Issue with image pulling version for Azure Web App

Question

Issue with image pulling version for Azure Web App

Sandy Liu Yang 20

I have an Azure web app. I’m trying to deploy from GitHub action, but the pulling image fails as the error showing below:

I checked the original type is : application/vnd.oci.image.index.v1+json, I don’t know why the app treat it as application/vnd.docker.distribution.manifest.v1+json and shows the error.

Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-06T05:25:00.3766667+00:00

Hi @Sandy Liu Yang

Try pushing the image in Docker format using docker buildx build --platform linux/amd64 --output=type=docker . before pushing to Azure.
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-06T06:19:44.14+00:00

What command or GitHub Actions workflow steps were used to build and push the image?

Where is the image stored? (Azure Container Registry, Docker Hub, or another registry?

What is the exact SKU and OS type of the Azure Web App? (Linux vs. Windows)?

By the way, what type of application are you deploying? (e.g., Node.js, .NET, Python, etc.)?
Sandy Liu Yang 20 Reputation points

2025-03-06T10:11:46.3166667+00:00

Hey,

I was using the following code to build and push the image:
- name: Build and push container image to registry

uses: docker/build-push-action@v6 # v5.0.0

with:

push: true

tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}

file: ./Dockerfile

The image is stored in GitHub Container Registry.
The SKU is Basic B1 and the OS type is Linux.

I tried to add provenance: false to the action above to force my image type becomes application/vnd.docker.distribution.manifest.v2+json. It's working now. I'm confused why another app we have can accept vnd.oci.image, but why this app cannot? Is there any rule that specify the image type the app can accept?
Sandy Liu Yang 20 Reputation points

2025-03-06T13:22:17.3433333+00:00

Thanks @Sirra Sneha for the explanation.
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-07T09:34:11.1333333+00:00

Hi @Sandy Liu Yang

Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-11T05:20:16.6733333+00:00

Hi @Sandy Liu Yang

Following up to check if the issue is resolved or if you need any further assistance. Let me know how it's going!
Sandy Liu Yang 20 Reputation points

2025-03-11T10:41:09.84+00:00

Hi @Sirra Sneha , all solved, thanks. Do I need to close this question?
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-11T10:46:12.7766667+00:00

Hi @Sandy Liu Yang ,

Check the solution I've provided and please click Accept Answer and kindly upvote it.

Accepted answer

0 additional answers

Your answer

Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-06T05:25:00.3766667+00:00

Hi @Sandy Liu Yang

Try pushing the image in Docker format using docker buildx build --platform linux/amd64 --output=type=docker . before pushing to Azure.
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-06T06:19:44.14+00:00

What command or GitHub Actions workflow steps were used to build and push the image?

Where is the image stored? (Azure Container Registry, Docker Hub, or another registry?

What is the exact SKU and OS type of the Azure Web App? (Linux vs. Windows)?

By the way, what type of application are you deploying? (e.g., Node.js, .NET, Python, etc.)?
Sandy Liu Yang 20 Reputation points

2025-03-06T10:11:46.3166667+00:00

Hey,

I was using the following code to build and push the image:
- name: Build and push container image to registry

uses: docker/build-push-action@v6 # v5.0.0

with:

push: true

tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}

file: ./Dockerfile

The image is stored in GitHub Container Registry.
The SKU is Basic B1 and the OS type is Linux.

I tried to add provenance: false to the action above to force my image type becomes application/vnd.docker.distribution.manifest.v2+json. It's working now. I'm confused why another app we have can accept vnd.oci.image, but why this app cannot? Is there any rule that specify the image type the app can accept?
Sandy Liu Yang 20 Reputation points

2025-03-06T13:22:17.3433333+00:00

Thanks @Sirra Sneha for the explanation.
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-07T09:34:11.1333333+00:00

Hi @Sandy Liu Yang

Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-11T05:20:16.6733333+00:00

Hi @Sandy Liu Yang

Following up to check if the issue is resolved or if you need any further assistance. Let me know how it's going!
Sandy Liu Yang 20 Reputation points

2025-03-11T10:41:09.84+00:00

Hi @Sirra Sneha , all solved, thanks. Do I need to close this question?
Sirra Sneha 550 Reputation points Microsoft External Staff Moderator

2025-03-11T10:46:12.7766667+00:00

Hi @Sandy Liu Yang ,

Check the solution I've provided and please click Accept Answer and kindly upvote it.

Answer 1

Hi @Sandy Liu Yang ,

Glad to hear that adding provenance: false worked !

The reason one app accepts vnd.oci.image.index.v1+json while another does not is likely due to differences in how Azure App Service handles container images based on:

Container Runtime Differences – Some Azure App Service SKUs may have varying support for OCI and Docker v2 image formats.
App Service Plan & OS Variations – Different regions, plans, or configurations might cause inconsistencies in image support.
Registry Handling – GitHub Container Registry (GHCR) defaults to pushing OCI images, but Azure App Service often expects Docker v2 schema images.

How to Resolve the Issue

If you want to ensure compatibility across all your Azure Web Apps, try the following:

Force Docker v2 Schema Format in GitHub Actions

Modify your GitHub Actions workflow to explicitly use Docker v2 format by adding provenance: false and setting output=type=docker:

- name: Build and push container image to registry
  uses: docker/build-push-action@v6
  with:
    push: true
    tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}
    file: ./Dockerfile
    provenance: false 
    outputs: type=docker

Verify the Image Manifest Type in GHCR
After pushing the image, check its manifest type using:

skopeo inspect --raw docker://ghcr.io/<your-repo>:<tag>

Look for "mediaType": "application/vnd.docker.distribution.manifest.v2+json".

Check if "WEBSITES_ENABLE_APP_SERVICE_STORAGE" is set to true (this can affect how Azure pulls images).

Hope this helps.

If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment

Share via

Issue with image pulling version for Azure Web App

0 additional answers

Your answer