Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker pull from gh packages fail with "no matching manifest for linux/amd64" #223

Closed
abelsromero opened this issue Oct 7, 2021 · 6 comments
Closed

Docker pull from gh packages fail with "no matching manifest for linux/amd64" #223

abelsromero opened this issue Oct 7, 2021 · 6 comments

Comments

@abelsromero
Copy link
Member

abelsromero commented Oct 7, 2021
edited
Loading

Tried to pull from packages page and the following error is shown from Linux x86_64 machine.

/github/docker-asciidoctor >>> docker pull ghcr.io/asciidoctor/asciidoctor:cache                                                                                                                                                                                                                                                          ±[●●][add-image-cve-scan]
cache: Pulling from asciidoctor/asciidoctor
no matching manifest for linux/amd64 in the manifest list entries
@dduportal
Copy link
Contributor

Hello @abelsromero , the official distribution channel is the DockerHub. We are using the ghcr repository for a temporary cache only, not sur if we can mask the « packages » page though.

@abelsromero
Copy link
Member Author

But still, the command should work right? It seems like maybe some metadata is not 100% accurate and DockerHub (which works) is making some fix under-the-hood.

@dduportal
Copy link
Contributor

Never tried to pull the image directly, as I expect it to be fully managed by Docker Buildx.

As you can see here: https://github.com/asciidoctor/docker-asciidoctor/blob/main/docker-bake.hcl#L28-L30 , the pull.push part is managed by the cache engine of BuildX.

I have the same error as you when trying to pull the image: my gut feeling is that buildx only pushes the layers without a manifest (because there is no need to).

What is the goal you would want to achieve by pulling this image directly?

@abelsromero
Copy link
Member Author

Related to #224, my first plan was pulling from cache to avoid network issues with dockerhub. But that's no longer the approach now.

@dduportal
Copy link
Contributor

Oh I see, thanks for explaining!

It might also be interesting to check for vulnerabilities in the cache image if we do it on the final image (ref. supply chain attacks...).

When you say that you had netork issue with the dockerhub, was it during the build, or during usage of the final image?
I'm asking because we could publish the final image on both Dockerhub and GitHub quite easily since buildx and the bake file allows that.
If it us during the "build", it might be more complicated to improve though (since we rely on official and trusted images from DockerHub...).

Also, is the usage of docker buildx an obstacle for you?

@dduportal
Copy link
Contributor

Closing as "obsolete". Feel free to reopen with details if you still have the problem.

@dduportal dduportal closed this as not planned Won't fix, can't repro, duplicate, stale Mar 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dduportal @abelsromero