You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been building some base images wit apko but when attempting to scan them locally or remotely with Snyk I'm presented with the error "Invalid OCI Image". I get similar issues when trying to scan them from a remote repository.
Having done some digging, I see that this issue also exists with Kaniko as detailed in this issue here: GoogleContainerTools/kaniko#1976
As noted in the thread, apko uses the same tar.gz + sha: prefix naming convention as Kaniko which Snyk (and other tools) can't seem to handle:
tar xvf out.tar.gz -C apko/
x sha256:c1430763aaa262e6080a79aa7898e0872eb4f98582d2588abfc001a3e7ea4b2c
x 86fba8ea54b9cf5891dc96f353048e564df6398ac6d5ad51b4830d65878958ea.tar.gz
x sha256:d60dcde6334380312a0442ae7751edb20847768211f02a6e11502e59839ddd36
x 8892bfbbf1e1c5d481d7f4659e30fa4613acdbc1e4592549f98e9ffc871bf41d.tar.gz
x manifest.json
x sha256:69929f308833e75856197e7ebf8cbdad9e23ced1e98c1815fc1317a206c952b2
x sha256:3e1f32ed6a56b71f3e52d1409b64fcd42eb9257016aa9613516895161f557eaa
x index.json
However, scanning with Docker Scout works fine.
Really I guess this is more of an issue with Snyk but is this something that could be done in apko via some sort of --legacy flag to us a more compatible naming convention?
The text was updated successfully, but these errors were encountered:
I've been building some base images wit apko but when attempting to scan them locally or remotely with Snyk I'm presented with the error "Invalid OCI Image". I get similar issues when trying to scan them from a remote repository.
Having done some digging, I see that this issue also exists with Kaniko as detailed in this issue here: GoogleContainerTools/kaniko#1976
As noted in the thread, apko uses the same tar.gz + sha: prefix naming convention as Kaniko which Snyk (and other tools) can't seem to handle:
However, scanning with Docker Scout works fine.
Really I guess this is more of an issue with Snyk but is this something that could be done in apko via some sort of
--legacyflag to us a more compatible naming convention?The text was updated successfully, but these errors were encountered: