Replace docker.io as the default registry with <local> #448
Conversation
|
@baude @TomSweeneyRedHat @mheon @runcom @mtrmac WDYT This would change the default for |
|
@nalind WDYT |
|
|
|
Sure I would be fine with image:latest as well. but the code is putting a "/" in in that case and gets an invalid name. |
rhatdan
changed the title
rhatdan
changed the title
Signed-off-by: Daniel J Walsh <[email protected]>
|
@runcom Do you know why git is failing? |
rhatdan
changed the title
|
Is there a reason it is |
|
@mheon Just this is the way the it worked in docker.io. |
|
@rhatdan I'm just worried about |
|
@mheon I would say lets get this in first and then we can look at that. |
|
FWIW the |
There was a problem hiding this comment.
As discussed yesterday, allowing this kind of input for containers-storage: may well make sense.
Wholesale redefining the meaning of existing strings without considering each individual string <-> c/image/docker/reference.* conversion is not really practical.
| {"//busybox", "docker.io/library/busybox:latest"}, // Default tag | ||
| {"//busybox:notlatest", "<local>/library/busybox:notlatest"}, // Explicit tag | ||
| {"//busybox" + sha256digest, "<local>/library/busybox" + sha256digest}, // Explicit digest | ||
| {"//busybox", "<local>/library/busybox:latest"}, // Default tag |
There was a problem hiding this comment.
This still essentially breaks the world; skopeo inspect docker://busybox will no longer do anything useful.
| {"busybox:latest", "", "docker.io/library/busybox:latest"}, // Explicit tag | ||
| {"busybox@" + sha256digest, "", "docker.io/library/busybox@" + sha256digest}, // Explicit digest | ||
| {"busybox:latest", "", "<local>/library/busybox:latest"}, // Explicit tag | ||
| {"busybox@" + sha256digest, "", "<local>/library/busybox@" + sha256digest}, // Explicit digest |
There was a problem hiding this comment.
See the long comment in docker/tarfile/Destination.PutManifest, this would break interoperability with projectatomic/docker.
| @@ -136,7 +136,7 @@ var prmExactMatchTestTable = []prmSymmetricTableTest{ | |||
| {"busybox" + digestSuffix, "busybox" + digestSuffix, true}, // NOTE: This is not documented; signing digests is not recommended at this time. | |||
| // Non-canonical reference format is canonicalized | |||
| {"library/busybox:latest", "busybox:latest", true}, | |||
| {"docker.io/library/busybox:latest", "busybox:latest", true}, | |||
| {"<local>/library/busybox:latest", "busybox:latest", true}, | |||
There was a problem hiding this comment.
This redefines the meaning of existing signatures, e.g. https://rhelblog.redhat.com/2016/07/22/container-image-signing/ shows a reference that does not contain a host name.
(Recent code uses the fully explicit format in created signatures, I’m afraid that hasn’t been originally the case.)
|
i.e. basically replace the That could be simpler to do on top of #426, which eliminates a fair amount of redundancy in the |
|
Can we get #426 merged? |
|
CLosing this PR in favor of containers/buildah#648 |
Signed-off-by: Daniel J Walsh [email protected]