anchore-engine
anchore-engine copied to clipboard
anchore
Feature Request: support multiarch docker images
Is this a request for help?: No
Is this a BUG REPORT or a FEATURE REQUEST? (choose one): Feature Request
Version of Anchore Engine and Anchore CLI if applicable: anchore-cli, version 0.9.3
What happened: Anchore engine shows the report of a container that only matches my local platform.
The docker image is in GitLab Registry. The docker image has a single tag, but it actually has two platform: x86_64 and arm64.
The report of anchore-engine only shows the info for x86_64. There is no options or method to show the info for arm64.
Edit 1: I could do this with Trivy for checking a specific SHA/platform (Arm) of an image:
trivy image --security-checks vuln,config registry.provider/username/repo-name@sha256:69c244848b668314706e6d53121b52db4760354d9e36ca84547a51c41b42d16f
But I can't do this with anchore.
What did you expect to happen: Having options to choose the architecture of the container image. Or Anchore could scan all available platform of the container image.
Any relevant log output from /var/log/anchore:
What docker images are you using: anchore-engine-1.15.1 install by Helm chart
How to reproduce the issue:
Anything else we need to know: The image should have both arm64 and amd64 manifest, using the skopeo inspect --raw option.
{
"mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
"schemaVersion": 2,
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:62675d5d2859ceccbe7339703c9f14c7aff4a9f41a05c066681852d5fc5ced07",
"size": 1582,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:69c244848b668314706e6d53121b52db4760354d9e36ca84547a51c41b42d16f",
"size": 1581,
"platform": {
"architecture": "arm64",
"os": "linux"
}
}
]
}
