/go-containerregistry

Go library and CLIs for working with container registries

Primary LanguageGoApache License 2.0Apache-2.0

go-containerregistry

Travis Build Status GitHub Actions Build Status GoDoc Go Report Card Code Coverage

Introduction

This is a golang library for working with container registries. It's largely based on the Python library of the same name.

The following diagram shows the main types that this library handles. OCI image representation

Philosophy

This library primarily revolves around an Image interface (and to a lesser extent, ImageIndex and Layer).

There are a number of packages for reading/writing these interfaces from/to various formats.

The main focus has been registry interactions (hence the name) via the remote package, but we have implemented other formats as we needed them to interoperate with various tools.

v1.Image

Sources

Sinks

v1.ImageIndex

Sources

Sinks

v1.Layer

Sources

Sinks

Overview

mutate

The simplest use for these libraries is to read from one source and write to another.

For example,

  • crane pull is remote.Image -> tarball.Write,
  • crane push is tarball.Image -> remote.Write,
  • crane cp is remote.Image -> remote.Write.

However, often you actually want to change something about an image. This is the purpose of the mutate package, which exposes some commonly useful things to change about an image.

partial

If you're trying to use this library with a different source or sink than it already supports, it can be somewhat cumbersome. The Image and Layer interfaces are pretty wide, with a lot of redundant information. This is somewhat by design, because we want to expose this information as efficiently as possible where we can, but again it is a pain to implement yourself.

The purpose of the partial package is to make implementing a v1.Image much easier, by filling in all the derived accessors for you if you implement a minimal subset of v1.Image.

transport

You might think our abstractions are bad and you just want to authenticate and send requests to a registry.

This is the purpose of the transport and authn packages.

Tools

This repo hosts some tools built on top of the library.

crane

crane is a tool for interacting with remote images and registries.

gcrane

gcrane is a GCR-specific variant of crane that has richer output for the ls subcommand and some basic garbage collection support.

k8schain

k8schain implements the authentication semantics use by kubelets in a way that is easily consumable by this library.

k8schain is not a standalone tool, but it's linked here for visibility.

Emeritus: ko

This tool was originally developed in this repo but has since been moved to its own repo.