What is the Docker SDK for Python library returning from APIClient.inspect_distribution()

Question

The metadata returned from here: https://docker-py.readthedocs.io/en/stable/api.html#docker.api.image.ImageApiMixin.inspect_distribution

Contains a digest that doesn't match anything else I can find from the docker API. What exactly is the source of that digest and does this library supply a way to retrieve a digest from a remote image rather than doing a direct API call like:

http --verify no https://myregistry.com/myimage/manifests/latest Accept:application/vnd.docker.distribution.manifest.v2+json | jq

And secondary to this, do multiplatform images have a single digest for the manifest list, or does each manifest have its own digest. My goal is to compare a locally built image against a remote image to see if they are identical.

score 0 · Answer 1 · answered Jul 16 '20 at 18:34

Found the issue.

inspect_distribution will return the sha256 of the manifest list for a multiplatform image. For a single platform image it returns the sha256 of the single manifest.

If the single image is one of the manifests from the multiplatform image, then the sha256 of the manifest will be in the list of manifests from the multiplatform image.

Comment here if clarification is needed.

What is the Docker SDK for Python library returning from APIClient.inspect_distribution()

1 Answers1