Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-33571

[RHEL EPIC] Container tools support for OCI artifacts - RHEL 10.0 Beta

XMLWordPrintable

    • [RHEL EPIC] Container tools support for OCI artifacts - RHEL 10.0 Beta
    • Hide

      The following needs to be verified in order for this epic to be considered complete:

      • TBD
      Show
      The following needs to be verified in order for this epic to be considered complete: TBD
    • Red Hat Enterprise Linux
    • sst_container_tools
    • 13
    • False
    • Hide

      None

      Show
      None
    • Yes
    • QE ack, Dev ack, Docs ack, PXE ack
    • Enhancement
    • TBD

      Description

      SME: Nalin Dahyabhi

      Non-image content can be added to OCI image manifests via the OCI artifacts specification, opening up numerous use cases and allowing us to use an OCI registry as generic blob storage.

      Goals

      Container tools should work with the OCI artifact use cases that our internal and external stakeholders require.

      Requirements

      Podman can add content as OCI artifacts to a manifest. Skopeo can retrieve artifacts from a registry. 

       

      SME: Nalin Dahyabhi

      Initial Buildah PR: https://github.com/containers/buildah/pull/5301

      From Nalin Dahyabhi
      Typically, an image index is populated by running `podman manifest add`
      or `buildah manifest add`, and providing it with the name of the image
      index and the location of a container image to add to the index.

      Newer versions of both tools now recognize a `--artifact` option, which
      signifies that the item being specified for addition to the image index
      is not a container image, but a local file which should be added to the
      index as an artifact. Under the covers, an _artifact manifest_describing the file is generated and the image index is updated to list
      the artifact manifest.

      Files which are added to indexes as artifacts are not container images,
      so they are not described using MIME types which are associated with
      container images. The new `{}artifact-type` and `{-}-artifact-layer-type`
      flags can be used to exercise control over which types are used, but
      they are not required. Both `podman manifest inspect` and `buildah
      manifest inspect` will now provide information about the contents of
      artifact manifests which are listed in image indexes.

      When an image index is pushed to a registry, the images and artifacts
      which it lists are also pushed to the registry if either `buildah
      manifest push` or `podman manifest push` are passed the `--all` flag, or
      by default if `podman push` is used to push the index to the registry.

      At this time, support for pushing artifacts and artifact manifests
      directly, i.e., not only as items listed in image indexes, and support
      for retrieving artifacts with `podman pull` or `buildah pull`, have not
      been implemented.

            tsweeney@redhat.com Tom Sweeney
            tsweeney@redhat.com Tom Sweeney
            Container Runtime Eng Bot Container Runtime Eng Bot
            Container Runtime Bugs Bot Container Runtime Bugs Bot
            Gabriela Necasova Gabriela Necasova
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: