mtrmac
commented
1 year ago Thanks for reaching out.
I’m afraid there isn’t any CLI option to exclude those layers right now.
You could probably do this by manually editing the image, using skopeo copy docker://… dir:$tmp, removing the attestation entries from $tmp/manifest.json, and then using skopeo copy --format v2s2 dir:$tmp docker://…. Possibly automating that with a shell script.
If these images become more widespread, we should consider handling that conversion automatically (silently???)
Note to self: Format reference is https://docs.docker.com/build/attestations/attestation-storage/ ; the index contains pseudo-“platform” instances with the usual not-quite-an-artifact type (image config, non-image layer).
niroowns
Hi,
I am trying to copy a container image that is in OCI format from one registry and save/push it to another via the v2s2 format. The main problem is that the destination registry doesn't support OCI format yet. The command is getting on stuck what appears to be an attestation layer. Are there any work arounds for this? Thanks in advance.
Command used: skopeo --tls-verify=false copy --format v2s2 docker://cloudability/metrics-agent:2.11.12 docker://registry.xxx.com/cloudability/metrics-agent:2.11.12 --all --remove-signatures --debug
Errors: DEBU[0008] Writing manifest using preferred type application/vnd.docker.distribution.manifest.v1+prettyjws failed: creating an updated image manifest: Unknown media type during manifest conversion: "application/vnd.in-toto+json" FATA[0008] copying image 4/6 from manifest list: creating an updated image manifest: Unknown media type during manifest conversion: "application/vnd.in-toto+json"