update image naming scheme, compatibility with ggcr v0.15.2 #289
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
kind/cleanup
k8s-ci-robot
added
approved
This was referenced May 19, 2023
|
@puerco needs rebase |
k8s-ci-robot
added
the
needs-rebase
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cpanato, puerco The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Adolfo GarcΓa Veytia (Puerco) <puerco@chainguard.dev>
This commit modifies the default naming scheme in SPDX packages representing container images. The new scheme will now be the expanded image reference at digest when available. If an image reference is not available, the package name will be sha256:digest as it is now. Signed-off-by: Adolfo GarcΓa Veytia (Puerco) <puerco@chainguard.dev>
k8s-ci-robot
added
size/L
|
/lgtm |
k8s-ci-robot
added
the
lgtm
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
This PR modifies the default naming scheme used in SPDX packages when representing container images. The new scheme will now be the expanded image reference @ digest when available. For example the top-level package representing
nginxwill now be:When no reference is available, the name of the package will still be the digest as in
sha256:63547654...Multi-arch images fronted by the index manifest will be named using the same schema while layers keep the digest naming convention. Here is a sample:
Which issue(s) this PR fixes:
This PR also fixes an incompatibility with go-containerregistro v0.15.x that was preventing updating the library.
Special notes for your reviewer:
/assign @cpanato
Does this PR introduce a user-facing change?