Skip to content

bug: during inspectConfig, the OS information obtained from the layers is non-deterministic or missed #9982

New issue
New issue
Open
Bug
Open
bug: during inspectConfig, the OS information obtained from the layers is non-deterministic or missed#9982
Bug
Labels
kind/bugCategorizes issue or PR as related to a bug.
@DmitriyLewen

Description

@DmitriyLewen
DmitriyLewen
opened on Dec 23, 2025

Description

At the moment, when we inspect the image config, the OS information can be incorrect and/or incomplete.
Since we obtain OS information only from the scanned layers, the following cases are possible:

Information is missed because the layer is already cached
If information is updated in different layers, the result is non-deterministic

Current Implementation

The current logic in pkg/fanal/artifact/image/image.go:

p := parallel.NewPipeline(a.artifactOption.Parallel, false, layerKeys, func(ctx context.Context,
    layerKey string) (any, error) {
    // ... inspection logic
    return layerInfo.OS, nil
}, func(res any) error {
    // Merge OS info in onResult (main goroutine)
    osInfo := res.(types.OS)
    osFound.Merge(osInfo)
    return nil
})

This approach works well for layers being inspected, but doesn't account for layers loaded from cache.

Expected Behavior

OS information should be merged deterministically in layer order, regardless of whether layers come from cache or fresh inspection.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions