Would people be open to a PR that adds support for specifyin

Question

Would people be open to a PR that adds support for specifying the shasum of a docker image in addition to the tag Seems like a pretty minor change to `flytekit` that d enable specifying images like `<http docker io my image sha256|docker io my image sha256> ` is helpful to ensure that a specific workflow is locked to an exact image Happy to make the PR later this week

Yee · Answer

cc < Haytham Abuelfutuh>

Yee · Answer

i feel like this is something we ve discussed in the past

Yee · Answer

more from a security standpoint than anything else but yeah this is why we some users will just set the image to the git sha

Rahul Mehta · Answer

Yeah that too I tried this on the most recent version of `flytekit` and the image specified w the shasum failed a parsing step looks like the regex is only looking for `tag` This is a pretty important feature for us since it s how we ensure dependency compatibility between a workflow amp the corresponding container image in our existing Argo setup

Haytham Abuelfutuh · Answer

Yes < Rahul Mehta> that sounds like a great step as Yee said we ve discussed this in the past but never got around to supporting it Thank you