purge: do not delete contents of oci indexes #130
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jedevc
requested review from
sajayantony,
Wwwsylvia,
shizhMSFT,
northtyphoon and
wangxiaoxuan273
as code owners
|
@jedevc thanks for the contribution. Can you please add a unit test for the new oci index multi-arch scenario? You can take a look an existing one under https://github.com/Azure/acr-cli/blob/main/cmd/acr/purge_test.go#L380 |
northtyphoon
requested changes
Feb 1, 2023
The purge command attempts to detect if manifest lists are being used, and will avoid deleting manifests that are part of them. The OCI specification defines an index media type, that can contain manifests as well, as an alternative to manifest lists - functionally, these are the same as manifest lists, and ACR appears to support them. The purge command should therefore avoid removing manifests that are part of indexes as well, which, if the user is using OCI images, will cause their images to be unintentionally deleted. Signed-off-by: Justin Chadwell <me@jedevc.com>
|
@microsoft-github-policy-service agree [company="Docker Inc"] |
|
@microsoft-github-policy-service agree company="Docker Inc" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The purge command attempts to detect if manifest lists are being used, and will avoid deleting manifests that are part of them.
The OCI specification defines an index media type, that can contain manifests as well, as an alternative to manifest lists - functionally, these are the same as manifest lists, and ACR appears to support them.
The purge command should therefore avoid removing manifests that are part of indexes as well, which, if the user is using OCI images, will cause their images to be unintentionally deleted.
See docker/build-push-action#778 (comment) for more information, where this affected docker buildx users using ACR.