5

I am running a Docker image using Kubernetes. I would like to pass to the container the digest of the image being used. So that the code inside the container can use this for debugging/logging. The problem is that I do not seem to be able to find a way to do this without hard-coding the image digest into the pod configuration.

Is there a way to define pod configuration way so that it dynamically passes the digest as environment variable for whichever version of Docker image it ends up using?

Mitar
  • 6,756
  • 5
  • 54
  • 86

1 Answers1

5

Whatever Kubernetes happens to know can be injected using the downward API. That set of data is in the API reference for Pod objects.

It looks like this should work:

env:
  - name: DOCKER_IMAGE_ID
    valueFrom:
      fieldRef:
        fieldPath: status.containerStatuses[0].imageID

You may prefer to inject the spec.containers[0].image name, which will be easier to understand after the fact. If you're using a tool like Helm to generate the configuration, you can also use its values system:

image: {{ .Values.image }}:{{ .Values.tag }}
env:
  - name: DOCKER_IMAGE_TAG
    value: {{ .Values.tag }}
Mitar
  • 6,756
  • 5
  • 54
  • 86
David Maze
  • 130,717
  • 29
  • 175
  • 215
  • Thanks! Is `imageID` Docker's image digest? Or something else? – Mitar Feb 01 '19 at 03:05
  • "`imageID` (_string_): ImageID of the container's image." I _think_ that's the Docker SHA-256 image hash. – David Maze Feb 01 '19 at 11:53
  • It seems it is: https://stackoverflow.com/questions/45612310/get-the-image-and-image-id-of-images-in-pod-on-kubernetes-deployment – Mitar Feb 02 '19 at 02:01
  • 4
    It seems this is not really possible. Downward API is limited [in what it can expose](https://kubernetes.io/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/#capabilities-of-the-downward-api) and there are open issues about this: https://github.com/kubernetes/kubernetes/issues/50309 and https://github.com/kubernetes/kubernetes/issues/80346 – Mitar Jul 19 '19 at 03:53