Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Docker Plugin #1101

Closed
verdverm opened this issue Nov 24, 2021 · 8 comments
Closed

Docker Plugin #1101

verdverm opened this issue Nov 24, 2021 · 8 comments
Labels
enhancement New feature or request

Comments

@verdverm
Copy link

Moving docker-library/official-images#6838 here

The general idea is to explore the possibility of writing a Docker CLI Plugin so that container signing can be easier to adopt into existing workflows. Ideally, the UX could be something as minimal as docker plugin install sigstore/cosign-docker-plugin and would support pushing the signature to the same registry the container is going.

@dlorenc, here is a link to get started. I haven't explored it enough to know if this is possible yet.

https://docs.docker.com/engine/extend/

@verdverm verdverm added the enhancement New feature or request label Nov 24, 2021
@verdverm
Copy link
Author

verdverm commented Nov 24, 2021

@Johannestegner
Copy link

Just wanted to leave a note that the /engine/extend link is not docs for CLI-plugins (docs for cli plugins is a pain to find and I can't even find a link for it to leave here).
I've played around a bit with the CLI plugin Go lib by looking at "official" plugins such as buildx and the cli plugin code in the docker repo: https://github.com/docker/cli/tree/master/cli-plugins

Implementing it as a docker cli-plugin could probably be fairly easy (just to have cosign work through some type of docker cosign command), making it work with buildx and such might be a larger job (which likely would have to require some additions to the buildx codebase) though!

Either way it's a great idea and would love to see it implemented! :)

@dlorenc
Copy link
Member

dlorenc commented Nov 28, 2021

Thanks @Johannestegner! That helps a lot. I know CLI plugins exist but couldn't find any docs!

@developer-guy
Copy link
Member

Hello, there is some useful information out there about Docker CLI plugins, here are some:

Seems it is all about managing the binary name and directory stuff, then all should work, right @Johannestegner ?

@Johannestegner
Copy link

Johannestegner commented Nov 29, 2021

Seems it is all about managing the binary name and directory stuff, then all should work, right @Johannestegner ?

Yes, basically, the plugin is only required to implement a very simple interface.
It have to be able to answer to a meta-data call, other than that, it's just a executable which is named docker-<plugin name>.

Imho, a very simple and elegant way to implement plugins (sure, users will have to trust the author to quite a high degree, but other than that, very helpful for plugin developers).

Personally, I do prefer to build them with Go, as that gives one access to both the interface and api from docker directly, as well as the ease of working with cobra.Command and such, but a plugin can (in theory) be implemented in anything that is executable :)

@dlorenc
Copy link
Member

dlorenc commented Feb 21, 2022

cc @imjasonh who made one!

@imjasonh
Copy link
Member

cc @imjasonh who made one!

It's true! https://github.com/imjasonh/cosign-docker-cli-plugins

@haydentherapper
Copy link
Contributor

Closing as unplanned since there's an existing plugin from Jason, feel free to reopen

@haydentherapper haydentherapper closed this as not planned Won't fix, can't repro, duplicate, stale Jan 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

6 participants