Fix Selected Index Digest to Manifest Digest

Signed-off-by: hojooo <ghwn5833@gmail.com>

Author: hojooo

buildpack/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/build/Builder.java

@@ -105,14 +105,22 @@ public void build(BuildRequest request) throws DockerEngineException, IOExceptio
 		Assert.notNull(request, "'request' must not be null");
 		this.log.start(request);
 		validateBindings(request.getBindings());
-		PullPolicy pullPolicy = request.getPullPolicy();
-		ImageFetcher imageFetcher = new ImageFetcher(this.dockerConfiguration.builderRegistryAuthentication(),
-				pullPolicy, request.getImagePlatform());
+        PullPolicy pullPolicy = request.getPullPolicy();
+        ImagePlatform requestedPlatform = request.getImagePlatform();
+        ImageFetcher imageFetcher = new ImageFetcher(this.dockerConfiguration.builderRegistryAuthentication(),
+                pullPolicy, requestedPlatform);
 		Image builderImage = imageFetcher.fetchImage(ImageType.BUILDER, request.getBuilder());
 		BuilderMetadata builderMetadata = BuilderMetadata.fromImage(builderImage);
 		request = withRunImageIfNeeded(request, builderMetadata);
-		Assert.state(request.getRunImage() != null, "'request.getRunImage()' must not be null");
-		Image runImage = imageFetcher.fetchImage(ImageType.RUNNER, request.getRunImage());
+        ImageReference imageReference = request.getRunImage();
+        Assert.state(imageReference != null, "'imageReference' must not be null");
+		Image runImage = imageFetcher.fetchImage(ImageType.RUNNER, imageReference);
+		String digest = this.docker.image().resolveManifestDigest(imageReference, requestedPlatform);
+		if (StringUtils.hasText(digest)) {
+			imageReference = imageReference.withDigest(digest);
+			runImage = imageFetcher.fetchImage(ImageType.RUNNER, imageReference);
+		}
+        request = request.withRunImage(imageReference);
 		assertStackIdsMatch(runImage, builderImage);
 		BuildOwner buildOwner = BuildOwner.fromEnv(builderImage.getConfig().getEnv());
 		BuildpackLayersMetadata buildpackLayersMetadata = BuildpackLayersMetadata.fromImage(builderImage);
@@ -355,8 +363,21 @@ public Image fetchImage(ImageReference reference, ImageType imageType) throws IO
 		@Override
 		public void exportImageLayers(ImageReference reference, IOBiConsumer<String, TarArchive> exports)
 				throws IOException {
-			Builder.this.docker.image().exportLayers(reference, this.imageFetcher.defaultPlatform, exports);
-		}
+            try {
+                ImageReference pinned = reference;
+				String digest = Builder.this.docker.image().resolveManifestDigest(reference,
+						this.imageFetcher.defaultPlatform);
+				if (org.springframework.util.StringUtils.hasText(digest)) {
+					pinned = pinned.withDigest(digest);
+				}
+                if (!pinned.equals(reference)) {
+                    Builder.this.docker.image().exportLayers(pinned, null, exports);
+                }
+            }
+            catch (Exception ex) {
+				Builder.this.docker.image().exportLayers(reference, this.imageFetcher.defaultPlatform, exports);
+			}
+        }
 
 	}
 

buildpack/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/DockerApi.java

@@ -243,16 +243,9 @@ public Image pull(ImageReference reference, @Nullable ImagePlatform platform,
 						listener.onUpdate(event);
 					});
 				}
-                if (platform != null) {
-                    if (getApiVersion().supports(INSPECT_PLATFORM_API_VERSION)) {
-                        return inspect(INSPECT_PLATFORM_API_VERSION, reference, platform);
-                    }
-					String digest = digestCapture.getDigest();
-					if (digest != null) {
-						ImageReference digestRef = reference.withDigest(digest);
-						return inspect(PLATFORM_API_VERSION, digestRef);
-					}
-                }
+				if (platform != null) {
+					return inspect(INSPECT_PLATFORM_API_VERSION, reference, platform);
+				}
                 return inspect(API_VERSION, reference);
 			}
 			finally {
@@ -342,10 +335,8 @@ public void exportLayers(ImageReference reference, @Nullable ImagePlatform platf
 			Assert.notNull(exports, "'exports' must not be null");
 			URI uri = buildUrl("/images/" + reference + "/get");
 			if (platform != null) {
-				if (getApiVersion().supports(EXPORT_PLATFORM_API_VERSION)) {
-					uri = buildUrl(EXPORT_PLATFORM_API_VERSION, "/images/" + reference + "/get", "platform",
-							platform.toJson());
-				}
+				uri = buildUrl(EXPORT_PLATFORM_API_VERSION, "/images/" + reference + "/get", "platform",
+						platform.toJson());
 			}
 			try (Response response = http().get(uri)) {
 				try (ExportedImageTar exportedImageTar = new ExportedImageTar(reference, response.getContent())) {
@@ -354,6 +345,32 @@ public void exportLayers(ImageReference reference, @Nullable ImagePlatform platf
 			}
 		}
 
+        /**
+         * Resolve an image manifest digest via Docker inspect.
+         * If {@code platform} is provided, performs a platform-aware inspect.
+         * Preference order: {@code Descriptor.digest} then first {@code RepoDigest}.
+         * Returns an empty string if no digest can be determined.
+         * @param reference image reference
+         * @param platform desired platform
+         * @return resolved digest or empty string
+         * @throws IOException on IO error
+         */
+		public String resolveManifestDigest(ImageReference reference, @Nullable ImagePlatform platform)
+				throws IOException {
+			Assert.notNull(reference, "'reference' must not be null");
+			Image image = inspect(API_VERSION, reference);
+			if (platform != null) {
+				 image = inspect(INSPECT_PLATFORM_API_VERSION, reference, platform);
+			}
+            Image.Descriptor descriptor = image.getDescriptor();
+            if (descriptor != null && StringUtils.hasText(descriptor.getDigest())) {
+                return descriptor.getDigest();
+            }
+            List<String> repoDigests = image.getDigests();
+			String digest = repoDigests.isEmpty() ? "" : repoDigests.get(0);
+			return digest.substring(digest.indexOf('@') + 1);
+		}
+
 		/**
 		 * Remove a specific image.
 		 * @param reference the reference the remove
@@ -589,10 +606,6 @@ public void onUpdate(ProgressUpdateEvent event) {
 			}
 		}
 
-		private @Nullable String getDigest() {
-			return this.digest;
-		}
-
 	}
 
 	/**

buildpack/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/type/Image.java

@@ -22,6 +22,7 @@
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
+import java.util.Objects;
 
 import org.jspecify.annotations.Nullable;
 import tools.jackson.databind.JsonNode;
@@ -52,6 +53,8 @@ public class Image extends MappedObject {
 
 	private final @Nullable String created;
 
+    private final @Nullable Descriptor descriptor;
+
 	Image(JsonNode node) {
 		super(node, MethodHandles.lookup());
 		this.digests = childrenAt("/RepoDigests", JsonNode::asString);
@@ -61,6 +64,8 @@ public class Image extends MappedObject {
 		this.architecture = valueAt("/Architecture", String.class);
 		this.variant = valueAt("/Variant", String.class);
 		this.created = valueAt("/Created", String.class);
+		JsonNode descriptorNode = getNode().path("Descriptor");
+		this.descriptor = (descriptorNode.isMissingNode() || descriptorNode.isNull()) ? null : new Descriptor(descriptorNode);
 	}
 
 	private List<LayerId> extractLayers(String @Nullable [] layers) {
@@ -126,6 +131,46 @@ public String getOs() {
 		return this.created;
 	}
 
+	/**
+	 * Return the descriptor for this image as reported by Docker Engine inspect.
+	 * @return the image descriptor or {@code null}
+	 */
+	public @Nullable Descriptor getDescriptor() {
+		return this.descriptor;
+	}
+
+	/**
+	 * Descriptor details as reported by the Docker Engine inspect response.
+	 */
+    public static final class Descriptor extends MappedObject {
+
+        private final @Nullable String mediaType;
+
+        private final String digest;
+
+        private final @Nullable Long size;
+
+        Descriptor(JsonNode node) {
+            super(node, MethodHandles.lookup());
+            this.mediaType = valueAt("/mediaType", String.class);
+            this.digest = Objects.requireNonNull(valueAt("/digest", String.class));
+            this.size = valueAt("/size", Long.class);
+        }
+
+        public @Nullable String getMediaType() {
+            return this.mediaType;
+        }
+
+        public String getDigest() {
+            return this.digest;
+        }
+
+        public @Nullable Long getSize() {
+            return this.size;
+        }
+
+	}
+
 	/**
 	 * Create a new {@link Image} instance from the specified JSON content.
 	 * @param content the JSON content