cbgbt
commented
1 month ago ^ force push to address comment from @bcressey
Closed cbgbt closed 1 month ago
cbgbt
commented
1 month ago ^ force push to address comment from @bcressey
cbgbt
commented
1 month ago ^ force push to rebase
cbgbt
commented
1 month ago Now that krane is bundled in to twoliter, there's some cleanup that we can do on oci-cli-wrapper (or maybe we can just eliminate it) because we needed to provide an interface that worked for both docker and krane and they didn't play nice in some cases
I was thinking about this too. For now I've opted to keep the interface in case we regret the decision to use krane or want to shop around, or re-introduce the ability to override it at runtime.
I'm definitely open to removing it or favoring a more pleasant API in the future though!
Issue number:
Closes #362 Closes #352
Description of changes: The Kit metadata version bump is motivated by #384, which will begin to introduce application inventory that includes an RPM packages "Epoch" value and refrain from special-casing
bottlerocket-core-kit. This change will cause unexpected advisory evaluation behavior for downstream workspaces which depend on core-kit but use an older version of Twoliter when core-kit bumps the epoch of all packages.When introducing the version bump, Twoliter's integration tests began to fail because they depend on existing published kits, so this PR additionally:
kranetool with Twoliter, obviating the need to use system-provided OCI toolingTesting done:
bottlerocket-os/bottlerocketwith this change directly, I get the following message:Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.