I am a developer of an open-source software called V2X Hub found. I am having issues with the docker scout image analysis. Manly for our multi-architecture, multi-stage build for some reason docker scout seems to be picking up an incorrect docker base image and then flagging it as outdated. For our docker build, we support both arm and amd64 architectures and build a multi-architecture image. For both we use ubuntu:jammy as a base image which should be up-to-date. For some reason Docker Hub and Docker Scout recognize this correctly for arm and then believe we are using some oisupport/staging-amd64:jammy base image for amd64. Not sure how this is possible or if there is some obscured process that is modifying the base image we use.
As a note to speed up our build and avoid cross-compilation bugs, we build the arm and amd images separately in arm and amd GitHub runners and then combine the images into a multi-architecture image afterwards using ādocker manifestā. Not sure if this has some impact.
Our entire CI pipeline can be viewed here.
Our Dockerfile can be viewed here
Below are screen shots showing our develop multi-architecture image with two different base images:
Iā not familiar with this image, but it looks like it is for official images
I could not reproduce the issue with the scout cli. I got the right ubuntu jammy image as base image for both architectures. If it is a Docker Hub issue, you could report here:
I do not know that this is a dockerhub issue, since we build the image just using the docker CLI. Is there a reason you believe this to be dockerhub and not docker related
You see the wrong base image on Docker Hub. I canāt see the scout result on your image, so I tested your image locally using docker scout command and it returned the right base image. That is why I think Docker Hub shows a wrong base image. I can try to push your image later to my private repo where I have scout enabled if you want to be sure.
