Skip to content

Sync common files from infra repository #101

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
bootc-bot wants to merge 1 commit into from
Closed

Sync common files from infra repository #101

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 4 additions & 47 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,48 +1,5 @@
# Rust bindings for accessing the Go containers/image stack
# Common synchronized files

This crate contains a Rust API that forks `/usr/bin/skopeo` and
talks to it via a custom API. You can use it to fetch container
images in a streaming fashion.

At the time of this writing, you will need skopeo 1.6.0 or later.

# Why?

First, assume one is operating on a codebase that isn't Go, but wants
to interact with container images - we can't just include the Go containers/image
library.

The primary intended use case of this is for things like
[ostree-containers](https://github.com/ostreedev/ostree-rs-ext/issues/18)
where we're using container images to encapsulate host operating system
updates, but we don't want to involve the [containers/image](github.com/containers/image/)
storage layer.

What we *do* want from the containers/image library is support for things like
signatures and offline mirroring. More on this below.

Forgetting things like ostree exist for a second - imagine that you wanted to
encapsulate a set of Debian/RPM/etc packages inside
a container image to ship for package-based operating systems. You could use this to stream
out the layer containing those packages and extract them directly, rather than serializing
everything to disk in the containers/storage disk location, only to copy it out again and delete the first.

Another theoretical use case could be something like [krustlet](https://github.com/deislabs/krustlet),
which fetches WebAssembly blobs inside containers. Here again, we don't want to involve
containers/storage.

# Desired containers/image features

There are e.g. Rust libraries like [dkregistry-rs](https://github.com/camallo/dkregistry-rs) and
[oci-distribution](https://crates.io/crates/oci-distribution) and similar for other languages.

However, the containers/image Go library has a lot of additional infrastructure
that will impose a maintenance burden to replicate:

- Signatures (`man containers-auth.json`)
- Mirroring/renaming (`man containers-registries.conf`)
- Support for `~/.docker/config.json` for authentication as well as `/run`

# Status

API is subject to change.
Files placed in this repository are automatically
synchronized (via a pull request) to all repositories
in the bootc-dev organization.