image
is a set of Go libraries aimed at working in various way with
containers' images and container image registries.
The containers/image library allows application to pull and push images from container image registries, like the docker.io and quay.io registries. It also implements "simple image signing".
The containers/image library also allows you to inspect a repository on a
container registry without pulling down the image. This means it fetches the
repository's manifest and it is able to show you a docker inspect
-like json
output about a whole repository or a tag. This library, in contrast to docker inspect
, helps you gather useful information about a repository or a tag
without requiring you to run docker pull
.
The containers/image library also allows you to translate from one image format to another, for example docker container images to OCI images. It also allows you to copy container images between various registries, possibly converting them as necessary, and to sign and verify images.
The containers/image project is only a library with no user interface;
you can either incorporate it into your Go programs, or use the skopeo
tool:
The skopeo tool uses the
containers/image library and takes advantage of many of its features,
e.g. skopeo copy
exposes the containers/image/copy.Image
functionality.
This library ships as a Go module.
If you want to see what the library can do, or an example of how it is called, consider starting with the skopeo tool instead.
To integrate this library into your project, include it as a Go module,
put it into $GOPATH
or use your preferred vendoring tool to include a copy
in your project. Ensure that the dependencies documented in go.mod
are also available (using those exact versions or different versions of
your choosing).
This library also depends on some C libraries. Either install them:
Fedora$ dnf install gpgme-devel libassuan-devel # potentially also ostree-devel
macOS$ brew install gpgme
or use the build tags described below to avoid the dependencies (e.g. using go build -tags …
)
containers_image_docker_daemon_stub
: Don’t import the docker-daemon:
transport in github.com/containers/image/transports/alltransports
, to decrease the amount of required dependencies. Use a stub which reports that the transport is not supported instead.containers_image_openpgp
: Use a Golang-only OpenPGP implementation for signature verification instead of the default cgo/gpgme-based implementation;
the primary downside is that creating new signatures with the Golang-only implementation is not supported.containers_image_ostree
: Import ostree:
transport in github.com/containers/image/transports/alltransports
. This builds the library requiring the libostree
development libraries. Otherwise a stub which reports that the transport is not supported gets used. The github.com/containers/image/ostree
package is completely disabled
and impossible to import when this build tag is not in use.containers_image_storage_stub
: Don’t import the containers-storage:
transport in github.com/containers/image/transports/alltransports
, to decrease the amount of required dependencies. Use a stub which reports that the transport is not supported instead.containers_image_fulcio_stub
: Don't import sigstore/fulcio code, all fulcio operations will return an error codecontainers_image_rekor_stub
: Don't import sigstore/reckor code, all rekor operations will return an error codeInformation about contributing to this project.
When developing this library, please use make
(or make … BUILDTAGS=…
) to take advantage of the tests and validation.
Apache License 2.0
SPDX-License-Identifier: Apache-2.0