-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use artifactType from image manifest #395
Use artifactType from image manifest #395
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some thoughts ...
spec.md
Outdated
@@ -489,7 +489,8 @@ When pushing a manifest with the `subject` field and the [referrers API](#listin | |||
1. If the tag returns a 404, the client MUST begin with an empty image index. | |||
1. Verify the descriptor for the manifest is not already in the referrers list (duplicate entries SHOULD NOT be created). | |||
1. Append a descriptor for the pushed manifest to the manifests in the referrers list. | |||
The value of the `artifactType` MUST be set to the config descriptor `mediaType` in the image manifest. | |||
The value of the `artifactType` MUST be set to the `artifactType` value in the image manifest. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems confusing that the artifactType MUST be set to the artifactType field of the image manifest .. or if nil/unset must be set to the config descriptor mediaType..
Indicates it may be set in both places and that they can be inconsistent..
If both we should talk about the rules here .. such that you can't have both and sometimes one is used and other times the other is used.. depending. Does set/unset logic apply? I didn't check the schema. I'm thinking if both are set they must be the same or it's an error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are we saying/proposing at least one of these must be set and not nil (in this push manifest with subject case)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm looking for the right wording to say artifactType must be set, and the value is the manifest artifactType if defined, otherwise it falls back to the config.mediaType, so there's a precedence to document. The config.mediaType is always defined in the image-spec.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
kk let's go to chat.. :-)
lgtm |
76c05c6
to
ac7c527
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From the perspective of the consumer of the API does it matter if the match is made on the config descriptor mediaType
or the artifactType
?
I guess if someone codes a client which handles a limited types of artifacts it doesn't matter, because he can handle each case individually by verifying the artifactType value, but I think there should be a way to distinguish the source of the artifact type value in the reply itself to handle more generic cases.
spec.md
Outdated
@@ -555,7 +556,8 @@ If the request is invalid, such as a `<digest>` with an invalid syntax, a `400 B | |||
|
|||
Upon success, the response MUST be a JSON body with an image index containing a list of descriptors. | |||
Each descriptor is of an image manifest in the same `<name>` namespace with a `subject` field that specifies the value of `<digest>`. | |||
The descriptors MUST include an `artifactType` field that is set to the value the configuration descriptor's `mediaType` for an image manifest. | |||
The descriptors MUST include an `artifactType` field that is set to the value of the `artifactType` in the image manifest. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This part doesn't seem to be consistent with the image spec proposal. In the image spec the 'artifactType' is only mandatory if the config descriptor mediaType
is scratch.
So if an image has a non-scratch config descriptor mediaType
and an artifactType
, it makes sense for anyone reading the manifest to ignore the artifactType
altogether, including the registry implementation.
Or else the registry may return an artifactType
matching the artifactType
, and after the artifact is copied locally, another tool with a different implementation may only look at the config descriptor.
That is unless we make sure the artifactType
is absent from any image having a non-scratch config descriptor mediaType
. Meaning the image spec mandates artifactType
and non-scratch config descriptor mediaTypes
are mutually exclusive.
I'm looking at it from a progressive upgrade with backwards compatibility. An existing artifact that has a dedicated config blob and media type can continue using that to avoid impacting existing clients. A new artifact that needs a config blob, but also wants a specific artifactType can do that, and find itself using that artifactType. And a new artifact without a config blob is required to specify an artifactType because "scratch" isn't the real artifact type. I'm hoping that artifacts with a specific type will be created according to some spec from that artifact producer, and have the fields set consistently according to their spec (e.g. all Helm charts follow a Helm spec). From the listing we shouldn't care how the artifactType value was determined, only that it has a specific value that we want. |
@sudo-bmitch |
@andaaron the goal of the phrasing is to say "check artifactType first, and fall back to using config.mediaType". Suggestions for better wording in the spec is welcome, because I'm not happy with it either. |
I'm fine with the wording as long as the other consumers of the image spec use the same rationale when reading a manifest. That was my concern. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with if present language on the MUST requirement
b1f810e
@mikebrow can I get a re-approve? (adding jons suggestion dismissed your review) |
Signed-off-by: Brandon Mitchell <[email protected]>
c6e8f6e
to
72a5455
Compare
This has been updated with the changes from today's meeting. PTAL. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This updates the guidance to use the
artifactType
value first, and fall back to theconfig.mediaType
when determining theartifactType
to set in the referrers response. This should be merged after opencontainers/image-spec#1043 is approved.