github.com/werf/3p-oras@v0.4.0/README.md (about) 1 # OCI Registry As Storage 2 [![Codefresh build status]( https://g.codefresh.io/api/badges/pipeline/orasbot/deislabs%2Foras%2Fmaster?type=cf-1)]( https://g.codefresh.io/public/accounts/orasbot/pipelines/deislabs/oras/master) 3 [![Go Report Card](https://goreportcard.com/badge/github.com/deislabs/oras)](https://goreportcard.com/report/github.com/deislabs/oras) 4 [![GoDoc](https://godoc.org/github.com/deislabs/oras?status.svg)](https://godoc.org/github.com/deislabs/oras) 5 6 ![](./oras.png) 7 8 [Registries are evolving as Cloud Native Artifact Stores](https://stevelasker.blog/2019/01/25/cloud-native-artifact-stores-evolve-from-container-registries/). To enable this goal, Microsoft has donated ORAS as means to enable various client libraries with a way to submit artifacts to [OCI Spec Compliant](https://github.com/opencontainers/image-spec) registires. This repo is a staging ground for some yet to be determined upstream home. 9 10 As of Jan 24th, 2019, we're still evolving the library to incorporate annotation support. While we're initially testing ORAS with [Helm 3 Registries](https://github.com/helm/community/blob/3689b3202e35361274241dc4ec188e1e6f1a2e53/proposals/helm-repo-container-registry-convergence/readme.md) and [CNAB](https://cnab.io), we're very interested in feedback and contributions for other artifacts. 11 12 ## More Background 13 For more background, please see: 14 15 - [OCI Image Support Comes to Open Source Docker Registry](https://www.opencontainers.org/blog/2018/10/11/oci-image-support-comes-to-open-source-docker-registry) 16 - [Registries are evolving as Cloud Native Artifact Stores](https://stevelasker.blog/2019/01/25/cloud-native-artifact-stores-evolve-from-container-registries/) 17 18 ## Registries with known support 19 20 `oras` can push/pull any files to/from any registry with OCI image support of various mime types. 21 22 - [Distribution](https://github.com/docker/distribution) (open source, version 2.7+) 23 - [Azure Container Registry](https://aka.ms/acr/docs) 24 - Quay.io is coming soon 25 26 ## Getting Started 27 28 First, you must have access to a registry with OCI image support (see list above). 29 30 The simplest way to get started is to run the official 31 [Docker registry image](https://hub.docker.com/_/registry) locally: 32 33 ``` 34 docker run -it --rm -p 5000:5000 registry 35 ``` 36 37 This will start a Distribution server at `localhost:5000` 38 (with wide-open access and no persistence). 39 40 Next, install the `oras` CLI (see platform-specific installation instructions below). 41 42 Push a sample file to the registry: 43 44 ``` 45 cd /tmp && echo "hello world" > hi.txt 46 oras push localhost:5000/hello:latest hi.txt 47 ``` 48 49 Pull the file from the registry: 50 ``` 51 cd /tmp && rm -f hi.txt 52 oras pull localhost:5000/hello:latest 53 cat hi.txt # should print "hello world" 54 ``` 55 56 Please see the **Go Module** section below for how this can be imported and used 57 inside a Go project. 58 59 ## CLI 60 61 `oras` is a CLI that allows you to push and pull files from 62 any registry with OCI image support. 63 64 65 ### Installation 66 67 Install `oras` using [GoFish](https://gofi.sh/): 68 ``` 69 gofish install oras 70 ==> Installing oras... 71 🐠 oras 0.4.0: installed in 65.131245ms 72 ``` 73 74 or install manually from the latest [release artifacts](https://github.com/deislabs/oras/releases): 75 ``` 76 # Linux 77 curl -LO https://github.com/deislabs/oras/releases/download/v0.4.0/oras_0.4.0_linux_amd64.tar.gz 78 79 # macOS 80 curl -LO https://github.com/deislabs/oras/releases/download/v0.4.0/oras_0.4.0_darwin_amd64.tar.gz 81 82 # unpack, install, dispose 83 mkdir -p oras-install/ 84 tar -zxf oras_0.4.0_*.tar.gz -C oras-install/ 85 mv oras-install/oras /usr/local/bin/ 86 rm -rf oras_0.4.0_*.tar.gz oras-install/ 87 ``` 88 89 Then, to run: 90 91 ``` 92 oras help 93 ``` 94 ### Docker Image 95 96 A public Docker image containing the CLI is available on [Docker Hub](https://hub.docker.com/r/orasbot/oras): 97 98 ``` 99 docker run -it --rm -v $(pwd):/workspace orasbot/oras:v0.4.0 help 100 ``` 101 102 Note: the default WORKDIR in the image is `/workspace`. 103 104 ### Authentication 105 106 Run `oras login` in advance for any private registries. By default, this will store credentials in `~/.docker/config.json` (same file as used by Docker). If you have authenticated to a registry previously using `docker login`, the credentials will be reused. Use the `-c`/`--config` option to specify an alternate location. 107 108 `oras` also accepts explicit credentials via options, for example, 109 ``` 110 oras pull -u username -p password myregistry.io/myimage:latest 111 ``` 112 113 #### Example using with Docker registry 114 115 First, create a valid htpasswd file (must use `-B` for bcrypt): 116 ``` 117 htpasswd -cB -b auth.htpasswd myuser mypass 118 ``` 119 120 Next, start a registry using that file for auth: 121 ``` 122 docker run -it --rm -p 5000:5000 \ 123 -v $(pwd)/auth.htpasswd:/etc/docker/registry/auth.htpasswd \ 124 -e REGISTRY_AUTH="{htpasswd: {realm: localhost, path: /etc/docker/registry/auth.htpasswd}}" \ 125 registry 126 ``` 127 128 In a new window, login with `oras`: 129 ``` 130 oras login -u myuser -p mypass localhost:5000 131 ``` 132 133 You will notice a new entry for `localhost:5000` appear in `~/.docker/config.json`. 134 135 To remove the entry from the credentials file, use `oras logout`: 136 ``` 137 oras logout localhost:5000 138 ``` 139 140 ### Usage 141 142 #### Pushing single files to remote registry 143 ``` 144 oras push localhost:5000/hello:latest hi.txt 145 ``` 146 147 The default media type for all files is `application/vnd.oci.image.layer.v1.tar`. 148 149 The push a custom media type, use the format `filename[:type]`: 150 ``` 151 oras push localhost:5000/hello:latest hi.txt:application/vnd.me.hi 152 ``` 153 154 #### Pushing multiple files to remote registry 155 Just as docker images support multiple "layers", ORAS supports pushing multiple files. The file type is up to the implementer. You can push tar, yaml, text or whatever your artifact should be represented as. 156 157 To push multiple files with different media types: 158 ``` 159 oras push localhost:5000/hello:latest hi.txt:application/vnd.me.hi bye.txt:application/vnd.me.bye 160 ``` 161 162 #### Pulling files from remote registry 163 ``` 164 oras pull localhost:5000/hello:latest 165 ``` 166 167 By default, only blobs with media type `application/vnd.oci.image.layer.v1.tar` will be downloaded. 168 169 To specify which media types to download, use the `--media-type`/`-t` flag: 170 ``` 171 oras pull localhost:5000/hello:latest -t application/vnd.me.hi 172 ``` 173 174 Or to allow all media types, use the `--allow-all`/`-a` flag: 175 ``` 176 oras pull localhost:5000/hello:latest -a 177 ``` 178 179 ## Go Module 180 181 The package `github.com/deislabs/oras/pkg/oras` can quickly be imported in other Go-based tools that 182 wish to benefit from the ability to store arbitrary content in container registries. 183 184 Example: 185 186 [Source](examples/simple_push_pull.go) 187 188 ```go 189 package main 190 191 import ( 192 "context" 193 "fmt" 194 195 "github.com/deislabs/oras/pkg/content" 196 "github.com/deislabs/oras/pkg/oras" 197 198 "github.com/containerd/containerd/remotes/docker" 199 ocispec "github.com/opencontainers/image-spec/specs-go/v1" 200 ) 201 202 func check(e error) { 203 if e != nil { 204 panic(e) 205 } 206 } 207 208 func main() { 209 ref := "localhost:5000/oras:test" 210 fileName := "hello.txt" 211 fileContent := []byte("Hello World!\n") 212 customMediaType := "my.custom.media.type" 213 214 ctx := context.Background() 215 resolver := docker.NewResolver(docker.ResolverOptions{}) 216 217 // Push file(s) w custom mediatype to registry 218 memoryStore := content.NewMemoryStore() 219 desc := memoryStore.Add(fileName, customMediaType, fileContent) 220 pushContents := []ocispec.Descriptor{desc} 221 fmt.Printf("Pushing %s to %s...\n", fileName, ref) 222 desc, err := oras.Push(ctx, resolver, ref, memoryStore, pushContents) 223 check(err) 224 fmt.Printf("Pushed to %s with digest %s\n", ref, desc.Digest) 225 226 // Pull file(s) from registry and save to disk 227 fmt.Printf("Pulling from %s and saving to %s...\n", ref, fileName) 228 fileStore := content.NewFileStore("") 229 defer fileStore.Close() 230 allowedMediaTypes := []string{customMediaType} 231 desc, _, err = oras.Pull(ctx, resolver, ref, fileStore, oras.WithAllowedMediaTypes(allowedMediaTypes)) 232 check(err) 233 fmt.Printf("Pulled from %s with digest %s\n", ref, desc.Digest) 234 fmt.Printf("Try running 'cat %s'\n", fileName) 235 } 236 ```