diff --git a/.gitignore b/.gitignore index 58b6875..c8b3944 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/v1.0.0.tar.gz +SOURCES/v1.1.0.tar.gz diff --git a/.skopeo.metadata b/.skopeo.metadata index 69d4913..700cab8 100644 --- a/.skopeo.metadata +++ b/.skopeo.metadata @@ -1 +1 @@ -453eb3e74cf43acaefe92790ea06d15609073cf8 SOURCES/v1.0.0.tar.gz +1796def947b9f2d8ee1b11eab02b8a49dda7801a SOURCES/v1.1.0.tar.gz diff --git a/SOURCES/containers-auth.json.5.md b/SOURCES/containers-auth.json.5.md index 16e4d7b..4921f01 100644 --- a/SOURCES/containers-auth.json.5.md +++ b/SOURCES/containers-auth.json.5.md @@ -5,15 +5,16 @@ containers-auth.json - syntax for the registry authentication file # DESCRIPTION -A credentials file stored at `${XDG_RUNTIME_DIR}/containers/auth.json` in -json format used to authenticate against container image registries. +A credentials file in JSON format used to authenticate against container image registries. +On Linux it is stored at `${XDG_RUNTIME_DIR}/containers/auth.json`; +on Windows and macOS, at `$HOME/.config/containers/auth.json` ## FORMAT The auth.json file stores encrypted authentication information for the user to container image registries. The file can have zero to many entries and -is created by a `login` command from a container tool such as `podman login` or -`buildah login`. Each entry includes the name of the registry and then an auth +is created by a `login` command from a container tool such as `podman login`, +`buildah login` or `skopeo login`. Each entry includes the name of the registry and then an auth token in the form of a base64 encoded string from the concatenation of the username, a colon, and the password. @@ -36,8 +37,28 @@ their accounts on quay.io and docker.io: An entry can be removed by using a `logout` command from a container tool such as `podman logout` or `buildah logout`. +In addition, credential helpers can be configured for specific registries and the credentials-helper +software can be used to manage the credentials in a more secure way than depending on the base64 encoded authentication +provided by `login`. If the credential helpers are configured for specific registries, the base64 encoded authentication will not be used +for operations concerning credentials of the specified registries. + +When the credential helper is in use on a Linux platform, the auth.json file would contain keys that specify the registry domain, and values that specify the suffix of the program to use (i.e. everything after docker-credential-). For example: + +``` +{ + "auths": { + "localhost:5001": {} + }, + "credHelpers": { + "registry.example.com": "secretservice" + } +} +``` + +For more information on credential helpers, please reference the [GitHub docker-credential-helpers project](https://github.com/docker/docker-credential-helpers/releases). + # SEE ALSO - buildah-login(1), buildah-logout(1), podman-login(1), podman-logout(1) + buildah-login(1), buildah-logout(1), podman-login(1), podman-logout(1), skopeo-login(1), skopeo-logout(1) # HISTORY Feb 2020, Originally compiled by Tom Sweeney diff --git a/SOURCES/containers-storage.conf.5.md b/SOURCES/containers-storage.conf.5.md index aa328a4..3917334 100644 --- a/SOURCES/containers-storage.conf.5.md +++ b/SOURCES/containers-storage.conf.5.md @@ -198,6 +198,9 @@ The `storage.options.zfs` table supports the following options: **mountopt**="" Comma separated list of default options to be used to mount container images. Suggested value "nodev". Mount options are documented in the mount(8) man page. +**skip_mount_home=""** + Tell storage drivers to not create a PRIVATE bind mount on their home directory. + **size**="" Maximum size of a container image. This flag can be used to set quota on the size of container images. (format: [], where unit = b (bytes), k (kilobytes), m (megabytes), or g (gigabytes)) diff --git a/SOURCES/containers.conf b/SOURCES/containers.conf index a029aed..389479f 100644 --- a/SOURCES/containers.conf +++ b/SOURCES/containers.conf @@ -92,7 +92,7 @@ # Ulimits has limits for non privileged container engines. # # default_ulimits = [ -# “nofile”=”1280:2560”, +# "nofile"="1280:2560", # ] # List of default DNS options to be added to /etc/resolv.conf inside of the container. @@ -105,7 +105,7 @@ # Set default DNS servers. # This option can be used to override the DNS configuration passed to the -# container. The special value “none” can be specified to disable creation of +# container. The special value "none" can be specified to disable creation of # /etc/resolv.conf in the container. # The /etc/resolv.conf file in the image will be used without changes. # @@ -125,7 +125,7 @@ # Path to OCI hooks directories for automatically executed hooks. # # hooks_dir = [ -# “/usr/share/containers/oci/hooks.d”, +# "/usr/share/containers/oci/hooks.d", # ] # Default proxy environment variables passed into the container. @@ -220,7 +220,7 @@ # userns = "host" # Number of UIDs to allocate for the automatic container creation. -# UIDs are allocated from the “container” UIDs listed in +# UIDs are allocated from the "container" UIDs listed in # /etc/subuid & /etc/subgid # # userns_size=65536 @@ -241,7 +241,7 @@ [engine] # Cgroup management implementation used for the runtime. -# Valid options “systemd” or “cgroupfs” +# Valid options "systemd" or "cgroupfs" # # cgroup_manager = "systemd" diff --git a/SPECS/skopeo.spec b/SPECS/skopeo.spec index 760eacf..3012135 100644 --- a/SPECS/skopeo.spec +++ b/SPECS/skopeo.spec @@ -25,11 +25,13 @@ go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl Epoch: 1 Name: %{repo} -Version: 1.0.0 +Version: 1.1.0 Release: 1%{?dist} Summary: Inspect container images and repositories on registries License: ASL 2.0 URL: %{git0} +# Build fails with: No matching package to install: 'golang >= 1.12.12-4' on i686 +ExcludeArch: i686 Source0: %{git0}/archive/v%{version}.tar.gz #Source1: https://raw.githubusercontent.com/containers/storage/%%{branch}/storage.conf Source1: https://src.fedoraproject.org/rpms/skopeo/raw/master/f/storage.conf @@ -193,6 +195,14 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_datadir}/%{name}/test %changelog +* Fri Jun 19 2020 Jindrich Novy - 1:1.1.0-1 +- update to https://github.com/containers/skopeo/releases/tag/v1.1.0 +- Related: #1821193 + +* Wed Jun 10 2020 Jindrich Novy - 1:1.0.0-2 +- exclude i686 arch +- Related: #1821193 + * Tue May 19 2020 Jindrich Novy - 1:1.0.0-1 - update to https://github.com/containers/skopeo/releases/tag/v1.0.0 - Related: #1821193