This is a golang library for working with container registries. It's largely based on the Python library of the same name.
The overarching design philosophy of this library is to define interfaces that present an immutable view of resources (e.g.
ImageIndex), which can be backed by a variety of medium (e.g. registry, tarball, daemon, ...).
To complement these immutable views, we support functional mutations that produce new immutable views of the resulting resource (e.g. mutate). The end goal is to provide a set of versatile primives that can compose to do extraordinarily powerful things efficiently and easily.
Both the resource views and mutations may be lazy, eager, memoizing, etc, and most are optimized for common paths based on the tooling we have seen in the wild (e.g. writing new images from disk to the registry as a compressed tarball).
Over time, we will add new functionality under experimental environment variables listed here.
|Env Var||Value(s)||What is does|
||When enabled this experiment will direct
The simplest use for these libraries is to read from one source and write to another.
remote.Image -> tarball.Write,
tarball.Image -> remote.Write,
remote.Image -> remote.Write.
However, often you actually want to change something about an image. This is the purpose of the
mutate package, which exposes some commonly useful things to change about an image.
If you're trying to use this library with a different source or sink than it already supports, it can be somewhat cumbersome. The
Layer interfaces are pretty wide, with a lot of redundant information. This is somewhat by design, because we want to expose this information as efficiently as possible where we can, but again it is a pain to implement yourself.
The purpose of the
partial package is to make implementing a
v1.Image much easier, by filling in all the derived accessors for you if you implement a minimal subset of
You might think our abstractions are bad and you just want to authenticate and send requests to a registry.
This repo hosts some tools built on top of the library.
crane is a tool for interacting with remote images and registries.
gcrane is a GCR-specific variant of
crane that has richer output for the
ls subcommand and some basic garbage collection support.
k8schain implements the authentication semantics use by kubelets in a way that is easily consumable by this library.
k8schain is not a standalone tool, but it's linked here for visibility.
This tool was originally developed in this repo but has since been moved to its own repo.