search

genuinetools / img

Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder.
https://blog.jessfraz.com/post/building-container-images-securely-on-kubernetes/
MIT License
3.88k stars 229 forks source link

pull: resolve the image config and set it on stored image #326

Closed mitchellh closed 3 years ago

mitchellh commented 3 years ago

Fixes #199 Related to #234

Previously pull would not properly retain the image configuration which contains the entrypoint, working directory, user, and more. This resulted in broken images if they were pulled then subsequently pushed.

This commit fetches the image config, which must be done separately, and then ensures that the configuration is set on the exported image into the local img state store.

Note that the config that is stored is an OCI image config and NOT a Docker config so the digest is still not equivalent but the encoding of this is in BuildKit and not img so I think this is fine.

mitchellh commented 3 years ago

If this gets accepted, I believe this can be used to fix #316. I can fix that as well once this is merged (since we'll have the created at time that we can update in the image store DB).

claudio-vellage commented 3 years ago

Can you guys prioritize this? I want to adopt img, but #199 is blocking. I could implement a workaround, but the purpose of img is to be a drop-in replacement for docker, so it would be nice if it just worked out of the box. If there's anything I can do to speed up merging this PR, I'm willing to help. Thanks in advance for all your efforts, this tool looks great!