merge queue: embarking main (fbfeeb8) and #43 together#44
Closed
mergify[bot] wants to merge 7 commits intomainfrom
Closed
merge queue: embarking main (fbfeeb8) and #43 together#44mergify[bot] wants to merge 7 commits intomainfrom
mergify[bot] wants to merge 7 commits intomainfrom
Conversation
crane operates directly on the registry for every mutation — each append, mutate, or edit-config call creates a new manifest, leaving the previous one as an untagged image. Over time this accumulated significant registry garbage that GHCR's permission model made impossible to clean up automatically. buildah builds images locally and pushes the finished manifest in a single operation, producing zero intermediate untagged manifests. skopeo handles read-side operations (inspect, copy/retag, export). Split the CI publish job into per-arch and combined stages so the combined image can depend on per-arch images already in the registry. Add --force flag to allow overwriting existing images when needed. Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
Documents the progression from ORAS to crane to buildah+skopeo and the specific problems that motivated each migration. Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
- Remove unused fuse-overlayfs from Dockerfile.release (vfs driver) - Drop tar from release dependency check (no longer used) - Raise error on missing layer blob instead of warn+continue - Replace _safe_tar_extract with safe_extractall (rejects symlinks/devices) - Make checksum writing idempotent (skip write if content unchanged) - Rename --target 'both' to 'combined' across CLI, OCI, CI, and release Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
- Fix _build_platform_image docstring (timestamp applies to all commits) - Remove unused arch param from _publish_single_arch - Skip publish recap when combined image already exists - Fix copy() docstring: refs don't include docker:// prefix - Fix blob lookup order: try verbatim digest first - Forward registry auth env vars into release container - Update README: replace crane references with buildah/skopeo Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
Use a temporary local manifest name to avoid collisions on repeated publishes, and remove local manifests and intermediate images in a finally block after push completes. Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎉 This pull request has been checked successfully and will be merged soon. 🎉
Branch main (fbfeeb8) and #43 are embarked together for merge.
This pull request has been created by Mergify to speculatively check the mergeability of #43.
You don't need to do anything. Mergify will close this pull request automatically when it is complete.
Required conditions of queue
defaultfor merge:#changes-requested-reviews-by=0base=maincheck-success=DCOcheck-success=build-initramfs (amd64)check-success=build-initramfs (arm64)check-success=build-iso (amd64)check-success=build-iso (arm64)check-success=build-kernel (amd64)check-success=build-kernel (arm64)check-success=download-tools (amd64)check-success=download-tools (arm64)label!=do-not-mergelabel=ready-to-mergequeue-position>=0author=jacobweinstock#approved-reviews-by>=1main]:check-success = build-initramfs (amd64)check-neutral = build-initramfs (amd64)check-skipped = build-initramfs (amd64)main]:check-success = build-initramfs (arm64)check-neutral = build-initramfs (arm64)check-skipped = build-initramfs (arm64)main]:check-success = build-kernel (amd64)check-neutral = build-kernel (amd64)check-skipped = build-kernel (amd64)main]:check-success = build-kernel (arm64)check-neutral = build-kernel (arm64)check-skipped = build-kernel (arm64)main]:check-success = download-tools (amd64)check-neutral = download-tools (amd64)check-skipped = download-tools (amd64)main]:check-success = download-tools (arm64)check-neutral = download-tools (arm64)check-skipped = download-tools (arm64)main]:check-success = build-iso (amd64)check-neutral = build-iso (amd64)check-skipped = build-iso (amd64)main]:check-success = build-iso (arm64)check-neutral = build-iso (arm64)check-skipped = build-iso (arm64)Required conditions to stay in the queue:
#changes-requested-reviews-by=0base=maincheck-success=DCOcheck-success=build-initramfs (amd64)check-success=build-initramfs (arm64)check-success=build-iso (amd64)check-success=build-iso (arm64)check-success=build-kernel (amd64)check-success=build-kernel (arm64)check-success=download-tools (amd64)check-success=download-tools (arm64)label!=do-not-mergelabel=ready-to-mergeauthor=jacobweinstock#approved-reviews-by>=1main]:check-success = build-initramfs (amd64)check-neutral = build-initramfs (amd64)check-skipped = build-initramfs (amd64)main]:check-success = build-initramfs (arm64)check-neutral = build-initramfs (arm64)check-skipped = build-initramfs (arm64)main]:check-success = build-kernel (amd64)check-neutral = build-kernel (amd64)check-skipped = build-kernel (amd64)main]:check-success = build-kernel (arm64)check-neutral = build-kernel (arm64)check-skipped = build-kernel (arm64)main]:check-success = download-tools (amd64)check-neutral = download-tools (amd64)check-skipped = download-tools (amd64)main]:check-success = download-tools (arm64)check-neutral = download-tools (arm64)check-skipped = download-tools (arm64)main]:check-success = build-iso (amd64)check-neutral = build-iso (amd64)check-skipped = build-iso (amd64)main]:check-success = build-iso (arm64)check-neutral = build-iso (arm64)check-skipped = build-iso (arm64)