dotnet · joperezr · Jul 24, 2024 · Jul 24, 2024 · eerhardt · Jul 24, 2024
diff --git a/src/Aspire.Hosting.SqlServer/SqlServerBuilderExtensions.cs b/src/Aspire.Hosting.SqlServer/SqlServerBuilderExtensions.cs
@@ -27,7 +27,8 @@ public static IResourceBuilder<SqlServerServerResource> AddSqlServer(this IDistr
         var sqlServer = new SqlServerServerResource(name, passwordParameter);
         return builder.AddResource(sqlServer)
                       .WithEndpoint(port: port, targetPort: 1433, name: SqlServerServerResource.PrimaryEndpointName)
-                      .WithImage(SqlServerContainerImageTags.Image, SqlServerContainerImageTags.Tag)
+                      .WithImage(SqlServerContainerImageTags.Image)
+                      .WithImageSHA256(SqlServerContainerImageTags.Digest)
                       .WithImageRegistry(SqlServerContainerImageTags.Registry)
                       .WithEnvironment("ACCEPT_EULA", "Y")
                       .WithEnvironment(context =>

diff --git a/src/Aspire.Hosting.SqlServer/SqlServerContainerImageTags.cs b/src/Aspire.Hosting.SqlServer/SqlServerContainerImageTags.cs
@@ -7,5 +7,6 @@ internal static class SqlServerContainerImageTags
 {
     public const string Registry = "mcr.microsoft.com";
     public const string Image = "mssql/server";
-    public const string Tag = "2022-latest";
+    // Tracking tag: 2022-latest. NOTE: latest  digest fails the tests. We need to investigate.
+    public const string Digest = "sha256:c4369c38385eba011c10906dc8892425831275bb035d5ce69656da8e29de50d8";
 }
@@ -504,7 +504,7 @@ public void VerifyTestProgramFullManifest()
                 "sqlserver": {
                   "type": "container.v0",
                   "connectionString": "Server={sqlserver.bindings.tcp.host},{sqlserver.bindings.tcp.port};User ID=sa;Password={sqlserver-password.value};TrustServerCertificate=true",
-                  "image": "{{SqlServerContainerImageTags.Registry}}/{{SqlServerContainerImageTags.Image}}:{{SqlServerContainerImageTags.Tag}}",
+                  "image": "{{SqlServerContainerImageTags.Registry}}/{{SqlServerContainerImageTags.Image}}@{{SqlServerContainerImageTags.Digest}}",
                   "env": {
                     "ACCEPT_EULA": "Y",
                     "MSSQL_SA_PASSWORD": "{sqlserver-password.value}"

@@ -55,7 +55,7 @@ public async Task AddSqlServerContainerWithDefaultsAddsAnnotationMetadata()
         Assert.Equal("tcp", endpoint.UriScheme);
 
         var containerAnnotation = Assert.Single(containerResource.Annotations.OfType<ContainerImageAnnotation>());
-        Assert.Equal(SqlServerContainerImageTags.Tag, containerAnnotation.Tag);
+        Assert.Equal(SqlServerContainerImageTags.Digest, containerAnnotation.SHA256);
         Assert.Equal(SqlServerContainerImageTags.Image, containerAnnotation.Image);
         Assert.Equal(SqlServerContainerImageTags.Registry, containerAnnotation.Registry);
 
@@ -135,7 +135,7 @@ public async Task VerifyManifest()
             {
               "type": "container.v0",
               "connectionString": "Server={sqlserver.bindings.tcp.host},{sqlserver.bindings.tcp.port};User ID=sa;Password={sqlserver-password.value};TrustServerCertificate=true",
-              "image": "{{SqlServerContainerImageTags.Registry}}/{{SqlServerContainerImageTags.Image}}:{{SqlServerContainerImageTags.Tag}}",
+              "image": "{{SqlServerContainerImageTags.Registry}}/{{SqlServerContainerImageTags.Image}}@{{SqlServerContainerImageTags.Digest}}",
               "env": {
                 "ACCEPT_EULA": "Y",
                 "MSSQL_SA_PASSWORD": "{sqlserver-password.value}"
@@ -175,7 +175,7 @@ public async Task VerifyManifestWithPasswordParameter()
             {
               "type": "container.v0",
               "connectionString": "Server={sqlserver.bindings.tcp.host},{sqlserver.bindings.tcp.port};User ID=sa;Password={pass.value};TrustServerCertificate=true",
-              "image": "{{SqlServerContainerImageTags.Registry}}/{{SqlServerContainerImageTags.Image}}:{{SqlServerContainerImageTags.Tag}}",
+              "image": "{{SqlServerContainerImageTags.Registry}}/{{SqlServerContainerImageTags.Image}}@{{SqlServerContainerImageTags.Digest}}",
               "env": {
                 "ACCEPT_EULA": "Y",
                 "MSSQL_SA_PASSWORD": "{pass.value}"

diff --git a/tests/Aspire.Microsoft.Data.SqlClient.Tests/SqlServerContainerFixture.cs b/tests/Aspire.Microsoft.Data.SqlClient.Tests/SqlServerContainerFixture.cs
@@ -20,7 +20,7 @@ public async Task InitializeAsync()
         if (RequiresDockerAttribute.IsSupported)
         {
             Container = new MsSqlBuilder()
-                            .WithImage($"{SqlServerContainerImageTags.Registry}/{SqlServerContainerImageTags.Image}:{SqlServerContainerImageTags.Tag}")
+                            .WithImage($"{SqlServerContainerImageTags.Registry}/{SqlServerContainerImageTags.Image}@{SqlServerContainerImageTags.Digest}")
                             .Build();
             await Container.StartAsync();
         }