Permalink
122 lines (92 sloc) 6.31 KB

OCI Image Manifest Specification

There are three main goals of the Image Manifest Specification. The first goal is content-addressable images, by supporting an image model where the image's configuration can be hashed to generate a unique ID for the image and its components. The second goal is to allow multi-architecture images, through a "fat manifest" which references image manifests for platform-specific versions of an image. In OCI, this is codified in a Manifest List. The third goal is to be translatable to the OCI Runtime Specification.

This section defines the application/vnd.oci.image.manifest.v1+json media type. For the media type(s) that this is compatible with see the matrix.

Image Manifest

Unlike the Manifest List, which contains information about a set of images that can span a variety of architectures and operating systems, an image manifest provides a configuration and set of layers for a single container image for a specific architecture and operating system.

Image Manifest Property Descriptions

  • schemaVersion int

    This REQUIRED property specifies the image manifest schema version. For this version of the specification, this MUST be 2 to ensure backward compatibility with older versions of Docker. The value of this field will not change. This field MAY be removed in a future version of the specification.

  • mediaType string

    This property is reserved for use, to [maintain compatibility][matrix]. When used, this field contains the media type of this document, which differs from the descriptor use of mediaType.

  • config descriptor

    This REQUIRED property references a configuration object for a container, by digest. Beyond the descriptor requirements, the value has the following additional restrictions:

  • layers array of objects

    Each item in the array MUST be a descriptor. The array MUST have the base layer at index 0. Subsequent layers MUST then follow in stack order (i.e. from layers[0] to layers[len(layers)-1]). The final filesystem layout MUST match the result of applying the layers to an empty directory. The ownership, mode, and other attributes of the initial empty directory are unspecified.

    Beyond the descriptor requirements, the value has the following additional restrictions:

  • annotations string-string map

    This OPTIONAL property contains arbitrary metadata for the image manifest. Annotations MUST be a key-value map where both the key and value MUST be strings. While the value MUST be present, it MAY be an empty string. Keys MUST be unique within this map, and best practice is to namespace the keys. Keys SHOULD be named using a reverse domain notation - e.g. com.example.myKey. Keys using the org.opencontainers namespace are reserved and MUST NOT be used by other specifications. If there are no annotations then this property MUST either be absent or be an empty map. Implementations that are reading/processing the image manifest MUST NOT generate an error if they encounter an unknown annotation key.

    See Pre-Defined Annotation Keys.

Extensibility

Implementations that are reading/processing image manifests MUST NOT generate an error if they encounter an unknown property. Instead they MUST ignore unknown properties.

Example Image Manifest

Example showing an image manifest:

{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "config": {
    "mediaType": "application/vnd.oci.image.config.v1+json",
    "size": 7023,
    "digest": "sha256:b5b2b2c507a0944348e0303114d8d93aaaa081732b86451d9bce1f432a537bc7"
  },
  "layers": [
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "size": 32654,
      "digest": "sha256:e692418e4cbaf90ca69d05a66403747baa33ee08806650b51fab815ad7fc331f"
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "size": 16724,
      "digest": "sha256:3c3a4604a545cdc127456d94e421cd355bca5b528f4a9c1905b15da2eb4a4c6b"
    },
    {
      "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
      "size": 73109,
      "digest": "sha256:ec4b8955958665577945c89419d1af06b5f7636b4ac3da7f12184802ad867736"
    }
  ],
  "annotations": {
    "com.example.key1": "value1",
    "com.example.key2": "value2"
  }
}

Pre-Defined Annotation Keys

This specification defines the following annotation keys, which MAY be used by manifest list and image manifest authors:

  • org.opencontainers.created date on which the image was built (string, date-time as defined by RFC 3339).
  • org.opencontainers.authors contact details of the people or organization responsible for the image (freeform string)
  • org.opencontainers.homepage URL to find more information on the image (string, must be a URL with scheme HTTP or HTTPS)
  • org.opencontainers.documentation URL to get documentation on the image (string, must be a URL with scheme HTTP or HTTPS)
  • org.opencontainers.source URL to get source code for the binary files in the image (string, must be a URL with scheme HTTP or HTTPS)