Open sajayantony opened 1 year ago
/cc @FeynmanZhou @yizha1
There is another request for attaching artifacts to a multi-arch image with ORAS raised by an ORAS user @SamirPS described in https://github.com/oras-project/oras/issues/813. Designing a full user story for multi-arch image distribution (pull, push, discover, attach) in ORAS sounds reasonable to me.
There is another request for attaching artifacts to a multi-arch image with ORAS raised by an ORAS user @SamirPS described in #813. Designing a full user story for multi-arch image distribution (pull, push, discover, attach) in ORAS sounds reasonable to me.
Composing an index is easy and the composed index can be output to stdout for uploading like:
oras index my.reg/repo tag1 tag2 dgst2 --subject tag3 | oras manifest push -
Platform info can be easily obtained from the predecessor manifest's config, the tricky part is customizing descriptor annotations in manifests
. e.g. we can found that the annotations of oras mac build doesn't all presented in the referring index.
I don't have any idea to accommodate the need for selectively add annotation into the index, I suggest we can introduce the index composing feature first.
oras push
and oras attach
should support --platform
to allow user bake artifacts with platform metadata, see https://github.com/oras-project/oras/issues/1066appending
scenario, oras should not do garbage collection.Adding 2 scripts to show the challenges https://gist.github.com/sajayantony/0c9d6436c03d531b1bbebe43249381cf and from @theory https://gist.github.com/theory/7dc164e5772cae652d838a1c508972ae#file-push_trunk
This special case of composition scenario might need a index merge
command:
The tool chain I used is listed as below
✗ docker version
Client: Docker Engine - Community
Version: 27.1.0
API version: 1.46
Go version: go1.21.12
Git commit: 6312585
Built: Fri Jul 19 17:43:11 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.1.0
API version: 1.46 (minimum version 1.24)
Go version: go1.21.12
Git commit: a21b1a2
Built: Fri Jul 19 17:43:11 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.19
GitCommit: 2bf793ef6dc9a18e00cb12efb64355c2c9d5eb41
runc:
Version: 1.1.1
GitCommit: v1.1.0-20-g52de29d7
docker-init:
Version: 0.19.0
GitCommit: de40ad0
I run docker build
and docker save
and got below manifest:
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.index.v1+json",
"manifests": [
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:f4c8fbb580a9de23437857b686a96394451e5bd66c464ba025d09c8aee3de9d6",
"size": 665,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:cea0a71c4a8214c54e655c587607687a112ab1ed852a68add9863fbbb1b93774",
"size": 566,
"annotations": {
"vnd.docker.reference.digest": "sha256:f4c8fbb580a9de23437857b686a96394451e5bd66c464ba025d09c8aee3de9d6",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
}
]
}
Worth pointing out that even though I was trying to build a single arch image, still the builder(buildx) generates me an index, whose manifests
field points to the image manifest and attestation manifest. The experience should apply to all users building from non-overlayfs image store (in my case, containerd image store)
To better help such user compose multi-arch image from those indexes. We can add a new command to accept index references and flatten the input into one index. Comparing to index create
, the advantages are
vnd.docker.reference.digest
and vnd.docker.reference.type
) will be kept.
What is the version of your ORAS CLI
1.0.0
What would you like to be added?
As artifacts become increasingly accepted, it would be useful for ORAS to support multi-arch artifacts as well. There are already some standard conventions of tools like homebrew implementing this.
Multi-arch manifest below - https://explore.ggcr.dev/?image=ghcr.io%2Fhomebrew%2Fcore%2Foras:1.0.1
Each binary is uploaded with the following manifest
Why is this needed for ORAS?
ORAS does not have CLI commands to author a manifest. Being able to author this multi arch manifest or index-based manifest would enable artifact authors to use ORAS CLI for scenarios like above.
Things to keep in mind
Composotion
Appending
Consider appending a remote manifest and add a new item to the index
Note
artifactType
in some registries and hence we should consider if tools need this even through it will be a part of the image spec./cc @siggy