Story #4171
closed
As a user i can configure download of the foreign layers
100%
Description
Some images like windows base images, contain artifacts whose distribution is restricted by license.
When these images are pushed to a registry, restricted artifacts are skipped/not included by default.
These artifacts are called foreign layers and have "mediaType": "application/vnd.docker.image.rootfs.foreign.diff.tar.gzip"
Remote should have a Boolean "*allow_foreign_layers*" option which would control the download of the foreign layers.
Set to False (default):
Pulp will check the mediatype and simply will skip the foreign layers.
Case: do not sync content which is restricted by a license without explicit acknowledgment in the Remote config
From client side, it will follow the url specified in the details of the layer in the manifest.
Set to True:
Pulp will download the foreign layers by following the url.
Case: due to use case of registries with air gaped network, now it's possible to push to the registry foreign layers, by enabling -allow-nondistributable-artifacts daemon option. From client side, foreign layers are now pulled from the registry if possible, falling back to the URLs in the image manifest otherwise. As far as i know that's done in docker for Windows. Linux version is still ignoring foreign layers during pull.
Related issues
Updated by amacdona@redhat.com over 5 years ago
- Groomed changed from No to Yes
- Sprint Candidate changed from No to Yes
With the current implementation of docker sync, we will have to use the skip logic in 2 places. Once for tagged manifests, once for non-tagged manifests.
Updated by jortel@redhat.com over 5 years ago
- Priority changed from Normal to Low
- Sprint set to Sprint 46
Updated by jortel@redhat.com about 5 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to jortel@redhat.com
Added by jortel@redhat.com about 5 years ago
Added by jortel@redhat.com about 5 years ago
Revision 5f230bb2 | View on GitHub
Support include/exclude of foreign layers. closes #4171
Added by jortel@redhat.com about 5 years ago
Revision 5f230bb2 | View on GitHub
Support include/exclude of foreign layers. closes #4171
Added by jortel@redhat.com about 5 years ago
Revision 5f230bb2 | View on GitHub
Support include/exclude of foreign layers. closes #4171
Updated by jortel@redhat.com about 5 years ago
- Status changed from ASSIGNED to MODIFIED
- % Done changed from 0 to 100
Applied in changeset commit:pulp_docker|5f230bb22c7abef0ab08459a8d755bcdea210cd7.
Updated by bherring about 5 years ago
- Copied to Test #4461: As a user i can configure download of the foreign layers added
Updated by ipanova@redhat.com over 4 years ago
- Project changed from Docker Support to Container Support
Updated by ipanova@redhat.com over 4 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
Support include/exclude of foreign layers. closes #4171