Convert manifest to schema1 when older clients are pulling by tag
When pulling newer format manifest by tag old clients are not supported.
Rewrite available manifest to schema1 to support old clients.
Fetch the available manifest from the storage backend, if it exists. Parse incoming accept headers from client (client indicates support for certain manifest formats) and if necessary rewrite manifest when it is being fetched by tag. If it is being fetched by digest, conversion is not possible.
- If available manifest is a manifest list - within the manifest list find the image manifest corresponding to the default platform and arch (amd64 platform and linux OS). If no suitable manifest is found in the manifest list, return a 404 error.
If necessary( based on incoming accept headers), convert the image manifest to schema1. Invoke Schema1ManifestBuilder to create skeleton of schema1 format. Populate the builder with the data incoming from parsed image manifest schema2 json.
Sign schema1 manifest with the provided signing key (in config). If no signing key is provided generate an ephemeral rsa key to be used for signing converted manifests.
- If available manifest is a manifest schema2 , if necessary( based on incoming accept headers), convert the image manifest to schema1.
- If available manifest is a manifest schema1, return as is.
Signed Manifest Field Description¶
Signed manifests include an image manifest and a list of signatures. A signature consists of the following fields:
A JSON Web Signature
A signature for the image manifest, signed by a private key
The signed protected header
The conversion will be optional. There will be a boolean flag called for example 'schema_conversion` added as a parameter to the docker distribution  where its default value would be set to False.
Conversion would happen only if enabled.
Do we convert manifest schema2 if it had foreign layers?
Please register to edit this issue