Documentation
¶
Index ¶
- Constants
- func ExtractAlgorithm(ctx context.Context, logger *slog.Logger, ociDir, destPath, algoType string) (string, string, error)
- func ExtractDataset(ociDir, destPath string) ([]string, error)
- type ImageManifest
- type OCIIndex
- type OCILayout
- type ResourceSource
- type ResourceType
- type SkopeoClient
- func (s *SkopeoClient) GetLocalImagePath(name string) string
- func (s *SkopeoClient) Inspect(ctx context.Context, imageRef string) (*ImageManifest, error)
- func (s *SkopeoClient) PullAndDecrypt(ctx context.Context, source ResourceSource, destDir string) error
- func (s *SkopeoClient) ToDockerArchive(ctx context.Context, ociDir, destFile string) error
Constants ¶
const ( // OCICryptKeyproviderConfig is the environment variable for ocicrypt config. OCICryptKeyproviderConfig = "OCICRYPT_KEYPROVIDER_CONFIG" // DefaultOCICryptConfig is the default path to ocicrypt config. DefaultOCICryptConfig = "/etc/ocicrypt_keyprovider.conf" // DecryptionKeyProvider is the decryption key provider for CoCo. DecryptionKeyProvider = "provider:attestation-agent:cc_kbc::null" )
Variables ¶
This section is empty.
Functions ¶
func ExtractAlgorithm ¶
func ExtractAlgorithm(ctx context.Context, logger *slog.Logger, ociDir, destPath, algoType string) (string, string, error)
ExtractAlgorithm extracts the algorithm file and optionally requirements.txt from an OCI image directory.
func ExtractDataset ¶
ExtractDataset extracts dataset files from an OCI image directory.
Types ¶
type ImageManifest ¶
type ImageManifest struct {
// Reference is the original image reference
Reference string
// Digest is the image digest
Digest string
// Layers are the layer digests
Layers []string
}
ImageManifest represents basic OCI image manifest information.
type OCIIndex ¶
type OCIIndex struct {
SchemaVersion int `json:"schemaVersion"`
Manifests []struct {
MediaType string `json:"mediaType"`
Digest string `json:"digest"`
Size int `json:"size"`
} `json:"manifests"`
}
OCIIndex represents the OCI index.json.
type OCILayout ¶
type OCILayout struct {
ImageLayoutVersion string `json:"imageLayoutVersion"`
}
OCILayout represents the OCI image layout.
type ResourceSource ¶
type ResourceSource struct {
// Type of resource (oci-image)
Type ResourceType `json:"type"`
// URI is the OCI image reference (e.g., "docker://registry/repo:tag")
URI string `json:"uri"`
// Encrypted indicates if the image is encrypted
Encrypted bool `json:"encrypted"`
// KBSResourcePath is the KBS resource path for the decryption key
// (e.g., "default/key/algo-key")
KBSResourcePath string `json:"kbs_resource_path,omitempty"`
}
ResourceSource defines the source of an OCI resource.
type ResourceType ¶
type ResourceType string
ResourceType defines the type of OCI resource.
const ( // ResourceTypeOCIImage represents a standard OCI image. ResourceTypeOCIImage ResourceType = "oci-image" )
type SkopeoClient ¶
type SkopeoClient struct {
// contains filtered or unexported fields
}
SkopeoClient wraps skopeo command-line operations.
func NewSkopeoClient ¶
func NewSkopeoClient(workDir string) (*SkopeoClient, error)
NewSkopeoClient creates a new Skopeo client.
func (*SkopeoClient) GetLocalImagePath ¶
func (s *SkopeoClient) GetLocalImagePath(name string) string
GetLocalImagePath returns the path to a local OCI image directory.
func (*SkopeoClient) Inspect ¶
func (s *SkopeoClient) Inspect(ctx context.Context, imageRef string) (*ImageManifest, error)
Inspect inspects an OCI image and returns basic manifest information.
func (*SkopeoClient) PullAndDecrypt ¶
func (s *SkopeoClient) PullAndDecrypt(ctx context.Context, source ResourceSource, destDir string) error
PullAndDecrypt pulls an OCI image and decrypts it if encrypted.
func (*SkopeoClient) ToDockerArchive ¶
func (s *SkopeoClient) ToDockerArchive(ctx context.Context, ociDir, destFile string) error
ToDockerArchive converts an OCI directory to a Docker archive tarball.
Source Files