Room 335 & Online
Same Zoom as the OCI Dev Call!
https://zoom.us/my/opencontainers?pwd=S2tJVGVra0dYdlZCRjJwdXdPdGRQQT09
Passcode: 77777
Monday, October 24
10am to 12pm Eastern
v1.0.2...v1.1.0-rc1
to consider as a v1.0.3 candidate. From that the difficulty will be adding commit that bumps the version in version.go
. This commit could not exist in main …+zstd
or whatever compression suffix. Use Annotations or similar to differentiate the nature of that document. Additionally, this sounds like a good place for a library to make life easier for implementors to not re-create the wheel over and over. Similar to some of the other OCI ``*-tools` repos.Status: The state of the Open Containers Initiative (OCI) is strong.
Big Shout-Out to the reference-types WG, their project is finished, the work group disbanded. Their content, wrt. spec changes has been merged into the image-spec and distribution-spec repositories.
Release candidates have been published:
A map of what needs to happen next:
Spec project updates to the various conformance test buckets to cover the changes.
registries
docker run --rm -it -p 127.0.0.1:5000:5000 ghcr.io/oci-playground/registry:latest
clients for build, resolve, push, pull, cache, … need to do their thing updating to the new specifications
higher level spec changes are needed to build on / take advantage of new artifacts and the referrers API
A flushing out of the release candidate spec changes needs to occur by the registry providers and client tooling, receiving feedback from the implementors
Artifact Providers
Other projects that were on an earlier trajectory wrt using legacy OCI specs for new artifacts.. and are hopefully moving to the r.next OCI specs
{
artifactType: "application/spdx", // undefined IANA media type
blobs: [
{
mediaType: "application/spdx+json",
// or "application/json", possibly compressed
// ...
},
{
mediaType: "application/spdx+xml",
// ...
}
]
}
{
artifactType: "application/spdx+json",
blobs: [
{
mediaType: "application/spdx+json",
// same media type for both blob and artifactType?
// ...
}
]
}
{
artifactType: "application/spdx+json",
blobs: [
{
mediaType: "application/gzip",
// or "application/spdx+json+gzip"
// ...
}
]
}
{
artifactType: "application/sbom", // undefined IANA media type
blobs: [
{
mediaType: "application/spdx+json",
// compressed?
// ...
},
{
mediaType: "application/spdx+xml",
// ...
},
{
mediaType: "application/vnd.cyclonedx+json",
// ...
},
{
mediaType: "application/vnd.cyclonedx+xml",
// ...
},
],
annotations: {
// indicate what kinds of blobs are included for filtering?
}
}
alpine
-> docker.io/library/alpine:latest
docker.io/library/alpine:3@sha256:bc41182d7ef5ffc53a40b044e725193bc10142a1243f395ee852a8d9730fc2ad
oci:dirname
oci-dir:dirname
ocidir://dirname:v3
oci-layout://dirname
docker.io/library/oci:dirname
):tag
and/or @sha256:...
<scheme>://<host or empty>/<path>
.
for the host to indicate a relative path (<scheme>://./<path>
)<scheme>://
as the path so <scheme>:///<path>
is an absolute path and <scheme>://<path>
is relativeCurrent Docker method:
/v2
API to get the type of authPossible improvements:
/v2
ping and directly call APIExisting issues
Helpful diagrams etc. (shout out jon johnson)
We need to document the lifetime of credentials for each registry (or cloud even).
This should have a working group (vbatts)