb1bc0d9f2
$ docker image inspect sha256:a1073cc10b4891c1f17ee66cb948d865c927a3dd4711bb17c0e5d80e87678719
[]
Error response from daemon: No such image: sha256:a1073cc10b4891c1f17ee66cb948d865c927a3dd4711bb17c0e5d80e87678719
$ docker image inspect sha256:d6f2caf94bbafca729eb2917b250d09d3b40f2f9f52b95aa43711cbb1bc0d9f2
[
{
"Id": "sha256:d6f2caf94bbafca729eb2917b250d09d3b40f2f9f52b95aa43711cbb1bc0d9f2",
(snip)
}
]
$ docker exec -it buildx_buildkit_stupefied_mclaren0 /usr/bin/buildctl debug get sha256:a1073cc10b4891c1f17ee66cb948d865c927a3dd4711bb17c0e5d80e87678719
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"schemaVersion": 2,
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"digest": "sha256:d6f2caf94bbafca729eb2917b250d09d3b40f2f9f52b95aa43711cbb1bc0d9f2",
"size": 527
},
"layers": [
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"digest": "sha256:22ced7f56265a8316fdfcbb3c53877e2e96fcc4f5b6ec7cc0becac5eeb3bcc17",
"size": 97
}
]
}
$ docker exec -it buildx_buildkit_stupefied_mclaren0 /usr/bin/buildctl debug get sha256:d6f2caf94bbafca729eb2917b250d09d3b40f2f9f52b95aa43711cbb1bc0d9f2 | jq .
{
"architecture": "amd64",
"config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"WorkingDir": "/",
"OnBuild": null
},
"created": "2023-05-22T20:02:26.763744423Z",
"history": [
{
"created": "2023-05-22T20:02:26.763744423Z",
"created_by": "ADD empty.txt empty.txt # buildkit",
"comment": "buildkit.dockerfile.v0"
}
],
"moby.buildkit.buildinfo.v1": "eyJmcm9udGVuZCI6ImRvY2tlcmZpbGUudjAifQ==",
"os": "linux",
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:aec7f9aa889040eadab9a2645eb658cafb49aa2f0825e2b51ac743b557618159"
]
}
}Build logs
No response
Additional info
No response
Contributing guidelines
I've found a bug and checked that ...
Description
The sha256 hash that is output when I invoke
docker buildx build --quiet --load ...is different than the hash written to an image ID file with--iidfile. (using the docker-container driver) Moreover, the hash printed on standard output is not accessible from the local Docker daemon. (it appears to be for an image manifest that was not transferred to the daemon with the image)Expected behaviour
The output from
docker buildx build --quietshould be usable in other docker commands.Actual behaviour
The output of the build command is a hash of an object not present in the local Docker daemon. A different hash is written to the image ID file, and this hash refers to an image that has been loaded into the local Docker daemon.
Buildx version
github.com/docker/buildx v0.10.4 c513d34
Docker info
Builders list
Configuration
Build logs
No response
Additional info
No response