Support OCI Artifact Manifests

[brackendawson]

This implements support for OCI Artifact Manifests as described in the OCI 1.1 release candidate specification.

This does not add support for the new subject field in OCI Image Manifests, but it does lay common groundwork to make that a trivial change. This does not implement the referrers list API but does create the links files required to do so. This does not implement any GC. I would like to add those in subsequent pull requests to aid reviewability.

Adresses #3716

This pull request is loosely based on work in https://github.com/oci-playground/distribution by:
Co-authored-by: Sajay Antony sajaya@microsoft.com
Co-authored-by: Tejaswini Duggaraju naduggar@microsoft.com
Co-authored-by: Akash Singhal akashsinghal@microsoft.com
Co-authored-by: Aviral Takkar avtakkar@microsoft.com
Co-authored-by: Julus Liu juliusl@microsoft.com
Co-authored-by: Josh Dolitsky josh@dolit.ski
Co-authored-by: Shiwei Zhang shizh@microsoft.com
Co-authored-by: Brandon Mitchell git@bmitch.net

[codecov-commenter]

Codecov Report

Base: 56.56% // Head: 56.62% // Increases project coverage by +0.06% 🎉

Coverage data is based on head (38900e0) compared to base (cf87e8d).
Patch coverage: 58.13% of modified lines in pull request are covered.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3833      +/-   ##
==========================================
+ Coverage   56.56%   56.62%   +0.06%     
==========================================
  Files         105      107       +2     
  Lines       10638    10751     +113     
==========================================
+ Hits         6017     6088      +71     
- Misses       3948     3985      +37     
- Partials      673      678       +5     

Impacted Files	Coverage Δ
registry/storage/driver/storagedriver.go	0.00% <ø> (ø)
registry/storage/paths.go	68.92% <46.15%> (-1.81%)	⬇️
registry/storage/ocimanifesthandler.go	63.30% <54.54%> (-3.75%)	⬇️
manifest/ociartifact/manifest.go	57.14% <57.14%> (ø)
registry/handlers/manifests.go	56.04% <61.53%> (+1.87%)	⬆️
registry/storage/manifeststore.go	75.26% <62.50%> (-1.48%)	⬇️
registry/storage/references.go	62.50% <62.50%> (ø)
registry/storage/registry.go	88.57% <100.00%> (+0.27%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

[milosgajdos]

We need to put this on hold until opencontainers/image-spec#999 is resolved

[SamirPS]

Hello @milosgajdos @brackendawson

Will this PR permit attaching some artefact to an OCI image on DockerHub with tools like oras attach, for example? i say that because Dockerhub is based on distribution no ?

[milosgajdos]

We are waiting for the OCI specification to be released. There is an ongoing discussion about OCI manifest support and a few other parts of the spec might likely get updated too. Until that happens I don't expect any major registry to support any of the new capabilities.

[milosgajdos]

FYI: RC-3 of image-spec has been cut: https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc3

[SamirPS]

Thanks for the information

[thaJeztah]

FYI: RC-3 of image-spec has been cut: https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc3

Ah yes, opened a draft PR to update it (wasn't sure if we wanted pre-releases to be in use, but can move it out of draft if we're okay with that);

• vendor: github.com/opencontainers/image-spec v1.1.0-rc4 #3889

[brackendawson]

The "OCI Artifact Manifest" has been dropped from the spec and the artifactType field plus some additional logic added to the "OCI Image Manifest". I'm going to close this PR and implement the latest behaviour in #3834