Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

accept docker media types #1162

Merged
merged 4 commits into from
May 16, 2024
Merged

accept docker media types #1162

merged 4 commits into from
May 16, 2024

Conversation

bdehamer
Copy link
Collaborator

When an image is pushed to a registry, the tagged manifest may use any of a number of different content types:

application/vnd.oci.image.index.v1+json
application/vnd.oci.image.manifest.v1+json
application/vnd.docker.distribution.manifest.v2+json
application/vnd.docker.distribution.manifest.list.v2+json

When the OCI client in this package goes to verify the image digest, it needs to explicitly identify the different content types that it will accept. If the content type which was used to push the image is not present in the Accept header of the request, the repository will return a 404 -- making it appear it seem that the image does not exist.

The change here is simply to expand the list of media types sent in the Accept header to encompass ALL of the types we may encounter in the wild -- ensuring that we can resolve the image regardless of its associated media type.

See: actions/attest-build-provenance#73

@bdehamer
accept docker media types
a91c1c4 
Signed-off-by: Brian DeHamer <bdehamer@github.com>
@bdehamer bdehamer requested a review from a team as a code owner May 14, 2024 21:57
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented May 14, 2024
edited
Loading

🦋 Changeset detected

Latest commit: a7dcff5

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@sigstore/oci Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

ejahnGithub
ejahnGithub approved these changes May 16, 2024
View reviewed changes
Copy link
Contributor

@ejahnGithub ejahnGithub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm! should we also contain these 2

  • application/vnd.docker.image.rootfs.diff.tar.gzip
  • application/vnd.docker.container.image.v1+json

https://github.com/opencontainers/image-spec/blob/dd33f727e2faea07432ef6f06d6f9afe73f3f519/media-types.md?plain=1#L60-L78

@bdehamer bdehamer merged commit fa50bae into main May 16, 2024
26 of 28 checks passed
@bdehamer bdehamer deleted the bdehamer/oci-accept branch May 16, 2024 17:01
@bdehamer
Copy link
Collaborator Author

@ejahnGithub

gtm! should we also contain these 2

  • application/vnd.docker.image.rootfs.diff.tar.gzip
  • application/vnd.docker.container.image.v1+json

Those media types may be used when retrieving blobs, but would never appear in response to the /manifests API so are not relevant here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ejahnGithub ejahnGithub ejahnGithub approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bdehamer @ejahnGithub