diff --git a/.gitignore b/.gitignore index bc61c0a..c74a542 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/skopeo-b08350d.tar.gz +SOURCES/skopeo-7add6fc.tar.gz diff --git a/.skopeo.metadata b/.skopeo.metadata index 24bfd51..ae84210 100644 --- a/.skopeo.metadata +++ b/.skopeo.metadata @@ -1 +1 @@ -b7a71f4c8c37d178f9d610c80f79b10961b7aeb0 SOURCES/skopeo-b08350d.tar.gz +1732922cde90400787168dd3fd4315596686c420 SOURCES/skopeo-7add6fc.tar.gz diff --git a/SOURCES/registries.conf b/SOURCES/registries.conf new file mode 100644 index 0000000..1ffaed5 --- /dev/null +++ b/SOURCES/registries.conf @@ -0,0 +1,25 @@ +# This is a system-wide configuration file used to +# keep track of registries for various container backends. +# It adheres to TOML format and does not support recursive +# lists of registries. + +# The default location for this configuration file is /etc/containers/registries.conf. + +# The only valid categories are: 'registries.search', 'registries.insecure', +# and 'registries.block'. + +[registries.search] +registries = ['registry.access.redhat.com'] + +# If you need to access insecure registries, add the registry's fully-qualified name. +# An insecure registry is one that does not have a valid SSL certificate or only does HTTP. +[registries.insecure] +registries = [] + + +# If you need to block pull access from a registry, uncomment the section below +# and add the registries fully-qualified name. +# +# Docker only +[registries.block] +registries = [] diff --git a/SOURCES/registries.conf.5.md b/SOURCES/registries.conf.5.md new file mode 100644 index 0000000..3aa4ad5 --- /dev/null +++ b/SOURCES/registries.conf.5.md @@ -0,0 +1,41 @@ +% registries.conf(5) System-wide registry configuration file +% Brent Baude +% Aug 2017 + +# NAME +registries.conf - Syntax of System Registry Configuration File + +# DESCRIPTION +The REGISTRIES configuration file is a system-wide configuration file for container image +registries. The file format is TOML. + +# FORMAT +The TOML_format is used to build simple list format for registries under two +categories: `search` and `insecure`. You can list multiple registries using +as a comma separated list. + +Search registries are used when the caller of a container runtime does not fully specify the +container image that they want to execute. These registries are prepended onto the front + of the specified container image until the named image is found at a registry. + +Insecure Registries. By default container runtimes use TLS when retrieving images +from a registry. If the registry is not setup with TLS, then the container runtime +will fail to pull images from the registry. If you add the registry to the list of +insecure registries then the container runtime will attempt use standard web protocols to +pull the image. It also allows you to pull from a registry with self-signed certificates. +Note insecure registries can be used for any registry, not just the +registries listed under search. + +The following example configuration defines two searchable registries and one +insecure registry. + +``` +[registries.search] +registries = ["registry1.com", "registry2.com"] + +[registries.insecure] +registries = ["registry3.com"] +``` + +# HISTORY +Aug 2017, Originally compiled by Brent Baude diff --git a/SPECS/skopeo.spec b/SPECS/skopeo.spec index 162c3e4..6f75653 100644 --- a/SPECS/skopeo.spec +++ b/SPECS/skopeo.spec @@ -19,14 +19,14 @@ # https://github.com/projectatomic/skopeo %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo} %global import_path %{provider_prefix} -%global commit0 b08350db15cd208e73971baed26ae7d9651a4158 +%global commit0 7add6fc80b0f33406217e7c3361cb711c814f028 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) %global git0 https://%{import_path} Name: %{repo} Epoch: 1 Version: 0.1.29 -Release: 1.dev.git%{shortcommit0}%{?dist} +Release: 3.dev.git%{shortcommit0}%{?dist} Summary: Inspect Docker images and repositories on registries License: ASL 2.0 URL: %{git0} @@ -34,6 +34,8 @@ Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source1: storage.conf Source2: containers-storage.conf.5.md Source3: mounts.conf +Source4: registries.conf +Source5: registries.conf.5.md BuildRequires: git # If go_compiler is not set to 1, there is no virtual provide. Use golang instead. BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang} >= 1.6.2 @@ -162,7 +164,8 @@ providing packages with %{import_path} prefix. Summary: Configuration files for working with image signature # /etc/containers/registries.d/default.yaml has been moved from atomic to # skopeo-containers -Conflicts: atomic <= 1.13.1-1 +Conflicts: atomic <= 1:1.13.1-1 +Conflicts: atomic-registries <= 1:1.22.1-2 %description containers This package installs a default signature store configuration @@ -201,14 +204,17 @@ if test -f man/%{name}.1.md; then fi go-md2man -in %{SOURCE2} -out containers-storage.conf.5 +go-md2man -in %{SOURCE5} -out registries.conf.5 %install make DESTDIR=%{buildroot} install install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/storage.conf mkdir -p %{buildroot}%{_mandir}/man5 install -m644 containers-storage.conf.5 %{buildroot}%{_mandir}/man5 +install -m644 registries.conf.5 %{buildroot}%{_mandir}/man5 mkdir -p %{buildroot}%{_datadir}/containers install -m0644 %{SOURCE3} %{buildroot}%{_datadir}/containers/mounts.conf +install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/containers/ # install secrets patch directory install -d -p -m 750 %{buildroot}%{_datadir}/rhel/secrets @@ -274,16 +280,16 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %endif %files containers -%{_sysconfdir}/containers +%dir %{_sysconfdir}/containers +%dir %{_sysconfdir}/containers/registries.d %config(noreplace) %{_sysconfdir}/containers/policy.json %config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml %config(noreplace) %{_sysconfdir}/containers/storage.conf -%dir %{_sysconfdir}/containers +%config(noreplace) %{_sysconfdir}/containers/registries.conf %dir %{_datadir}/containers %{_datadir}/containers/mounts.conf -%dir %{_sysconfdir}/containers/registries.d %dir %{_sharedstatedir}/atomic/sigstore -%{_mandir}/man5/containers-storage.conf.5* +%{_mandir}/man5/*.conf.5* %dir %{_datadir}/rhel/secrets %{_datadir}/rhel/secrets/etc-pki-entitlement %{_datadir}/rhel/secrets/rhel7.repo @@ -294,9 +300,34 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_mandir}/man1/%{name}.1* %license LICENSE %doc README.md -%{_datadir}/bash-completion/ +%dir %{_datadir}/bash-completion/ +%dir %{_datadir}/bash-completion/completions +%{_datadir}/bash-completion/completions/%{name} %changelog +* Tue Apr 10 2018 Lokesh Mandvekar - 1:0.1.29-3.git7add6fc +- move registries.conf to skopeo-containers from atomic + +* Thu Mar 29 2018 dwalsh - 0.1.29-2.git +- bump to 0.1.29-1 +- Updated containers/image + docker-archive generates docker legacy compatible images + Do not create $DiffID subdirectories for layers with no configs + Ensure the layer IDs in legacy docker/tarfile metadata are unique + docker-archive: repeated layers are symlinked in the tar file + sysregistries: remove all trailing slashes + Improve docker/* error messages + Fix failure to make auth directory + Create a new slice in Schema1.UpdateLayerInfos + Drop unused storageImageDestination.{image,systemContext} + Load a *storage.Image only once in storageImageSource + Support gzip for docker-archive files + Remove .tar extension from blob and config file names + ostree, src: support copy of compressed layers + ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size + image: fix docker schema v1 -> OCI conversion + Add /etc/containers/certs.d as default certs directory + * Wed Mar 21 2018 Lokesh Mandvekar - 1:0.1.29-1.dev,gitb08350d - Resolves: #1543707