Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Support pulling referrers from an image manifest #1308

Open
1 task
FeynmanZhou opened this issue Mar 26, 2024 · 1 comment
Open
1 task

Support pulling referrers from an image manifest #1308

FeynmanZhou opened this issue Mar 26, 2024 · 1 comment
Labels
enhancement New feature or request spec required Issues that require specifications
Milestone
v1.4.0

Comments

@FeynmanZhou
Copy link
Member

FeynmanZhou commented Mar 26, 2024
edited
Loading

What is the version of your ORAS CLI

ORAS v1.2.0-beta.1

What would you like to be added?

Provide a flag to enable users to pull referrers from an image manifest to local.

Why is this needed for ORAS?

In containers secure supply chain scenario, users may pull referrers (e.g. SBOM, signature, vuln scanning report) only without pulling a subject image. Suppose there is a large image with referrers in the registry, users may want to verify the supply chain metadata before pulling and using the image locally. It will reduce the performance and bandwidth cost.

Are you willing to submit PRs to contribute to this feature?

  • Yes, I am willing to implement it.
@FeynmanZhou FeynmanZhou added enhancement New feature or request triage New issues or PRs to be acknowledged by maintainers labels Mar 26, 2024
@qweeah qweeah added the spec required Issues that require specifications label Mar 26, 2024
@shizhMSFT
Copy link
Contributor

shizhMSFT commented Mar 26, 2024
edited
Loading

Pre-requisite issues:

Related issues:

@qweeah qweeah added this to the v1.3.0 milestone Mar 26, 2024
@qweeah qweeah removed the triage New issues or PRs to be acknowledged by maintainers label Mar 26, 2024
@FeynmanZhou FeynmanZhou modified the milestones: v1.3.0, v1.4.0 Jul 24, 2024
@FeynmanZhou FeynmanZhou changed the title Support pulling a referrer from an image manifest Support pulling referrers from an image manifest Jul 30, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement New feature or request spec required Issues that require specifications
Projects
None yet
Milestone
v1.4.0
Development

No branches or pull requests
3 participants
@qweeah @shizhMSFT @FeynmanZhou