Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adopt OCI distribution spec v1.1.0 #17928

Closed
wy65701436 opened this issue Dec 6, 2022 · 6 comments
Closed

Adopt OCI distribution spec v1.1.0 #17928

wy65701436 opened this issue Dec 6, 2022 · 6 comments
Assignees
@wy65701436 @MinerYang
Labels
Epic target/2.8.0

Comments

@wy65701436
Copy link
Contributor

Since OCI has been released to v1.1.0-rc2, https://github.com/opencontainers/distribution-spec/releases/tag/v1.1.0-rc1, Harbor, as one of the OCI-compliant registries, should adopt the latest changes.

Mainpoints:

  • Enabling the Referrers API
  • Support the Subject descriptor
@wy65701436 wy65701436 self-assigned this Dec 6, 2022
@github-actions
Copy link

github-actions bot commented Feb 6, 2023

This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.

@github-actions github-actions bot added the Stale label Feb 6, 2023
@jkjell
Copy link

jkjell commented Feb 6, 2023

Not Stale 😄

@github-actions github-actions bot removed the Stale label Feb 7, 2023
@ChristianCiach
Copy link

ChristianCiach commented Feb 15, 2023
edited
Loading

This will probably also fix

I've just compiled the current main branch of cosign that includes:

Unsurprisingly, this currently does not work with Harbor:

$ COSIGN_EXPERIMENTAL=1 COSIGN_OCI_EXPERIMENTAL=1 ./cosign attach sbom --registry-referrers-mode oci-1-1 --type cyclonedx --sbom sbom.json my-harbor.local/public/sbom-test:1.0.0 
WARNING: Attaching SBOMs this way does not sign them. If you want to sign them, use 'cosign attest --predicate sboms.json --key <key path>' or 'cosign sign --key <key path> --attachment sbom <image uri>'.
Uploading SBOM file for [my-harbor.local/public/sbom-test:1.0.0] to [my-harbor.local/public/sbom-test@sha256:690e15b4832f28d585e781bc98654efb027c4cfc71a4f5b6c36ebc6f7b819900] with config.mediaType [application/vnd.dev.cosign.artifact.sbom.v1+json] layers[0].mediaType [application/vnd.cyclonedx+json].
Error: GET https://my-harbor.local/v2/public/sbom-test/referrers/sha256:a2d975176cb5b5c8e7e84319a8884c5fa9a94b9c734cb310b99bd312f4d13357: UNAUTHORIZED: un-recognized request: GET /v2/public/sbom-test/referrers/sha256:a2d975176cb5b5c8e7e84319a8884c5fa9a94b9c734cb310b99bd312f4d13357: un-recognized request: GET /v2/public/sbom-test/referrers/sha256:a2d975176cb5b5c8e7e84319a8884c5fa9a94b9c734cb310b99bd312f4d13357
main.go:74: error during command execution: GET https://my-harbor.local/v2/public/sbom-test/referrers/sha256:a2d975176cb5b5c8e7e84319a8884c5fa9a94b9c734cb310b99bd312f4d13357: UNAUTHORIZED: un-recognized request: GET /v2/public/sbom-test/referrers/sha256:a2d975176cb5b5c8e7e84319a8884c5fa9a94b9c734cb310b99bd312f4d13357: un-recognized request: GET /v2/public/sbom-test/referrers/sha256:a2d975176cb5b5c8e7e84319a8884c5fa9a94b9c734cb310b99bd312f4d13357

@ChristianCiach ChristianCiach mentioned this issue Feb 15, 2023
Closed
@wy65701436 wy65701436 added the Epic label Mar 5, 2023
wy65701436 added a commit to goharbor/community that referenced this issue Mar 8, 2023
@wy65701436
add proposal of distribution spec v1.1 adoption
b70692c 
Distribution spec v1.1:https://github.com/opencontainers/distribution-spec/releases/tag/v1.1.0-rc1
Engineering epic: goharbor/harbor#17928

Signed-off-by: Wang Yan <[email protected]>
@wy65701436 wy65701436 mentioned this issue Mar 8, 2023
Merged
@wy65701436
Copy link
Contributor Author

@ChristianCiach please try with test main branch code, it works now.

ConnectBhawna pushed a commit to ConnectBhawna/community that referenced this issue May 19, 2023
@wy65701436 @ConnectBhawna
add proposal of distribution spec v1.1 adoption
5efc87c 
Distribution spec v1.1:https://github.com/opencontainers/distribution-spec/releases/tag/v1.1.0-rc1
Engineering epic: goharbor/harbor#17928

Signed-off-by: Wang Yan <[email protected]>
Signed-off-by: ConnectBhawna <[email protected]>
@justinharringa
Copy link

@ChristianCiach please try with test main branch code, it works now.

Thanks for all of the hard work on this! Is there a target release for this change?

@MinerYang
Copy link
Contributor

MinerYang commented Apr 9, 2024
edited
Loading

@ChristianCiach please try with test main branch code, it works now.

Thanks for all of the hard work on this! Is there a target release for this change?

Thanks for connecting with us.
We have a phase4 EPIC to track this adoption along with oci-spec been GAed recently.
Will have this fully supported in v2.11 release

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wy65701436 wy65701436

@MinerYang MinerYang

Labels
Epic target/2.8.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jkjell @justinharringa @wy65701436 @ChristianCiach @MinerYang