This allows the selection to be consistent across GetManifest and
GetSignatures (which will be needed by Docker lookaside).
The API change causes lots of churn, but ultimately it just moves the
real origin of the value from image.FromSource() to transport.NewImageSource(),
both of which are static for the life of the ImageSource.
Does not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
... instead of Docker-specific certPath and tlsVerify.
Also invert the sense of tlsVerify to make the default secure.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This improves the dockerReference encapsulation, and makes it more clear
that the reference.IsNameOnly case can not happen.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This minimizes transport-specific knowledge in image name parsing
(as in cmd/skopeo/utils.go) and allows separation of reference parsing
and their use.
Existing public NewImage... API has been removed; callers are expected
to use any of
* types.ImageTransport.ParseReference().NewImage...
(if they have a general string)
* transportpackage.ParseReference().NewImage...
(if they have a transport-specific string)
* transportpackage.NewReference().NewImage...
(if they have transport-specific raw values)
This usually adds an extra error checking step for the
ParseReference/NewReference call compared to the previous code; this is
considered not a big loss, especially because reporting “the reference
is invalid” and “the reference looks valid but connecting/using it
failed” as distinct failure modes seems quite useful for users.
The references are currently one-way (you can get a types.Image* from an
ImageReference, but not the other way around); that will be fixed soon.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This is somewhat better typed, and avoids unnecessary roundtrips using
strings when both the producer and consumer want a reference.Named value
(like in PolicyContext.requirementsForImage).
This also forces us to explicitly handle IntendedDockerReference()
returning nil, when before we could rely on it returning "", which would
then be rejected by reference.ParseNamed as invalid input; anyway,
handling that case specially just allows for better error messages.
This adds two FIXMEs about error messages which do not tell the user
which image is being rejected; that will be fixed in the future
generalized reference work.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
The tag is a derived value from the reference, so storing it separately
is redundant.
More importantly, this also modifies CanonicalDockerReference and
IntendedDockerReference to call the reference.Named.String() method for
formatting, so that we no longer corrupt
busybox@sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6
to busybox:sha256:a599…
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
OpenShift returns "application/json; charset=utf-8"; with greatest
respect to the strict need to care about character encoding, we don't
want to get into the business of implementing support for charset
encoding, so just drop that on the floor.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add support to mark images for deletion from repository
Requires:
* V2 API and schema
* registry configured to allow deletes
* run registry garbage collection to free up disk space
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Compute the digest ourselves, the registry is in general untrusted and
computing it ourserlves is easy enough.
The stop passing the unverifiedCanonicalDigest value around, simplifying
ImageSource.GetManifest and related code. In particular, remove
retrieveRawManifest and have internal users just call Manifest() now that
we don't need the digest.
Does not change behavior. This is a straightforward move and update of
package references, except for:
- Adding a duplicate definition of manifestSchema1 to
cmd/skopeo/copy.go. This will need to be cleaned up later, for now
preferring to make no design changes in this commit.
- Renaming parseDockerImage to NewDockerImage, to both make it public
and consistent with common golang conventions.
Miloslav Trmač