diff --git a/Makefile b/Makefile index 9e529c910..dd2074d44 100644 --- a/Makefile +++ b/Makefile @@ -30,7 +30,6 @@ DOC_FILES := \ descriptor.md \ image-layout.md \ manifest.md \ - artifact.md \ image-index.md \ layer.md \ config.md \ diff --git a/annotations.md b/annotations.md index f3752e539..49f5f82e9 100644 --- a/annotations.md +++ b/annotations.md @@ -16,10 +16,8 @@ This property contains arbitrary metadata. ## Pre-Defined Annotation Keys -This specification defines the following annotation keys, intended for but not limited to [image index](image-index.md), image [manifest](manifest.md), [artifact](artifact.md), and [descriptor](descriptor.md) authors. +This specification defines the following annotation keys, intended for but not limited to [image index](image-index.md), image [manifest](manifest.md), and [descriptor](descriptor.md) authors. -* **org.opencontainers.artifact.created** date and time on which the artifact was built, conforming to [RFC 3339][rfc3339]. -* **org.opencontainers.artifact.description**: human readable description for the artifact (string) * **org.opencontainers.image.created** date and time on which the image was built, conforming to [RFC 3339][rfc3339]. * **org.opencontainers.image.authors** contact details of the people or organization responsible for the image (freeform string) * **org.opencontainers.image.url** URL to find more information on the image (string) diff --git a/artifact.md b/artifact.md deleted file mode 100644 index 3d2b44c44..000000000 --- a/artifact.md +++ /dev/null @@ -1,74 +0,0 @@ -# OCI Artifact Manifest Specification - -The goal of the Artifact Manifest Specification is to define content addressable artifacts in order to store them along side container images in a registry. -Like [OCI Images](manifest.md), OCI Artifacts may be referenced by the hash of their manifest. -Unlike OCI Images, OCI Artifacts are not meant to be used by any container runtime. - -Examples of artifacts that may be stored along with container images are Software Bill of Materials (SBOM), Digital Signatures, Provenance data, Supply Chain Attestations, scan results, and Helm charts. - -This section defines the `application/vnd.oci.artifact.manifest.v1+json` [media type](media-types.md). -For the media type(s) that this is compatible with see the [matrix](media-types.md#compatibility-matrix). - -# Artifact Manifest - -## *Artifact Manifest* Property Descriptions - -- **`mediaType`** *string* - - This property MUST be used and contain the media type `application/vnd.oci.artifact.manifest.v1+json`. - -- **`artifactType`** *string* - - This property SHOULD be used and contain the mediaType of the referenced artifact. - If defined, the value MUST comply with [RFC 6838][rfc6838], including the [naming requirements in its section 4.2][rfc6838-s4.2], and MAY be registered with [IANA][iana]. - -- **`blobs`** *array of objects* - - This OPTIONAL property is an array of objects and each item in the array MUST be a [descriptor](descriptor.md). - Each descriptor represents an artifact of any IANA mediaType. - The list MAY be ordered for certain artifact types like scan results. - -- **`subject`** *[descriptor](descriptor.md)* - - This OPTIONAL property specifies a [descriptor](descriptor.md) of another manifest. - This value, used by the [`referrers` API](https://github.com/opencontainers/distribution-spec/blob/main/spec.md#listing-referrers), indicates a relationship to the specified manifest. - -- **`annotations`** *string-string map* - - This OPTIONAL property contains additional metadata for the artifact manifest. - This OPTIONAL property MUST use the [annotation rules](annotations.md#rules). - - See [Pre-Defined Annotation Keys](annotations.md#pre-defined-annotation-keys). - - Annotations MAY be used to filter the response from the [`referrers` API](https://github.com/opencontainers/distribution-spec/blob/main/spec.md#listing-referrers). - -## Examples - -*Example showing an artifact manifest for an example SBOM referencing an image:* - -```jsonc,title=Manifest&mediatype=application/vnd.oci.artifact.manifest.v1%2Bjson -{ - "mediaType": "application/vnd.oci.artifact.manifest.v1+json", - "artifactType": "application/vnd.example.sbom.v1", - "blobs": [ - { - "mediaType": "application/gzip", - "size": 123, - "digest": "sha256:87923725d74f4bfb94c9e86d64170f7521aad8221a5de834851470ca142da630" - } - ], - "subject": { - "mediaType": "application/vnd.oci.image.manifest.v1+json", - "size": 1234, - "digest": "sha256:cc06a2839488b8bd2a2b99dcdc03d5cfd818eed72ad08ef3cc197aac64c0d0a0" - }, - "annotations": { - "org.opencontainers.artifact.created": "2022-01-01T14:42:55Z", - "org.example.sbom.format": "json" - } -} -``` - -[iana]: https://www.iana.org/assignments/media-types/media-types.xhtml -[rfc6838]: https://tools.ietf.org/html/rfc6838 -[rfc6838-s4.2]: https://tools.ietf.org/html/rfc6838#section-4.2 diff --git a/descriptor.md b/descriptor.md index 82d303fe1..f936b9107 100644 --- a/descriptor.md +++ b/descriptor.md @@ -55,14 +55,11 @@ The following fields contain the primary properties that constitute a Descriptor - **`artifactType`** *string* This OPTIONAL property contains the type of an artifact when the descriptor points to an artifact. - This is the value of `artifactType` when the descriptor references an [artifact manifest](artifact.md). This is the value of the config descriptor `mediaType` when the descriptor references an [image manifest](manifest.md). If defined, the value MUST comply with [RFC 6838][rfc6838], including the [naming requirements in its section 4.2][rfc6838-s4.2], and MAY be registered with [IANA][iana]. Descriptors pointing to [`application/vnd.oci.image.manifest.v1+json`](manifest.md) SHOULD include the extended field `platform`, see [Image Index Property Descriptions](image-index.md#image-index-property-descriptions) for details. -Descriptors pointing to [`application/vnd.oci.artifact.manifest.v1+json`](artifact.md) SHOULD include the extended field `artifactType`. - ### Reserved Extended _Descriptor_ field additions proposed in other OCI specifications SHOULD first be considered for addition into this specification. @@ -206,7 +203,7 @@ In the following example, the descriptor indicates the type of artifact it is re ```json,title=Content%20Descriptor&mediatype=application/vnd.oci.descriptor.v1%2Bjson { - "mediaType": "application/vnd.oci.artifact.manifest.v1+json", + "mediaType": "application/vnd.oci.image.manifest.v1+json", "size": 123, "digest": "sha256:87923725d74f4bfb94c9e86d64170f7521aad8221a5de834851470ca142da630", "artifactType": "application/vnd.example.sbom.v1" diff --git a/image-index.md b/image-index.md index 7695bb6cb..5d32c6bc8 100644 --- a/image-index.md +++ b/image-index.md @@ -35,7 +35,6 @@ For the media type(s) that this document is compatible with, see the [matrix][ma Implementations MUST support at least the following media types: - [`application/vnd.oci.image.manifest.v1+json`](manifest.md) - - [`application/vnd.oci.artifact.manifest.v1+json`](artifact.md) Also, implementations SHOULD support the following media types: @@ -157,14 +156,9 @@ When the variant of the CPU is not listed in the table, values are implementatio } }, { - "mediaType": "application/vnd.oci.artifact.manifest.v1+json", + "mediaType": "application/vnd.oci.image.index.v1+json", "size": 7682, - "digest": "sha256:601570aaff1b68a61eb9c85b8beca1644e698003e0cdb5bce960f193d265a8b7", - "artifactType": "application/example", - "annotations": { - "com.example.artifactKey1": "value1", - "com.example.artifactKey2": "value2" - } + "digest": "sha256:601570aaff1b68a61eb9c85b8beca1644e698003e0cdb5bce960f193d265a8b7" } ], "annotations": { diff --git a/img/media-types.dot b/img/media-types.dot index b6b331a0a..8583d5fc9 100644 --- a/img/media-types.dot +++ b/img/media-types.dot @@ -4,7 +4,6 @@ digraph G { { rank=same manifest [shape=note, label="Image manifest\napplication/vnd.oci.image.manifest.v1+json"] - artifact [shape=note, label="Artifact Manifest\napplication/vnd.oci.artifact.manifest.v1+json"] } config [shape=note, label="Image config JSON\napplication/vnd.oci.image.config.v1+json"] layer [shape=note, label="Layer tar archive\napplication/vnd.oci.image.layer.v1.tar\napplication/vnd.oci.image.layer.v1.tar+gzip\napplication/vnd.oci.image.layer.nondistributable.v1.tar\napplication/vnd.oci.image.layer.nondistributable.v1.tar+gzip"] @@ -14,9 +13,5 @@ digraph G { imageIndex -> manifest [label="1..*"] manifest -> config [label="1..1"] manifest -> layer [label="1..*"] - artifact -> manifest [label="0..1"] [constraint = false]; - artifact -> artifact [label="0..1"]; manifest -> manifest [label="0..1"]; - artifact -> imageIndex [label="0..1"] - artifact -> layer[label="0..*"] } diff --git a/img/media-types.png b/img/media-types.png index cfb9f5b03..70d2fe66e 100644 Binary files a/img/media-types.png and b/img/media-types.png differ diff --git a/spec.md b/spec.md index a3e7684df..4a3778861 100644 --- a/spec.md +++ b/spec.md @@ -17,7 +17,6 @@ The goal of this specification is to enable the creation of interoperable tools - [Image Index](image-index.md) - [Filesystem Layers](layer.md) - [Image Configuration](config.md) -- [Artifact Manifest](artifact.md) - [Annotations](annotations.md) - [Conversion](conversion.md) - [Considerations](considerations.md) @@ -54,7 +53,6 @@ The high-level components of the spec include: * [Image Manifest](manifest.md) - a document describing the components that make up a container image * [Image Index](image-index.md) - an annotated list of manifests -* [Artifact Manifest](artifact.md) - a document describing the components that make up an artifact * [Image Layout](image-layout.md) - a filesystem layout representing the contents of an image * [Filesystem Layer](layer.md) - a changeset that describes a container's filesystem * [Image Configuration](config.md) - a document determining layer ordering and configuration of the image suitable for translation into a [runtime bundle][runtime-spec] diff --git a/specs-go/v1/artifact.go b/specs-go/v1/artifact.go deleted file mode 100644 index b755ec22d..000000000 --- a/specs-go/v1/artifact.go +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2022 The Linux Foundation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1 - -// Artifact describes an artifact manifest. -// This structure provides `application/vnd.oci.artifact.manifest.v1+json` mediatype when marshalled to JSON. -type Artifact struct { - // MediaType is the media type of the object this schema refers to. - MediaType string `json:"mediaType"` - - // ArtifactType is the IANA media type of the artifact this schema refers to. - ArtifactType string `json:"artifactType,omitempty"` - - // Blobs is a collection of blobs referenced by this manifest. - Blobs []Descriptor `json:"blobs,omitempty"` - - // Subject (reference) is an optional link from the artifact to another manifest forming an association between the artifact and the other manifest. - Subject *Descriptor `json:"subject,omitempty"` - - // Annotations contains arbitrary metadata for the artifact manifest. - Annotations map[string]string `json:"annotations,omitempty"` -} diff --git a/specs-go/v1/mediatype.go b/specs-go/v1/mediatype.go index 3126d8107..5dd31255e 100644 --- a/specs-go/v1/mediatype.go +++ b/specs-go/v1/mediatype.go @@ -72,7 +72,4 @@ const ( // MediaTypeScratch specifies the media type for an unused blob containing the value `{}` MediaTypeScratch = "application/vnd.oci.scratch.v1+json" - - // MediaTypeArtifactManifest specifies the media type for a content descriptor. - MediaTypeArtifactManifest = "application/vnd.oci.artifact.manifest.v1+json" )