Add PutSignaturesWithFormat/GetSignaturesWithFormat to OCI layout #2934
Conversation
Signed-off-by: Ayato Tokubi <[email protected]>
There was a problem hiding this comment.
Thanks! Just a very brief skim for now; overall the code / structure looks reasonable… but the need to deal with updated config files change would make things more complex.
Note to self: compare https://github.com/containers/image/issues/2854 .
|
Thank you for the feedback! I will get back to this after some of my other urgent tasks are settled. |
|
Hello @bitoku, We’ve recently migrated this repository into a new monorepo: containers/container-libs along with other repositories Could you move this PR to that repo, please? It should involve only re-applying the changes in an Let me know if you are facing any issues, I’d be happy to help with the logistics. You can read more about the migration and the reasoning behind it in our blog post: Upcoming migration of three containers repositories to monorepo. Thanks again! |
|
@mtrmac Thank you for letting me know! |
2 participants
This PR adds PutSignaturesWithFormat/GetSignaturesWithFormat support to OCI layout.
The general idea is tag-based discovery, same as sigstore signature discovery.
It stores the signature with annotation
org.opencontainers.image.ref.name: "sha256-<hash>.sig", which can be used as a tag. https://specs.opencontainers.org/image-spec/image-layout/#IMAGE-SPEC-IMAGE-LAYOUT-19Please let me know what you think about this change. thanks