Fix saving in oci format

[QiWang19]

• fix saving&loading oci format. Close Podman save oci-dir produces non-OCI layout #6544
• support loading using image name without "localhost/" prefix when reading from ociarchive/dir saved from this semantics

Signed-off-by: Daniel J Walsh [email protected]
Signed-off-by: Qi Wang [email protected]

[QiWang19]

replace #6562

[QiWang19]

@mtrmac PTAL
src, err := layout.NewReference(inputFile, ""), why thepodman load can work with "", but error if pass to name?
unable to pull oci:input_file:alpine: Error initializing source oci:input_file:alpine: no descriptor found for reference "alpine"

[mtrmac]

@QiWang19 "" means “verify that the index contains only one manifest, and use that one”. Passing a name allows reading from an index that contains any number of manifests, but the name must match the org.opencontainers.image.ref.name annotation exactly (that annotation is a string with allowed characters and no defined normalization semantics).

So, what’s the value of that annotation in the created index? Is it there at all? Does it perhaps say localhost/alpine or something like that?

[QiWang19]

hm,yes, if I load from the oci-dir it was saved, it says localhost/alpine

$ podman save --format oci-dir -o podman-dir alpine
$ podman load -i podman-dir alpine

$ podman images
REPOSITORY            TAG     IMAGE ID      CREATED      SIZE
localhost/podman-dir  latest  0f5f445df8cc  4 weeks ago  5.85 MB
localhost/alpine      latest  0f5f445df8cc  4 weeks ago  5.85 MB

[mtrmac]

That’s messy… the local image is named localhost/alpine in c/storage, and we do want to find that image when the user says alpine. So, using the localhost/alpine name when writing to the archive makes some sense.

OTOH when reading from the archive it’s not at all clean to automatically change the name, because the names in OCI don’t have any semantics like that.

Conceptually I think it would be clean to use just alpine when writing to oci-dir:, and because it is basically new with this PR, we could do that — but it is more important to me that oci-dir: and oci-archive: behave consistently, and we can’t quite change the behavior of oci-archive: now.

I suppose we could, when reading from the archive, try both the user input unmodified and user input with localhost/ prepended if there is no registry component.

[QiWang19]

Passing a name allows reading from an index that contains any number of manifests, but the name must match the org.opencontainers.image.ref.name annotation exactly (that annotation is a string with allowed characters and no defined normalization semantics).

The passing name error happens if org.opencontainers.image.ref.name contains a tag, it this expected?

podman save --format oci-dir -o podman-dir docker.io/library/alpine:3.5
podman load -i podman-dir docker.io/library/alpine:3.5
Error initializing source oci:podman-dir:docker.io/library/alpine: no descriptor found for reference "docker.io/library/alpine"

[mtrmac]

That doesn’t look expected — but it also suggests that the tag was stripped somewhere in Podman.

[rhatdan]

/approve

[QiWang19]

@mtrmac PTAL

[mtrmac]

ACK, just nits.

[mtrmac]

LGTM.

[QiWang19]

@rhatdan @mheon @vrothberg PTAL

[rhatdan]

/lgtm
/approve

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: QiWang19, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [rhatdan]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment