image manifest: support use as artifact #1030
Conversation
AaronFriel
requested review from
jonjohnsonjr,
jonboulle,
stevvooe,
sudo-bmitch,
sajayantony,
vbatts and
cyphar
as code owners
AaronFriel
force-pushed
the
friel/modest-proposal
branch
from
4466869 to
561de2d
Compare
AaronFriel
force-pushed
the
friel/modest-proposal
branch
from
561de2d to
1164748
Compare
AaronFriel
force-pushed
the
friel/modest-proposal
branch
from
1164748 to
78a5b0d
Compare
considerations.md
Outdated
| @@ -1,7 +1,8 @@ | |||
| # Extensibility | |||
|
|
|||
| Implementations that are reading/processing [manifests](manifest.md) or [image indexes](image-index.md) MUST NOT generate an error if they encounter an unknown property. | |||
| Instead they MUST ignore unknown properties. | |||
| Implementations storing or copying content MUST NOT generate error if they encounter an unknown manifest media type (e.g.: [image manifest](manifest.md)) or an unknown property in a manifest. | |||
There was a problem hiding this comment.
"MUST NOT generate error if they encounter an unknown manifest" implies the MANIFEST_UNKNOWN error code in distribution spec is no longer valid. I don't think we can do that since it's not how any registry I'm aware of works today, everyone validates the manifest media type.
I would like to say "Implementations storing or copying content MUST NOT modify or alter the content in a way that would change the digest of the content."
There was a problem hiding this comment.
🙏 thank you for the feedback, @sudo-bmitch. Will #1043 merge today or early next week so I can rebase and incorporate these changes?
There was a problem hiding this comment.
That's a question for the other maintainers. We can merge once we get two approvals.
There was a problem hiding this comment.
I've pulled this out into a separate PR, replacing the line with yours
descriptor.md
Outdated
| @@ -18,7 +18,8 @@ The following fields contain the primary properties that constitute a Descriptor | |||
|
|
|||
| - **`mediaType`** *string* | |||
|
|
|||
| This REQUIRED property contains the media type of the referenced content. | |||
| This REQUIRED property MUST contain the media type of the referenced content unless this descriptor is the `config` property of an [image manifest](manifest.md). | |||
There was a problem hiding this comment.
I don't think we need this with the addition of artifactType and the scratch media type.
AaronFriel
force-pushed
the
friel/modest-proposal
branch
from
78a5b0d to
3128c4a
Compare
manifest.md
Outdated
| @@ -31,6 +31,7 @@ Unlike the [image index](image-index.md), which contains information about a set | |||
| This OPTIONAL property contains the type of an artifact when the manifest is used for an artifact. | |||
| This MUST be set when `config.mediaType` is set to the [scratch value](#example-of-a-scratch-config-or-layer-descriptor). | |||
| If defined, the value MUST comply with [RFC 6838][rfc6838], including the [naming requirements in its section 4.2][rfc6838-s4.2], and MAY be registered with [IANA][iana]. | |||
| An encountered `artifactType` that is unknown to the implementation MUST NOT generate an error. | |||
There was a problem hiding this comment.
This makes sense for storing and distributing artifacts. But for tooling that processes an artifact, they may reject unknown types. E.g. if a tool parses an SBOM in json formats, and the artifactType is for an xml format, that tool should be allowed to generate an error. Or helm told to deploy something that is not a helm chart.
manifest.md
Outdated
| @@ -83,7 +87,7 @@ Unlike the [image index](image-index.md), which contains information about a set | |||
| - [`application/vnd.oci.image.layer.nondistributable.v1.tar+gzip`](layer.md#gzip-media-types) | |||
|
|
|||
| Manifests concerned with portability SHOULD use one of the above media types. | |||
| An encountered `mediaType` that is unknown to the implementation MUST be ignored. | |||
| An encountered `mediaType` that is unknown to the implementation MUST NOT generate an error. | |||
There was a problem hiding this comment.
Image runtimes should be allowed to generate an error if they cannot process the layers. Same for artifact processing tools that encounter an unexpected layer (e.g. helm trying to process a gif layer).
There was a problem hiding this comment.
How would you phrase that distinction?
Does it make sense for us to define consumers (runtimes) vs distributors (registries, proxies) somewhere?
There was a problem hiding this comment.
We say "implementations storing or copying content" above. That phrasing could work here too.
AaronFriel
force-pushed
the
friel/modest-proposal
branch
4 times, most recently
from
fc5ba71 to
557926c
Compare
Signed-off-by: Aaron Friel <[email protected]>
AaronFriel
force-pushed
the
friel/modest-proposal
branch
from
557926c to
77efc6e
Compare
Signed-off-by: Aaron Friel <[email protected]>
|
I'd want to hear from registry operators about this before adding my own review. I could understand some of them concerned that they must accept unknown content and the only blocks that are being permitted are deny lists rather than allow lists. |
|
Writing up my thoughts here since I have been mulling on this for quite some time and feel I owe a response to @AaronFriel who has been on multiple calls. We do have customers who do want to limit the types that the registry should accept. This doesn't mean much since you can masquerade anything as an image. Implementations have already shown that. The main issue I'm reading here is that there must be a way for artifact authors to get a sense that OCI registries are the way to store artifacts and not worry that their type would be rejected and my feeling is that it's a distribution spec issue as the image-manifest already calls out how an artifact may be represented. I'm not sure if rewording of 'MUST be ignored' to 'MUST not generate an error' would change any implementation behaviors, but https://github.com/opencontainers/image-spec/pull/1030/files#diff-8f83bd1bc119af1add2e038b7c3aeade8b3845efed06a6971d1ee8740d7a3325R150 does add the fix for OCI layout which can be used for artifacts as well. |
| @@ -248,7 +248,7 @@ Note: Any OPTIONAL field MAY also be set to null, which is equivalent to being a | |||
| This field is used to mark if the history item created a filesystem diff. | |||
| It is set to true if this history item doesn't correspond to an actual layer in the rootfs section (for example, Dockerfile's [ENV](https://docs.docker.com/engine/reference/builder/#/env) command results in no change to the filesystem). | |||
|
|
|||
| Any extra fields in the Image JSON struct are considered implementation specific and MUST be ignored by any implementations which are unable to interpret them. | |||
| Any extra fields in the Image JSON struct are considered implementation specific and MUST NOT generate an error by any implementations which are unable to interpret them. | |||
There was a problem hiding this comment.
👍 This has been a confusing line
| @@ -1,7 +1,12 @@ | |||
| # Extensibility | |||
|
|
|||
| Implementations that are reading/processing [manifests](manifest.md) or [image indexes](image-index.md) MUST NOT generate an error if they encounter an unknown property. | |||
| Instead they MUST ignore unknown properties. | |||
| Implementations storing or copying content MUST NOT modify or alter the content in a way that would change the digest of the content. Examples of these implementations include: | |||
There was a problem hiding this comment.
While I agree with this sentence regarding altering of content, it could be straying away from the topic whether to generate errors or not
There was a problem hiding this comment.
Agreed, this feels like a distribution-spec concern, not an image-spec concern -- a registry that intentionally modifies content pushed to it has some interesting potential use cases, and wouldn't be compliant to the distribution spec, but absolutely could be image-spec complaint, and that would be OK, I think?
|
@sajayantony interesting. It's like the customers (and their tools) would need an endpoint or HTTP headers to discover what types are accepted. If it can vary per customer or even per registry repo ... |
Implementations lack any information to determine whether the
configproperty of an Image Manifest describes theartifactTypeof the manifest, or the media type of the referenced content. This is necessitated by the removal of artifact manifest (#999) and addition of scratch descriptors (#1023) to support artifacts.If #999 is withdrawn, this pull request should be withdrawn as well and #1028 considered instead.