-
Notifications
You must be signed in to change notification settings - Fork 183
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
spec: Multi-arch image management with ORAS #1514
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1514 +/- ##
==========================================
- Coverage 85.97% 84.23% -1.74%
==========================================
Files 118 120 +2
Lines 4228 5392 +1164
==========================================
+ Hits 3635 4542 +907
- Misses 354 604 +250
- Partials 239 246 +7 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To make the spec more professional, please proofread the spec and fix formatting issues.
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but you need to fix the check failure.
@@ -63,16 +63,15 @@ The proposed CLI commands for managing a multi-arch image are listed below. The | |||
|
|||
- Create a multi-arch image: `oras manifest index create` | |||
- Update a multi-arch image: `oras manifest index update` | |||
- Inspect a multi-arch image: `oras manifest fetch`. Add two alias `oras manifest inspect` and `oras manifest show` for usability | |||
- Add annotations to a multi-arch image: `oras manifest create --annotation` | |||
- Add annotations to a multi-arch image during creation: `oras manifest index create --annotation` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: do you want to make it a sub-item of "Create a multi-arch image: oras manifest index create
"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thank you for drawing my attention to this, @FeynmanZhou ! 🙏
some very optional comments below, I hope these helps!
- **crane(Backed by Google)**: provides a single command [crane index append](https://github.com/google/go-containerregistry/blob/main/cmd/crane/recipes.md#create-a-multi-platform-image-from-scratch) to compose an image index | ||
- **regctl (Individual)** provides [regctl index add/create/delete](https://github.com/regclient/regclient/blob/main/docs/regctl.md#index-commands) to creates or manages OCI Indexes and Manifest Lists | ||
- **manifest-tool (Individual from AWS):** create docker manifest list or OCI image index in a registry by using the [manifest-tool push command with either a YAML file describing the images to assemble or by using a series of parameters](https://github.com/estesp/manifest-tool?tab=readme-ov-file#sample-usage). | ||
- **skopeo (Backed by Red Hat)**: doesn’t support OCI image index and docker manifest list |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you may want to consider as well in here Buildah, which I would say positions in between Skopeo and Podman
|
||
## Target users | ||
|
||
For users who need to create, store, update, and push multi-arch images locally and in OCI registries. The primary user persona is cloud-native developers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could this statement be expanded to consider use-cases for typical ORAS users for Artifacts, wdyt?
The reason I'm saying this: as a ORAS user, I typically make use of ORAS to manage OCI Artifact, not specifically Images.
Therefore, I think if this paragraph could possibly be expanded to mention some typical examples that explain when as an Artifact consumer/producer when/how you would need this Image functionality. Just an idea! :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @tarilabs , we are considering the multi-arch artifact management experience. There are a few GitHub issues to track. Would you mind sharing any scenarios of multi-arch artifact from your side?
|
||
## Investigation on other client tools and industry | ||
|
||
Most of popular container client tools support create and push a multi-arch image using docker manifest list or OCI image index format, but these tools **require users to push platform-specific image push to the registry separately**. They don’t provide native support for local environment. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
require users to push platform-specific image push to the registry separately
I suspect buildx is the most popular tool for building multi-arch images, and it's a big exception to this. Also regctl artifact put --index
will push the artifact and add it to an index in a single operation.
They don’t provide native support for local environment.
Could you expand on this? I'm not sure what it means.
- **crane(Backed by Google)**: provides a single command [crane index append](https://github.com/google/go-containerregistry/blob/main/cmd/crane/recipes.md#create-a-multi-platform-image-from-scratch) to compose an image index | ||
- **regctl (Individual)** provides [regctl index add/create/delete](https://github.com/regclient/regclient/blob/main/docs/regctl.md#index-commands) to creates or manages OCI Indexes and Manifest Lists | ||
- **manifest-tool (Individual from AWS):** create docker manifest list or OCI image index in a registry by using the [manifest-tool push command with either a YAML file describing the images to assemble or by using a series of parameters](https://github.com/estesp/manifest-tool?tab=readme-ov-file#sample-usage). | ||
- **skopeo (Backed by Red Hat)**: doesn’t support OCI image index and docker manifest list |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
skopeo consumes and copies content with these manifests, but it doesn't have features to generate or modify them.
- [docker buildx imagetool](https://docs.docker.com/reference/cli/docker/buildx/imagetools/) | ||
- [docker manifest create](https://docs.docker.com/reference/cli/docker/manifest/) | ||
- **podman (Backed by Red Hat)**: similar with `docker manifest`, it provides `podman manifest` with subcommands to create and manipulate manifest lists and image indexes | ||
- **crane(Backed by Google)**: provides a single command [crane index append](https://github.com/google/go-containerregistry/blob/main/cmd/crane/recipes.md#create-a-multi-platform-image-from-scratch) to compose an image index |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm also seeing crane index filter
to remove entries.
|
||
### Inspect a multi-arch image | ||
|
||
Add two alias `show` and `inspect`: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we elaborate more on why this is needed? Is it to inform users the purpose of the command or is it more intuitive for users to input the command?
What this PR does / why we need it:
Add a spec: Multi-arch image management with ORAS
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #1053
Preview: https://github.com/FeynmanZhou/oras/blob/multi-arch/docs/proposals/multi-arch-image-mgmt.md