Dockerhub latest tag does not point to latest. #1108
Description
Description
The release procedure to deploy the mockery dockerimage to dockerhub ends up tagging the image in a way that does not let Dependabot create update-PRs.
Reproducer
Add the following code line to a Dockerfile, and configure Dependabot to create updates for it:
FROM vektra/mockery:v3.5.0@sha256:f6209e3c110316726c5aefeb41d98a7bb99fd5b54ce1726c4b39b358d85d0baeExample Dependbot logs:
INFO <job_0000000000> Checking if vektra/mockery v3.5.0 needs updating
GET https://registry.hub.docker.com:443/v2/vektra/mockery/tags/list
401 https://registry.hub.docker.com:443/v2/vektra/mockery/tags/list
GET https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
200 https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
GET https://registry.hub.docker.com:443/v2/vektra/mockery/tags/list
200 https://registry.hub.docker.com:443/v2/vektra/mockery/tags/list
INFO <job_0000000000> Original tag components:
HEAD https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/latest
401 https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/latest
GET https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
200 https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
HEAD https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/latest
200 https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/latest
HEAD https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/3.5
401 https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/3.5
GET https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
200 https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
HEAD https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/3.5
200 https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/3.5
INFO <job_0000000000> The `latest` tag points to the same image as the `3.5` image, so dependabot is treating `v3.5.1` as a pre-release. The `latest` tag needs to point to `v3.5.1` for Dependabot to consider it.
INFO <job_0000000000> The `latest` tag points to the same image as the `3.5` image, so dependabot is treating `v3.5.2` as a pre-release. The `latest` tag needs to point to `v3.5.2` for Dependabot to consider it.
INFO <job_0000000000> The `latest` tag points to the same image as the `3.5` image, so dependabot is treating `v3.5.3` as a pre-release. The `latest` tag needs to point to `v3.5.3` for Dependabot to consider it.
INFO <job_0000000000> Latest version is v3.5.0
HEAD https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/v3.5.0
401 https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/v3.5.0
GET https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
200 https://auth.docker.io:443/token?service=registry.docker.io&scope=repository%3Avektra%2Fmockery%3Apull&account
HEAD https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/v3.5.0
200 https://registry.hub.docker.com:443/v2/vektra/mockery/manifests/v3.5.0
INFO <job_0000000000> No update needed for vektra/mockery v3.5.0
Where the most relevant part is:
INFO <job_0000000000> The `latest` tag points to the same image as the `3.5` image, so dependabot is treating `v3.5.3` as a pre-release. The `latest` tag needs to point to `v3.5.3` for Dependabot to consider it.
Expected behavior
I expect Dependabot to be able to create a PR to update it from v3.5.0 to v3.5.3 (which is the newest as of writing this)
Mockery version
v3.5.0
Installation Mechanism
- []
go get - [] Pre-built release
- [] homebrew
- Other: Docker image from Dockerhub
Go version
N/A