Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

spec: Multi-arch image management with ORAS #1514

Open
wants to merge 17 commits into
base: main
Choose a base branch
from

Conversation

FeynmanZhou
Copy link
Member

@FeynmanZhou FeynmanZhou commented Oct 15, 2024

What this PR does / why we need it:

Add a spec: Multi-arch image management with ORAS

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #1053

Preview: https://github.com/FeynmanZhou/oras/blob/multi-arch/docs/proposals/multi-arch-image-mgmt.md

Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Copy link

codecov bot commented Oct 16, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.23%. Comparing base (1d60e22) to head (ced0413).
Report is 29 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1514      +/-   ##
==========================================
- Coverage   85.97%   84.23%   -1.74%     
==========================================
  Files         118      120       +2     
  Lines        4228     5392    +1164     
==========================================
+ Hits         3635     4542     +907     
- Misses        354      604     +250     
- Partials      239      246       +7     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To make the spec more professional, please proofread the spec and fix formatting issues.

docs/proposals/img/multi-arch.png Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
docs/proposals/multi-arch-image-mgmt.md Outdated Show resolved Hide resolved
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
Signed-off-by: Feynman Zhou <[email protected]>
@FeynmanZhou FeynmanZhou requested a review from shizhMSFT December 9, 2024 08:58
Signed-off-by: Feynman Zhou <[email protected]>
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but you need to fix the check failure.

@@ -63,16 +63,15 @@ The proposed CLI commands for managing a multi-arch image are listed below. The

- Create a multi-arch image: `oras manifest index create`
- Update a multi-arch image: `oras manifest index update`
- Inspect a multi-arch image: `oras manifest fetch`. Add two alias `oras manifest inspect` and `oras manifest show` for usability
- Add annotations to a multi-arch image: `oras manifest create --annotation`
- Add annotations to a multi-arch image during creation: `oras manifest index create --annotation`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: do you want to make it a sub-item of "Create a multi-arch image: oras manifest index create"?

Copy link

@tarilabs tarilabs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you for drawing my attention to this, @FeynmanZhou ! 🙏

some very optional comments below, I hope these helps!

- **crane(Backed by Google)**: provides a single command [crane index append](https://github.com/google/go-containerregistry/blob/main/cmd/crane/recipes.md#create-a-multi-platform-image-from-scratch) to compose an image index
- **regctl (Individual)** provides [regctl index add/create/delete](https://github.com/regclient/regclient/blob/main/docs/regctl.md#index-commands) to creates or manages OCI Indexes and Manifest Lists
- **manifest-tool (Individual from AWS):** create docker manifest list or OCI image index in a registry by using the [manifest-tool push command with either a YAML file describing the images to assemble or by using a series of parameters](https://github.com/estesp/manifest-tool?tab=readme-ov-file#sample-usage).
- **skopeo (Backed by Red Hat)**: doesn’t support OCI image index and docker manifest list

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you may want to consider as well in here Buildah, which I would say positions in between Skopeo and Podman


## Target users

For users who need to create, store, update, and push multi-arch images locally and in OCI registries. The primary user persona is cloud-native developers.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this statement be expanded to consider use-cases for typical ORAS users for Artifacts, wdyt?

The reason I'm saying this: as a ORAS user, I typically make use of ORAS to manage OCI Artifact, not specifically Images.

Therefore, I think if this paragraph could possibly be expanded to mention some typical examples that explain when as an Artifact consumer/producer when/how you would need this Image functionality. Just an idea! :)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @tarilabs , we are considering the multi-arch artifact management experience. There are a few GitHub issues to track. Would you mind sharing any scenarios of multi-arch artifact from your side?


## Investigation on other client tools and industry

Most of popular container client tools support create and push a multi-arch image using docker manifest list or OCI image index format, but these tools **require users to push platform-specific image push to the registry separately**. They don’t provide native support for local environment.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

require users to push platform-specific image push to the registry separately

I suspect buildx is the most popular tool for building multi-arch images, and it's a big exception to this. Also regctl artifact put --index will push the artifact and add it to an index in a single operation.

They don’t provide native support for local environment.

Could you expand on this? I'm not sure what it means.

- **crane(Backed by Google)**: provides a single command [crane index append](https://github.com/google/go-containerregistry/blob/main/cmd/crane/recipes.md#create-a-multi-platform-image-from-scratch) to compose an image index
- **regctl (Individual)** provides [regctl index add/create/delete](https://github.com/regclient/regclient/blob/main/docs/regctl.md#index-commands) to creates or manages OCI Indexes and Manifest Lists
- **manifest-tool (Individual from AWS):** create docker manifest list or OCI image index in a registry by using the [manifest-tool push command with either a YAML file describing the images to assemble or by using a series of parameters](https://github.com/estesp/manifest-tool?tab=readme-ov-file#sample-usage).
- **skopeo (Backed by Red Hat)**: doesn’t support OCI image index and docker manifest list

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

skopeo consumes and copies content with these manifests, but it doesn't have features to generate or modify them.

- [docker buildx imagetool](https://docs.docker.com/reference/cli/docker/buildx/imagetools/)
- [docker manifest create](https://docs.docker.com/reference/cli/docker/manifest/)
- **podman (Backed by Red Hat)**: similar with `docker manifest`, it provides `podman manifest` with subcommands to create and manipulate manifest lists and image indexes
- **crane(Backed by Google)**: provides a single command [crane index append](https://github.com/google/go-containerregistry/blob/main/cmd/crane/recipes.md#create-a-multi-platform-image-from-scratch) to compose an image index

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm also seeing crane index filter to remove entries.


### Inspect a multi-arch image

Add two alias `show` and `inspect`:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we elaborate more on why this is needed? Is it to inform users the purpose of the command or is it more intuitive for users to input the command?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Support multi-arch image/artifact push
8 participants