Merge pull request #3804 from thaJeztah/deprecate_schema1
manifest/schema1: mark docker manifest v2, schema 1 deprecated
This commit is contained in:
commit
9b629737cb
8 changed files with 133 additions and 23 deletions
|
@ -203,12 +203,24 @@ type Configuration struct {
|
||||||
|
|
||||||
// Compatibility is used for configurations of working with older or deprecated features.
|
// Compatibility is used for configurations of working with older or deprecated features.
|
||||||
Compatibility struct {
|
Compatibility struct {
|
||||||
// Schema1 configures how schema1 manifests will be handled
|
// Schema1 configures how schema1 manifests will be handled.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since
|
||||||
|
// 2015. These options should only be used if you need to provide
|
||||||
|
// backward compatibility.
|
||||||
Schema1 struct {
|
Schema1 struct {
|
||||||
// TrustKey is the signing key to use for adding the signature to
|
// TrustKey is the signing key to use for adding the signature to
|
||||||
// schema1 manifests.
|
// schema1 manifests.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since
|
||||||
|
// 2015. These options should only be used if you need to provide
|
||||||
|
// backward compatibility.
|
||||||
TrustKey string `yaml:"signingkeyfile,omitempty"`
|
TrustKey string `yaml:"signingkeyfile,omitempty"`
|
||||||
// Enabled determines if schema1 manifests should be pullable
|
// Enabled determines if schema1 manifests should be pullable.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since
|
||||||
|
// 2015. These options should only be used if you need to provide
|
||||||
|
// backward compatibility.
|
||||||
Enabled bool `yaml:"enabled,omitempty"`
|
Enabled bool `yaml:"enabled,omitempty"`
|
||||||
} `yaml:"schema1,omitempty"`
|
} `yaml:"schema1,omitempty"`
|
||||||
} `yaml:"compatibility,omitempty"`
|
} `yaml:"compatibility,omitempty"`
|
||||||
|
|
|
@ -6,6 +6,13 @@ keywords: registry, on-prem, images, tags, repository, distribution, api, advanc
|
||||||
|
|
||||||
# Image Manifest Version 2, Schema 1
|
# Image Manifest Version 2, Schema 1
|
||||||
|
|
||||||
|
> **Deprecated**
|
||||||
|
>
|
||||||
|
> Image Manifest v2, Schema 1 is deprecated. Use [Image Manifest v2, Schema 2](manifest-v2-2.md),
|
||||||
|
> or the [OCI Image Specification](https://github.com/opencontainers/image-spec).
|
||||||
|
> Image Manifest v2, Schema 1 should not be used for purposes other than backward
|
||||||
|
> compatibility.
|
||||||
|
|
||||||
This document outlines the format of the V2 image manifest. The image
|
This document outlines the format of the V2 image manifest. The image
|
||||||
manifest described herein was introduced in the Docker daemon in the [v1.3.0
|
manifest described herein was introduced in the Docker daemon in the [v1.3.0
|
||||||
release](https://github.com/docker/docker/commit/9f482a66ab37ec396ac61ed0c00d59122ac07453).
|
release](https://github.com/docker/docker/commit/9f482a66ab37ec396ac61ed0c00d59122ac07453).
|
||||||
|
|
|
@ -52,6 +52,10 @@ type configManifestBuilder struct {
|
||||||
// schema version from an image configuration and a set of descriptors.
|
// schema version from an image configuration and a set of descriptors.
|
||||||
// It takes a BlobService so that it can add an empty tar to the blob store
|
// It takes a BlobService so that it can add an empty tar to the blob store
|
||||||
// if the resulting manifest needs empty layers.
|
// if the resulting manifest needs empty layers.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015,
|
||||||
|
// use Docker Image Manifest v2, Schema 2, or the OCI Image Specification v1.
|
||||||
|
// This package should not be used for purposes other than backward compatibility.
|
||||||
func NewConfigManifestBuilder(bs distribution.BlobService, pk libtrust.PrivateKey, ref reference.Named, configJSON []byte) distribution.ManifestBuilder {
|
func NewConfigManifestBuilder(bs distribution.BlobService, pk libtrust.PrivateKey, ref reference.Named, configJSON []byte) distribution.ManifestBuilder {
|
||||||
return &configManifestBuilder{
|
return &configManifestBuilder{
|
||||||
bs: bs,
|
bs: bs,
|
||||||
|
@ -61,7 +65,10 @@ func NewConfigManifestBuilder(bs distribution.BlobService, pk libtrust.PrivateKe
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Build produces a final manifest from the given references
|
// Build produces a final manifest from the given references.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (mb *configManifestBuilder) Build(ctx context.Context) (m distribution.Manifest, err error) {
|
func (mb *configManifestBuilder) Build(ctx context.Context) (m distribution.Manifest, err error) {
|
||||||
type imageRootFS struct {
|
type imageRootFS struct {
|
||||||
Type string `json:"type"`
|
Type string `json:"type"`
|
||||||
|
@ -238,7 +245,10 @@ func (mb *configManifestBuilder) emptyTar(ctx context.Context) (digest.Digest, e
|
||||||
return descriptor.Digest, nil
|
return descriptor.Digest, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// AppendReference adds a reference to the current ManifestBuilder
|
// AppendReference adds a reference to the current ManifestBuilder.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (mb *configManifestBuilder) AppendReference(d distribution.Describable) error {
|
func (mb *configManifestBuilder) AppendReference(d distribution.Describable) error {
|
||||||
descriptor := d.Descriptor()
|
descriptor := d.Descriptor()
|
||||||
|
|
||||||
|
@ -250,12 +260,18 @@ func (mb *configManifestBuilder) AppendReference(d distribution.Describable) err
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// References returns the current references added to this builder
|
// References returns the current references added to this builder.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (mb *configManifestBuilder) References() []distribution.Descriptor {
|
func (mb *configManifestBuilder) References() []distribution.Descriptor {
|
||||||
return mb.descriptors
|
return mb.descriptors
|
||||||
}
|
}
|
||||||
|
|
||||||
// MakeV1ConfigFromConfig creates an legacy V1 image config from image config JSON
|
// MakeV1ConfigFromConfig creates an legacy V1 image config from image config JSON.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func MakeV1ConfigFromConfig(configJSON []byte, v1ID, parentV1ID string, throwaway bool) ([]byte, error) {
|
func MakeV1ConfigFromConfig(configJSON []byte, v1ID, parentV1ID string, throwaway bool) ([]byte, error) {
|
||||||
// Top-level v1compatibility string should be a modified version of the
|
// Top-level v1compatibility string should be a modified version of the
|
||||||
// image config.
|
// image config.
|
||||||
|
|
|
@ -1,3 +1,9 @@
|
||||||
|
// Package schema1 provides definitions for the deprecated Docker Image
|
||||||
|
// Manifest v2, Schema 1 specification.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification. This package should not be used for purposes
|
||||||
|
// other than backward compatibility.
|
||||||
package schema1
|
package schema1
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -10,18 +16,30 @@ import (
|
||||||
"github.com/opencontainers/go-digest"
|
"github.com/opencontainers/go-digest"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
|
||||||
// MediaTypeManifest specifies the mediaType for the current version. Note
|
// MediaTypeManifest specifies the mediaType for the current version. Note
|
||||||
// that for schema version 1, the the media is optionally "application/json".
|
// that for schema version 1, the the media is optionally "application/json".
|
||||||
MediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json"
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
|
const MediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json"
|
||||||
|
|
||||||
// MediaTypeSignedManifest specifies the mediatype for current SignedManifest version
|
// MediaTypeSignedManifest specifies the mediatype for current SignedManifest version
|
||||||
MediaTypeSignedManifest = "application/vnd.docker.distribution.manifest.v1+prettyjws"
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
|
const MediaTypeSignedManifest = "application/vnd.docker.distribution.manifest.v1+prettyjws"
|
||||||
|
|
||||||
// MediaTypeManifestLayer specifies the media type for manifest layers
|
// MediaTypeManifestLayer specifies the media type for manifest layers
|
||||||
MediaTypeManifestLayer = "application/vnd.docker.container.image.rootfs.diff+x-gtar"
|
//
|
||||||
)
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
|
const MediaTypeManifestLayer = "application/vnd.docker.container.image.rootfs.diff+x-gtar"
|
||||||
|
|
||||||
// SchemaVersion provides a pre-initialized version structure for this
|
// SchemaVersion provides a pre-initialized version structure for this
|
||||||
// packages version of the manifest.
|
// packages version of the manifest.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
var SchemaVersion = manifest.Versioned{
|
var SchemaVersion = manifest.Versioned{
|
||||||
SchemaVersion: 1,
|
SchemaVersion: 1,
|
||||||
}
|
}
|
||||||
|
@ -55,13 +73,19 @@ func init() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// FSLayer is a container struct for BlobSums defined in an image manifest
|
// FSLayer is a container struct for BlobSums defined in an image manifest.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
type FSLayer struct {
|
type FSLayer struct {
|
||||||
// BlobSum is the tarsum of the referenced filesystem image layer
|
// BlobSum is the tarsum of the referenced filesystem image layer
|
||||||
BlobSum digest.Digest `json:"blobSum"`
|
BlobSum digest.Digest `json:"blobSum"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// History stores unstructured v1 compatibility information
|
// History stores unstructured v1 compatibility information.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
type History struct {
|
type History struct {
|
||||||
// V1Compatibility is the raw v1 compatibility information
|
// V1Compatibility is the raw v1 compatibility information
|
||||||
V1Compatibility string `json:"v1Compatibility"`
|
V1Compatibility string `json:"v1Compatibility"`
|
||||||
|
@ -69,6 +93,9 @@ type History struct {
|
||||||
|
|
||||||
// Manifest provides the base accessible fields for working with V2 image
|
// Manifest provides the base accessible fields for working with V2 image
|
||||||
// format in the registry.
|
// format in the registry.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
type Manifest struct {
|
type Manifest struct {
|
||||||
manifest.Versioned
|
manifest.Versioned
|
||||||
|
|
||||||
|
@ -91,6 +118,9 @@ type Manifest struct {
|
||||||
|
|
||||||
// SignedManifest provides an envelope for a signed image manifest, including
|
// SignedManifest provides an envelope for a signed image manifest, including
|
||||||
// the format sensitive raw bytes.
|
// the format sensitive raw bytes.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
type SignedManifest struct {
|
type SignedManifest struct {
|
||||||
Manifest
|
Manifest
|
||||||
|
|
||||||
|
@ -105,6 +135,9 @@ type SignedManifest struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// UnmarshalJSON populates a new SignedManifest struct from JSON data.
|
// UnmarshalJSON populates a new SignedManifest struct from JSON data.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (sm *SignedManifest) UnmarshalJSON(b []byte) error {
|
func (sm *SignedManifest) UnmarshalJSON(b []byte) error {
|
||||||
sm.all = make([]byte, len(b))
|
sm.all = make([]byte, len(b))
|
||||||
// store manifest and signatures in all
|
// store manifest and signatures in all
|
||||||
|
@ -136,7 +169,10 @@ func (sm *SignedManifest) UnmarshalJSON(b []byte) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// References returns the descriptors of this manifests references
|
// References returns the descriptors of this manifests references.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (sm SignedManifest) References() []distribution.Descriptor {
|
func (sm SignedManifest) References() []distribution.Descriptor {
|
||||||
dependencies := make([]distribution.Descriptor, len(sm.FSLayers))
|
dependencies := make([]distribution.Descriptor, len(sm.FSLayers))
|
||||||
for i, fsLayer := range sm.FSLayers {
|
for i, fsLayer := range sm.FSLayers {
|
||||||
|
@ -153,6 +189,9 @@ func (sm SignedManifest) References() []distribution.Descriptor {
|
||||||
// contents. Applications requiring a marshaled signed manifest should simply
|
// contents. Applications requiring a marshaled signed manifest should simply
|
||||||
// use Raw directly, since the the content produced by json.Marshal will be
|
// use Raw directly, since the the content produced by json.Marshal will be
|
||||||
// compacted and will fail signature checks.
|
// compacted and will fail signature checks.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (sm *SignedManifest) MarshalJSON() ([]byte, error) {
|
func (sm *SignedManifest) MarshalJSON() ([]byte, error) {
|
||||||
if len(sm.all) > 0 {
|
if len(sm.all) > 0 {
|
||||||
return sm.all, nil
|
return sm.all, nil
|
||||||
|
@ -163,6 +202,9 @@ func (sm *SignedManifest) MarshalJSON() ([]byte, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Payload returns the signed content of the signed manifest.
|
// Payload returns the signed content of the signed manifest.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (sm SignedManifest) Payload() (string, []byte, error) {
|
func (sm SignedManifest) Payload() (string, []byte, error) {
|
||||||
return MediaTypeSignedManifest, sm.all, nil
|
return MediaTypeSignedManifest, sm.all, nil
|
||||||
}
|
}
|
||||||
|
@ -170,6 +212,9 @@ func (sm SignedManifest) Payload() (string, []byte, error) {
|
||||||
// Signatures returns the signatures as provided by
|
// Signatures returns the signatures as provided by
|
||||||
// (*libtrust.JSONSignature).Signatures. The byte slices are opaque jws
|
// (*libtrust.JSONSignature).Signatures. The byte slices are opaque jws
|
||||||
// signatures.
|
// signatures.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (sm *SignedManifest) Signatures() ([][]byte, error) {
|
func (sm *SignedManifest) Signatures() ([][]byte, error) {
|
||||||
jsig, err := libtrust.ParsePrettySignature(sm.all, "signatures")
|
jsig, err := libtrust.ParsePrettySignature(sm.all, "signatures")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -21,6 +21,9 @@ type referenceManifestBuilder struct {
|
||||||
|
|
||||||
// NewReferenceManifestBuilder is used to build new manifests for the current
|
// NewReferenceManifestBuilder is used to build new manifests for the current
|
||||||
// schema version using schema1 dependencies.
|
// schema version using schema1 dependencies.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func NewReferenceManifestBuilder(pk libtrust.PrivateKey, ref reference.Named, architecture string) distribution.ManifestBuilder {
|
func NewReferenceManifestBuilder(pk libtrust.PrivateKey, ref reference.Named, architecture string) distribution.ManifestBuilder {
|
||||||
tag := ""
|
tag := ""
|
||||||
if tagged, isTagged := ref.(reference.Tagged); isTagged {
|
if tagged, isTagged := ref.(reference.Tagged); isTagged {
|
||||||
|
@ -54,7 +57,10 @@ func (mb *referenceManifestBuilder) Build(ctx context.Context) (distribution.Man
|
||||||
return Sign(&m, mb.pk)
|
return Sign(&m, mb.pk)
|
||||||
}
|
}
|
||||||
|
|
||||||
// AppendReference adds a reference to the current ManifestBuilder
|
// AppendReference adds a reference to the current ManifestBuilder.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (mb *referenceManifestBuilder) AppendReference(d distribution.Describable) error {
|
func (mb *referenceManifestBuilder) AppendReference(d distribution.Describable) error {
|
||||||
r, ok := d.(Reference)
|
r, ok := d.(Reference)
|
||||||
if !ok {
|
if !ok {
|
||||||
|
@ -67,7 +73,10 @@ func (mb *referenceManifestBuilder) AppendReference(d distribution.Describable)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// References returns the current references added to this builder
|
// References returns the current references added to this builder.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (mb *referenceManifestBuilder) References() []distribution.Descriptor {
|
func (mb *referenceManifestBuilder) References() []distribution.Descriptor {
|
||||||
refs := make([]distribution.Descriptor, len(mb.Manifest.FSLayers))
|
refs := make([]distribution.Descriptor, len(mb.Manifest.FSLayers))
|
||||||
for i := range mb.Manifest.FSLayers {
|
for i := range mb.Manifest.FSLayers {
|
||||||
|
@ -79,15 +88,21 @@ func (mb *referenceManifestBuilder) References() []distribution.Descriptor {
|
||||||
return refs
|
return refs
|
||||||
}
|
}
|
||||||
|
|
||||||
// Reference describes a manifest v2, schema version 1 dependency.
|
// Reference describes a Manifest v2, schema version 1 dependency.
|
||||||
// An FSLayer associated with a history entry.
|
// An FSLayer associated with a history entry.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
type Reference struct {
|
type Reference struct {
|
||||||
Digest digest.Digest
|
Digest digest.Digest
|
||||||
Size int64 // if we know it, set it for the descriptor.
|
Size int64 // if we know it, set it for the descriptor.
|
||||||
History History
|
History History
|
||||||
}
|
}
|
||||||
|
|
||||||
// Descriptor describes a reference
|
// Descriptor describes a reference.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func (r Reference) Descriptor() distribution.Descriptor {
|
func (r Reference) Descriptor() distribution.Descriptor {
|
||||||
return distribution.Descriptor{
|
return distribution.Descriptor{
|
||||||
MediaType: MediaTypeManifestLayer,
|
MediaType: MediaTypeManifestLayer,
|
||||||
|
|
|
@ -10,6 +10,9 @@ import (
|
||||||
// Sign signs the manifest with the provided private key, returning a
|
// Sign signs the manifest with the provided private key, returning a
|
||||||
// SignedManifest. This typically won't be used within the registry, except
|
// SignedManifest. This typically won't be used within the registry, except
|
||||||
// for testing.
|
// for testing.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func Sign(m *Manifest, pk libtrust.PrivateKey) (*SignedManifest, error) {
|
func Sign(m *Manifest, pk libtrust.PrivateKey) (*SignedManifest, error) {
|
||||||
p, err := json.MarshalIndent(m, "", " ")
|
p, err := json.MarshalIndent(m, "", " ")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -40,6 +43,9 @@ func Sign(m *Manifest, pk libtrust.PrivateKey) (*SignedManifest, error) {
|
||||||
// SignWithChain signs the manifest with the given private key and x509 chain.
|
// SignWithChain signs the manifest with the given private key and x509 chain.
|
||||||
// The public key of the first element in the chain must be the public key
|
// The public key of the first element in the chain must be the public key
|
||||||
// corresponding with the sign key.
|
// corresponding with the sign key.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func SignWithChain(m *Manifest, key libtrust.PrivateKey, chain []*x509.Certificate) (*SignedManifest, error) {
|
func SignWithChain(m *Manifest, key libtrust.PrivateKey, chain []*x509.Certificate) (*SignedManifest, error) {
|
||||||
p, err := json.MarshalIndent(m, "", " ")
|
p, err := json.MarshalIndent(m, "", " ")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -9,6 +9,9 @@ import (
|
||||||
|
|
||||||
// Verify verifies the signature of the signed manifest returning the public
|
// Verify verifies the signature of the signed manifest returning the public
|
||||||
// keys used during signing.
|
// keys used during signing.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func Verify(sm *SignedManifest) ([]libtrust.PublicKey, error) {
|
func Verify(sm *SignedManifest) ([]libtrust.PublicKey, error) {
|
||||||
js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
|
js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -22,6 +25,9 @@ func Verify(sm *SignedManifest) ([]libtrust.PublicKey, error) {
|
||||||
// VerifyChains verifies the signature of the signed manifest against the
|
// VerifyChains verifies the signature of the signed manifest against the
|
||||||
// certificate pool returning the list of verified chains. Signatures without
|
// certificate pool returning the list of verified chains. Signatures without
|
||||||
// an x509 chain are not checked.
|
// an x509 chain are not checked.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func VerifyChains(sm *SignedManifest, ca *x509.CertPool) ([][]*x509.Certificate, error) {
|
func VerifyChains(sm *SignedManifest, ca *x509.CertPool) ([][]*x509.Certificate, error) {
|
||||||
js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
|
js, err := libtrust.ParsePrettySignature(sm.all, "signatures")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -40,7 +40,10 @@ func MakeManifestList(blobstatter distribution.BlobStatter, manifestDigests []di
|
||||||
}
|
}
|
||||||
|
|
||||||
// MakeSchema1Manifest constructs a schema 1 manifest from a given list of digests and returns
|
// MakeSchema1Manifest constructs a schema 1 manifest from a given list of digests and returns
|
||||||
// the digest of the manifest
|
// the digest of the manifest.
|
||||||
|
//
|
||||||
|
// Deprecated: Docker Image Manifest v2, Schema 1 is deprecated since 2015.
|
||||||
|
// Use Docker Image Manifest v2, Schema 2, or the OCI Image Specification.
|
||||||
func MakeSchema1Manifest(digests []digest.Digest) (distribution.Manifest, error) {
|
func MakeSchema1Manifest(digests []digest.Digest) (distribution.Manifest, error) {
|
||||||
mfst := schema1.Manifest{
|
mfst := schema1.Manifest{
|
||||||
Versioned: manifest.Versioned{
|
Versioned: manifest.Versioned{
|
||||||
|
|
Loading…
Reference in a new issue