change checkdigest to use crane manifest and calculate digest

pkg/lambda/check_digest.go

@@ -1,21 +1,26 @@
 package lambda
 
 import (
+	"crypto/sha256"
+	"encoding/hex"
 	"log"
 	"strings"
 
-	"github.com/google/go-containerregistry/pkg/authn"
-	"github.com/google/go-containerregistry/pkg/name"
-	"github.com/google/go-containerregistry/pkg/v1/remote"
+	"github.com/google/go-containerregistry/pkg/crane"
+	v1 "github.com/google/go-containerregistry/pkg/v1"
 )
 
 func getDigest(source string) (string, error) {
-	ref, err := name.ParseReference(source)
-	if err != nil {
-		panic(err)
+
+	params := crane.Options{
+		Platform: &v1.Platform{
+			Architecture: "amd64",
+			OS:           "linux",
+		},
 	}
+	opts := []crane.Option{crane.WithPlatform(params.Platform)}
 
-	img, err := remote.Image(ref, remote.WithAuthFromKeychain(authn.DefaultKeychain))
+	manifest, err := crane.Manifest(source, opts...)
 	if err != nil && strings.Contains(err.Error(), "unsupported MediaType: \"application/vnd.docker.distribution.manifest.v1") {
 		return "", nil
 	}
@@ -24,22 +29,11 @@ func getDigest(source string) (string, error) {
 		return "", nil
 	}
 
-	if err != nil {
-		panic(err)
-	}
+	hash := sha256.New()
+	hash.Write(manifest)
+	digest := "sha256:" + hex.EncodeToString(hash.Sum(nil))
 
-	digest, err := img.Digest()
-	if err != nil && strings.Contains(err.Error(), "unsupported MediaType: \"application/vnd.docker.distribution.manifest.v1") {
-		return "", nil
-	}
-	if err != nil && strings.Contains(err.Error(), "You have reached your pull rate limit.") {
-		log.Printf("Pull rate limit exceeded for %s", source)
-		return "", nil
-	}
-	if err != nil {
-		panic(err)
-	}
-	return digest.String(), err
+	return digest, err
 }
 
 func checkNoDigest(imageName string, resultPublicRepoTags *[]string, resultsFromEcr *map[string]ecrResults) (result []string, err error) {