containers: pullEgressInterceptorImage uses name:tag@digest form — docker drops the tag, workerd then fails to find the image

[com6056]

What versions & operating system are you using?

• wrangler: 4.84.1 (also reproduced on 4.72.0)
• miniflare: 4.20260421.0
• workerd: 1.20260421.1
• Docker CE 29.4.1 (native daemon, not Docker Desktop)
• Ubuntu 24.04 / Linux 6.17.0

Describe the Bug

On a host without cloudflare/proxy-everything pre-cached, a worker with containers + egress interception fails at runtime with:

✘ [ERROR] Uncaught Error: No such image available named cloudflare/proxy-everything:3cb1195@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8. Please ensure the container egress interceptor image is built and available.

…despite wrangler logging ⎔ Preparing container image(s)... / Downloaded newer image / ⎔ Container image(s) ready during startup. The pull appears to succeed, but workerd still can't find the image.

Root cause

pullEgressInterceptorImage invokes:

await runDockerCmd(dockerPath, ["pull", image, "--platform", "linux/amd64"]);
// image = "cloudflare/proxy-everything:3cb1195@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8"

When docker is handed a composite name:tag@digest reference, it fetches by digest and silently drops the tag — the image lands in the local store as an untagged entry, addressable only by digest. workerd then asks docker for the original name:tag@digest and gets "no such image" because there's no name:tag in the repo at all.

Minimal reproduction

$ docker pull cloudflare/proxy-everything:3cb1195@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8 --platform linux/amd64
...
Status: Downloaded newer image for cloudflare/proxy-everything@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8
docker.io/cloudflare/proxy-everything:3cb1195@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8

$ docker images cloudflare/proxy-everything
IMAGE   ID   DISK USAGE   CONTENT SIZE   EXTRA
# (empty — no tagged image)

$ docker image inspect cloudflare/proxy-everything@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8 --format '{{.RepoTags}} {{.RepoDigests}}'
[] [cloudflare/proxy-everything@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8]

Note: RepoTags=[]. The 3cb1195 tag was not applied.

Confirming the workaround:

$ docker pull cloudflare/proxy-everything:3cb1195 --platform linux/amd64
...
$ docker images cloudflare/proxy-everything
cloudflare/proxy-everything:3cb1195   7cdb883de642   15.2MB

Now wrangler dev no longer hits the "No such image available" error.

Impact

Any worker using containers with egress interception (e.g. allowedHosts / interceptOutboundHttp) breaks in wrangler dev on any host that didn't already have the cloudflare/proxy-everything:3cb1195 tag cached. Cache-hit machines accidentally dodge the bug; clean machines hit it 100% of the time. This makes it flaky and hard to diagnose (the pull looks like it worked).

Suggested fix

Either:

1. Drop the digest pinning from the pull command but keep it elsewhere (pull as name:tag, and keep the name:tag@digest form for workerd's lookup):

   const pullRef = image.replace(/@sha256:[a-f0-9]+$/, "");
   await runDockerCmd(dockerPath, ["pull", pullRef, "--platform", "linux/amd64"]);

   Digest verification at pull time is lost, but workerd's lookup still pins by digest so content is still verified before use.

2. After pulling by digest, explicitly tag:

   const digestOnly = image.replace(/:[^@]+@/, "@");   // strip the tag piece
   const tagOnly    = image.replace(/@sha256:[a-f0-9]+$/, "");
   await runDockerCmd(dockerPath, ["pull", digestOnly, "--platform", "linux/amd64"]);
   await runDockerCmd(dockerPath, ["tag",  digestOnly, tagOnly]);

Happy to send a PR with whichever direction you prefer.

Workaround

For anyone else hitting this while a fix is pending: miniflare reads MINIFLARE_CONTAINER_EGRESS_IMAGE as an override for both the pull and the workerd config. Setting it to just the tag (no digest) works around both halves of the bug:

export MINIFLARE_CONTAINER_EGRESS_IMAGE=cloudflare/proxy-everything:3cb1195

Please provide any relevant error logs

[wrangler:info] ⎔ Preparing container image(s)...
docker.io/cloudflare/proxy-everything@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8: Pulling from cloudflare/proxy-everything
bc1da058f299: Pull complete
c27657e384b3: Pull complete
93bb89c5c4e0: Pull complete
Status: Downloaded newer image for cloudflare/proxy-everything@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8
⎔ Container image(s) ready
[wrangler:info] Ready on http://0.0.0.0:8788
✘ [ERROR] Uncaught Error: No such image available named cloudflare/proxy-everything:3cb1195@sha256:0ef6716c52430096900b150d84a3302057d6cd2319dae7987128c85d0733e3c8. Please ensure the container egress interceptor image is built and available.
Error checking if container is ready: connect(): Container ingress proxy is not running.
(repeats for every sandbox request)

[emily-shen]

Hi, thanks for the report!

I can't reproduce this/we have tests that run in a clean environment in CI as well. When workerd creates the container and gets the image by name:tag@digest, i think docker also drops the tag portion and therefore it would still resolve. But I suppose it could be a problem with a specific environment?

does this pre-release fix things for you?
npm i https://pkg.pr.new/wrangler@13720

[com6056]

Thanks @emily-shen!

Quick note on the "I think docker also drops the tag portion and therefore it would still resolve" assumption, that's not the behavior we observed; docker treats the composite reference as a strict (name + tag + digest) identifier on lookup. Concretely, before the fix, with cloudflare/proxy-everything:3cb1195@sha256:0ef6... already pulled by the original code path:

$ docker image inspect cloudflare/proxy-everything:3cb1195@sha256:0ef6...
[]
Error response from daemon: No such image: cloudflare/proxy-everything:3cb1195

$ docker image inspect cloudflare/proxy-everything@sha256:0ef6...
[
    {
        ...
        "RepoTags": [],   ← tag portion was dropped during pull
        "RepoDigests": ["cloudflare/proxy-everything@sha256:0ef6..."]
    }
]

i.e. lookup-by-name-only-with-digest works, but lookup-by-composite-name:tag@digest doesn't, because there is no :3cb1195 tag attached to that image locally. workerd was using the composite form (per its error message "No such image available named cloudflare/proxy-everything:3cb1195@sha256:0ef6..."), so it failed.

Tested PR #13720 against our setup, works. Two ways:

1. Manually replicated the patched logic (pull by digest, then docker tag) and verified that docker image inspect cloudflare/proxy-everything:3cb1195@sha256:0ef6... now resolves with both RepoTags and RepoDigests populated. That's the lookup workerd does, so the fix unblocks it.

2. Installed the pre-release: npm i https://pkg.pr.new/wrangler@13720. Confirmed pullEgressInterceptorImage in the bundled wrangler-dist/cli.js matches the PR diff exactly:

async function pullEgressInterceptorImage(dockerPath) {
  const image = getEgressInterceptorImage();
  const digestRef = image.replace(/:[^@]+@/, "@");
  await runDockerCmd(dockerPath, ["pull", digestRef, "--platform", "linux/amd64"]);
  const tagRef = image.replace(/@sha256:[a-f0-9]+$/, "");
  if (tagRef !== image) {
    await runDockerCmd(dockerPath, ["tag", digestRef, tagRef]);
  }
}

One small clarification on the changeset note: we also saw this on Docker 28.x with the traditional (non-containerd) image store, not just 29.x. Specifically Docker CE 28.5.1 and 29.1.3 both reproduce the original failure on Linux/amd64 native daemon (no containerd image store snapshotter enabled). If your CI happens to pull-by-composite-then-immediately-use within the same container or under a docker config that retains tags differently, you might dodge it, but on a stock Linux Docker Engine this manifests reliably any time the image isn't already cached locally.

Happy to ship this once it lands in stable. Thanks for the quick turnaround on the fix!