Open cgwalters opened 2 years ago
Currently we have separate APIs for "un-encapsulate an ostree commit" and "pull a possibly layered image".
The former supports GPG verification, the latter does not.
Today rpm-ostree always uses the layered path, and so we get e.g.:
[root@cosa-devsh ~]# rpm-ostree rebase --experimental ostree-remote-registry:fedora:quay.io/coreos-assembler/fcos:next-devel Pulling manifest: ostree-remote-image:fedora:docker://quay.io/coreos-assembler/fcos:next-devel error: Fetching manifest: Cannot currently verify layered containers via ostree remote [root@cosa-devsh ~]#
There's a bunch of code in https://github.com/ostreedev/ostree-rs-ext/pull/123 that unifies the logic between unencapsulation and layered images. I think once that merges we can (and should) fix this.
Maybe a quick short term hack is: if we get ostree-remote-registry, then assume the image isn't layered.
ostree-remote-registry
Nah, that's too ugly to live. Let's try to fix this with #123
Currently we have separate APIs for "un-encapsulate an ostree commit" and "pull a possibly layered image".
The former supports GPG verification, the latter does not.
Today rpm-ostree always uses the layered path, and so we get e.g.:
There's a bunch of code in https://github.com/ostreedev/ostree-rs-ext/pull/123 that unifies the logic between unencapsulation and layered images. I think once that merges we can (and should) fix this.