reg icon indicating copy to clipboard operation
reg copied to clipboard
verified publisher icon genuinetools

Also support manifest lists (multi-arch docker images, docker apps)

Open ndeloof opened this issue 6 years ago • 5 comments

ndeloof avatar Aug 28 '19 07:08 ndeloof

can you add a test to verify this works, pulling one from docker hub should suffice, thanks!

jessfraz avatar Sep 16 '19 22:09 jessfraz

added a test case to inspect a docker app of mine pushed as OCI index list on docker hub

ndeloof avatar Sep 18 '19 21:09 ndeloof

Added a test case pulling a docker app of mine.

some additional notes

without extended Accept header, multi-arch docker image busybox manifest is served by DockerHub as application/vnd.docker.distribution.manifest.v2+json:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
     "mediaType": "application/vnd.docker.container.image.v1+json",
     "size": 1497,
     "digest": "sha256:19485c79a9bbdca205fce4f791efeaa2a103e23431434696cc54fdd939e9198d"
   },
   "layers": [
     {
       "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
       "size": 760770,
       "digest": "sha256:7c9d20b9b6cda1c58bc4f9d6c401386786f584437abbe87e58910f8a9a15386b"
     }
   ]
 }

which is actually the manifest for the linux/amd64 flavour of this image.

With additional "manifest list" Accept header DockerHub do serve manifest for the same busybox image as application/vnd.docker.distribution.manifest.list.v2+json:

{
   "manifests": [
     {
       "digest": "sha256:dd97a3fe6d721c5cf03abac0f50e2848dc583f7c4e41bf39102ceb42edfd1808",
       "mediaType": "application\/vnd.docker.distribution.manifest.v2+json",
       "platform": {
         "architecture": "amd64",
         "os": "linux"
       },
       "size": 527
     },
...       
   ],
   "mediaType": "application\/vnd.docker.distribution.manifest.list.v2+json",
   "schemaVersion": 2
 }

Then reg can be used to get manifest for the target architecture using busybox@sha256:dd97a3fe6d721c5cf03abac0f50e2848dc583f7c4e41bf39102ceb42edfd1808

So this PR will change reg behaviour for multi-architecture images, which is actually correct from a pure OCI manifest management point of view, but may be a breaking change for users.

Maybe we should just introduce a CLI option so that end-user can select Manifest type to query by registry API ? I suggest using --index to enable manifest list (a.k.a OCI index) and --oci to force OCI compliance mode. Maybe we could also offer even more control with --media-type so end user can explicitly set Accept header being used?

ndeloof avatar Sep 19 '19 09:09 ndeloof

Just notice this PR is duplicating https://github.com/genuinetools/reg/pull/191

ndeloof avatar Sep 19 '19 15:09 ndeloof

@ndeloof Is there any way to extend this into the server command of reg as well? I'm reading through the code and can't quite figure out how I'd go about an update of this nature.

I'm not a go dev and this feels like it might be easier for someone who's got more experience with such things.

mcrosson avatar Dec 02 '19 23:12 mcrosson