I am building a github action for a docker build, test, publish pipeline. I am using this action: Build and push Docker images · Actions · GitHub Marketplace · GitHub
The pipeline will be triggered every night to check if there is a need to update the image.
Pipeline will look like this:
- build docker locally
- Check if image already in docker hub
- If yes, stop
- If not, test the newly built image
- If test is successful tag (with date) and push it docker hub
- Tag git repo with same tag as docker image
I face two major issues to build this pipeline:
If I do not use cache in github, as every build environment is prestine, I get a new docker ID for every build for the reason outlined here: https://maori.geek.nz/how-to-digest-a-docker-image-ca9fc7630b71
Even if I used cache, how do I reliably check if a newly built image is already in docker hub? I can check newly built Docker ID against, “.config.digest” from docker-hub-remote-api. Is this matching reliable? I would rather check if any layers have changed so that whether I have cache or not the “matching” always work.
- I understand docker id is the sha256 of local docker config. How is the docker config used? How is the usage different from docker manifest?
- What is RepoDigest? How is it created?
- When are manifest created? If I do “docker inspect” I do not see layer information. The contents of manifest.json and “docker manifest inspect” is totally different.
As a generic question, where can I get more details about docker ID, manifest etc.