212d598ab1
fix go.mod and lint issues
...
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com >
2025-03-19 11:52:08 +01:00
d5d3d3d502
lint: apply x/tools/modernize fixes
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2025-03-07 16:37:24 -08:00
ccdf63c644
imagetools: avoid multiple tag pushes on create
...
Ensure only the final manifest is pushed by tag and intermediate
blobs are only pushed by digest to avoid tag temorarily pointing to
wrong image.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2025-02-24 16:48:15 -08:00
44fa243d58
vendor: update buildkit to v0.19.0-rc1
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2025-01-14 14:24:38 -08:00
d2c512a95b
lint: enable testifylint
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2024-11-20 10:53:11 -08:00
c0fd64f4f8
lint: enable linters from buildkit
...
Skipping errname and testifylint
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2024-11-19 17:51:24 -08:00
f374f64d2f
vendor: update buildkit to f7bda278b7e2
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2024-07-02 22:24:55 -07:00
3971361ed2
Pass in index annotations from builds on multiple nodes
...
Fixes #2540
Signed-off-by: Eli Treuherz <et@arenko.group >
2024-06-27 13:26:07 +01:00
c116af7b82
remove use of deprecated containerd/containerd/errdefs
...
This package has moved to a separate module. Also added linting
rules to prevent accidental reintroduction.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2024-06-12 01:12:59 +02:00
2061550bc1
Slightly refactored the mediaType check on single source so that now we return original bytes without filtering on mediaType, based on the preferIndex preference.
...
Signed-off-by: Tim Smith <tismith@rvohealth.com >
2024-05-29 14:20:53 -04:00
abf6c77d91
Add a --prefer-index flag that allows you to specify the preferred behavior when deciding on how to create an image/manifest from a single source.
...
Signed-off-by: Tim Smith <tismith@rvohealth.com >
2024-05-29 14:07:28 -04:00
0808747add
Added application/vnd.docker.distribution.manifest.v2+json mediatype to the list of mediatypes we return the original bytes for when calling *Resolver.Combine rather than adding it to a newly created manifest list
...
Signed-off-by: Tim Smith <tismith@rvohealth.com >
2024-05-28 23:01:14 -04:00
abff444562
Added test for imagetool inspect load
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com >
2024-03-05 13:56:46 -05:00
1d0b542b1b
Add unit test for SBOM and Provenance scanning
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com >
2024-03-05 13:15:21 -05:00
6c485a98be
Add tests for imagetools inspect
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com >
2024-03-05 13:13:23 -05:00
e273a53c88
Merge pull request #2194 from LaurentGoderre/sbom-dsse
...
Add support for DSSE envelope for attestation in imagetools
2024-02-28 20:08:07 -08:00
dcdcce6c52
imagetools: supress warnings for dsse mediatypes
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2024-02-28 19:25:42 -08:00
b748185f48
Add support for DSSE envelope for attestation and provenance in imagetools
...
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com >
2024-02-28 16:45:51 -05:00
95bdecc145
fix: avoid modifying source during resolver.Copy
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2024-01-31 14:44:10 +00:00
adc839aa40
vendor: update buildkit to master@d5c1d785b042
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-10-23 14:48:50 +01:00
a59058e8a5
build: add --annotation shortcut flag
...
This extracts the same logic for parsing annotations from the imagetools
create command, and allows the same flags to be attached to the build
command.
These annotations are then merged into all provided exporters.
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-09-11 15:31:04 +01:00
8fe2070d10
imagetools: make annotation parser more generic
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-09-11 15:30:31 +01:00
54bb799d15
imagetools: simplify return type of annotation parser
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-09-11 15:30:31 +01:00
bafdc63b8c
migrate to github.com/distribution/reference v0.5.0
...
The "reference" package was moved to a separate module, which was extracted
from b9b19409cfhttps://github.com/compose-spec/compose-go/compare/v1.18.3...v1.18.4
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2023-09-06 17:41:35 +02:00
18894a8e3a
allow annotations for OCI image index
...
Signed-off-by: Qasim Sarfraz <qasimsarfraz@microsoft.com >
2023-08-03 12:08:04 +02:00
b9e25e82cf
util/imagetools: remove unused Resolver.ImageConfig
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2023-07-17 12:35:42 +02:00
b702188b65
imagetools(create): set correct media type when combining manifests
...
When using imagetools create and combining multiple sources
we should check the media type of each manifest and set
the right media type for the manifest list.
If there is a mismatch we set OCI index as best effort.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2023-05-16 11:46:58 +02:00
642f28f439
imagetools: process com.docker.reference.* annotations
...
To give us the option later down the road of producing recommended OCI
names in BuildKit (using com instead of vnd, woops), we need to update
Buildx to be able to process both.
Ideally, if a Buildx/BuildKit release hadn't been made we could just
switch over, but since we have, we'd need to support both (at least for
a while, eventually we could consider deprecating+removing the vnd
variant).
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-02-14 11:24:40 +00:00
7145e021f9
imagetools: silence intoto warnings
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-24 16:49:28 +00:00
56950ece69
inspect: lazily load attestation data
...
Delay loading the attestation data immediately, and only compute it upon
request. We do this using a deferred function which allows to define the
computation in the same place as before, but perform the computation
later.
With this patch, we ensure that the attestation data is only pulled from
the remote if it is actually referenced in the format string -
otherwise, we can skip it, for improved performance.
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-10 13:00:42 +00:00
1d2ac78443
inspect: move attestation loading to struct methods
...
This refactor ensures that the attestations are not output in the JSON
output for "{{ json . }}", and additionally allows future refactors to
dynamically load the attestation contents, ensuring faster performance
when attestations are not used in the output.
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-10 12:40:42 +00:00
484823c97d
inspect: change additional spdxs to not have duplicates
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-09 19:03:23 +00:00
3ce17b01dc
inspect: provide access to multiple spdx documents
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-09 18:42:26 +00:00
e68c566c1c
inspect: parse sbom and provenance into json structs
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-09 18:09:43 +00:00
19d16aa941
inspect: break after first matching attestation
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2023-01-09 18:09:06 +00:00
e6b9aba997
imagetools inspect: handle provenance and sbom
...
use stub structs for SLSA/SBOM while waiting for
go-imageinspect library to be public.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2023-01-05 17:34:30 +01:00
2fb9db994b
imagetools inspect: missing annotations key
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2023-01-04 15:52:16 +01:00
aa1f4389b1
Merge pull request #1396 from crazy-max/fix-indent
...
use double spaces with json marshal indent
2022-11-16 14:54:13 -08:00
b68114375f
Address feedback
...
Signed-off-by: Felix de Souza <fdesouza@palantir.com >
2022-11-14 18:40:05 +00:00
83a09b3cf2
Synchronise access to the map when printing.
...
Signed-off-by: Felix de Souza <fdesouza@palantir.com >
2022-11-14 15:47:32 +00:00
abebf4d955
use double spaces with json marshal indent
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2022-11-07 16:36:24 +01:00
f1a9f91323
imagetools: support cross-repo mounting
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2022-07-29 14:29:29 +01:00
4ecca34a42
imagetools: give imagetools create a progress bar
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2022-07-29 14:29:27 +01:00
37ca8631f9
imagetools: copy manifests between repositories
...
Signed-off-by: Justin Chadwell <me@jedevc.com >
2022-07-29 14:29:05 +01:00
d3412f1039
imagetools: refactor combining repository logic
...
This patch modifies the existing combining code in imagetools create to
provide better support for multiple repositories down the road.
Specifically, the code should no longer rely on a single repository
being used for all sources and tags, and should resolve descriptors in
their relevant repositories.
Signed-off-by: Justin Chadwell <me@jedevc.com >
2022-07-29 14:21:27 +01:00
e4137b2eea
imagetools: handle manifest with nil platform
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com >
2022-05-23 21:16:00 -07:00
38311a35f2
imagetools inspect: use buildinfo helper
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2022-03-10 01:52:51 +01:00
215a128fc1
imagetools inspect: missing manifest digest for manifest-list (json)
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2022-03-04 20:36:14 +01:00
4e4eea7814
imagetools inspect: deterministic platform order
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2022-03-04 20:36:14 +01:00
20a55e9184
imagetools inspect: multi-platform support
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com >
2022-02-25 20:30:08 +01:00
