Releases: google/go-containerregistry
v0.13.0
What's Changed
- Bump slsa-framework/slsa-github-generator to 1.2.2 by @jonjohnsonjr in #1489
- Features: Allow eliding
serviceaccount
lookups. by @mattmoor in #1490 - Bump golangci/golangci-lint-action from 3.3.0 to 3.3.1 by @dependabot in #1491
- add source archive checksum into the checksums.txt by @developer-guy in #1492
- Fix calculating tarball size when duplicated layers exist by @tydra-wang in #1495
- Add support for zstd compression by @LFrobeen in #1487
- docs: pull latest instead of debug by @AndrewCharlesHay in #1497
- Make credential warning slightly more accurate by @jonjohnsonjr in #1499
- Make unit tests substantially faster by @jonjohnsonjr in #1498
- Use the default retry predicate in transport by @jonjohnsonjr in #1502
- Revert "docs: pull latest instead of debug (#1497)" by @jonjohnsonjr in #1504
- Update Arch Linux install instructions by @kpcyrd in #1508
- Fix various lints by @jonjohnsonjr in #1507
- Fix missing doc comment by @jonjohnsonjr in #1509
- Treat empty registry config as anonymous by @lcarva in #1512
- Bump goreleaser/goreleaser-action from 3.2.0 to 4.1.0 by @dependabot in #1511
- Bump actions/stale from 6 to 7 by @dependabot in #1519
- Race http fallback ping by @jonjohnsonjr in #1521
- FIX mutate.Time not respecting history by @miguelvalerio in #1520
- test: use
T.TempDir
to create temporary test directory by @Juneezee in #1522 - crane: add digest --full by @imjasonh in #1524
- Hack around DockerHub plugin scope handling by @jonjohnsonjr in #1527
- crane: support --full-ref for crane ls by @imjasonh in #1525
- Revert plugin scope hack by @jonjohnsonjr in #1531
- clarify crane download readme by @dtanner in #1533
New Contributors
- @LFrobeen made their first contribution in #1487
- @AndrewCharlesHay made their first contribution in #1497
- @kpcyrd made their first contribution in #1508
- @miguelvalerio made their first contribution in #1520
- @Juneezee made their first contribution in #1522
- @dtanner made their first contribution in #1533
Full Changelog: v0.12.1...v0.13.0
v0.12.1
Changelog
- 426de7d Bump golangci/golangci-lint-action from 3.2.0 to 3.3.0 (#1475)
- 6442b02 Bump goreleaser/goreleaser-action from 3.1.0 to 3.2.0 (#1476)
- 76ae819 Fix context.DeadlineExceeded comparison (#1488)
- 1711cef Fix missing body.Close() in bearer auth (#1482)
- 02f47e1 bump version of slsa generator (#1468)
- 353a117 crane: add catalog argument use annotation (#1473)
- a0cca8a k8schain: Log and proceed if secret or SA are not found (#1472)
Container Images
https://gcr.io/go-containerregistry/crane:v0.12.1
https://gcr.io/go-containerregistry/gcrane:v0.12.1
For example:
docker pull gcr.io/go-containerregistry/crane:v0.12.1
docker pull gcr.io/go-containerregistry/gcrane:v0.12.1
v0.12.0
Changelog
- 9b4fdd5 Bump actions/setup-go from 2 to 3 (#1463)
- 7268da0 Bump actions/stale from 5 to 6 (#1452)
- 7196cf3 Bump aws-actions/configure-aws-credentials from 1.6.1 to 1.7.0 (#1424)
- 8eae069 Bump codecov/codecov-action from 3.1.0 to 3.1.1 (#1453)
- 969699e Bump deps using ./hack/bump-deps.sh (#1467)
- c1f9836 Bump opencontainers/image-spec (#1423)
- 49cdb8b Correct usage of authn.NewKeychainFromHelper in docs (#1419)
- 3ba4c51 Fix tar PAX format handling (#1414)
- 24a1c33 Ignore docker config if it's a directory (#1420)
- a0f6687 Make ErrBadName checkable via errors.Is() (#1462)
- 19e3eff Retry ECONNRESET errors (#1415)
- 5749ee6 Support the platform specific authentication of krane in "auth get" command (#1413)
- e3b94c7 allow remote.DefaultTransport to be overridden by an http.RoundTripper (#1449)
- f981b4c deps: update goreleaser-action for bug (#1444)
- 771a9b4 e2e: pull and export stdin and stdout (#1436)
- 87b3a79 feat: Add krane to release archive (#1443)
- 2859a0d feat: generate slsa provenance on github release artifacts (#1438)
- 9a5c14a fix crane's root.go after DefaultTransport change (#1450)
- 2b54510 fix: consider base image media type when appending layers (#1437)
- d3ed408 registry: implement blob deletion (#1432)
- 3413eb6 registry: implement pagination (#1430)
- e2d575c update crane installation instructions and release verification (#1440)
Container Images
https://gcr.io/go-containerregistry/crane:v0.12.0
https://gcr.io/go-containerregistry/gcrane:v0.12.0
For example:
docker pull gcr.io/go-containerregistry/crane:v0.12.0
docker pull gcr.io/go-containerregistry/gcrane:v0.12.0
v0.11.0
Changelog
- b7b4ead Add unit test covering .dockerconfigjson secrets (#1335)
- 31786c6 Bump deps using ./hack/bump-deps.sh (#1410)
- f79ec21 Deprecate transport.New (#1337)
- 2b1087a Do not check /v2 endpoint on registry when RoundTripper is provided (#1396)
- 59b5c06 Don't annotate refs by default, switch to OCI key (#1401)
- ddd39fb Fall back to no mount if registry misbehaves (#1406)
- d187a71 Implement crane edit (#1403)
- 4d7b65b Include builds for Go 1.18 in CI matrixes (#1319)
- 03194c5 Preserve descriptors when writing to layout (#1400)
- 53e6bea Redact sensitive information in redirected URLs (#1408)
- ae256b5 Use go-digest to validate digests (#1395)
- 86f0c4a Wrap progress updates in a mutex (#1402)
- e7a9f2b bump deps using ./hack/bump-deps.sh (#1389)
Container Images
https://gcr.io/go-containerregistry/crane:v0.11.0
https://gcr.io/go-containerregistry/gcrane:v0.11.0
For example:
docker pull gcr.io/go-containerregistry/crane:v0.11.0
docker pull gcr.io/go-containerregistry/gcrane:v0.11.0
v0.10.0
Changelog
- 9006ebf Add debug logs to google.Keychain (#1390)
- 03a77f4 Allow config files to be mounted (#1387)
- b17c48b Bump goreleaser/goreleaser-action from 2 to 3 (#1370)
- 623023e Implement cross-registry blob mounting experiment (#1388)
- 2a21d4f Set GetBody on blob uploads (#1391)
- f74686f bump deps using ./hack/bump-deps.sh (#1371)
- 7fc806e feat(cache): cacheable v1.ImageIndex (#1380)
- 0c40ec8 feat(crane): add option to allow pushing non-distributable layers (#1348)
- 12aeccc fix(crane): just need cobra.MinimumNArgs(1) instead of cobra.MaximumNArgs(1). (#1384)
- 84eb526 k8schain: prioritize imagePullSecrets over implicit auth (#1368)
Container Images
https://gcr.io/go-containerregistry/crane:v0.10.0
https://gcr.io/go-containerregistry/gcrane:v0.10.0
For example:
docker pull gcr.io/go-containerregistry/crane:v0.10.0
docker pull gcr.io/go-containerregistry/gcrane:v0.10.0
v0.9.0
What's Changed
- pkg/v1/mutate: fill in mediaType for OCI by @maisem in #1236
- Start testing ECR authentication. by @mattmoor in #1237
- Pin the version of AWS actions we use by @mattmoor in #1238
- Add pkg/authn/kubernetes by @imjasonh in #1234
- Use Temp File For
layout.{Write,Append,Replace}
Image/Index Methods by @ben-krieger in #1226 - Update README.md by @bobychaudhary in #1239
- fix k8schain go.mod by @dprotaso in #1242
- fix cmd/krane/go.mod and include it in hack/presubmit.sh by @imjasonh in #1240
- return transport errors that support errors.Is by @dprotaso in #1244
- Bump ecr-login to v0.6.0 by @imjasonh in #1243
- pkg/authn: return Anonymous on podman auth.json errors by @vdemeester in #1248
- Bump acr cred helper dep by @imjasonh in #1247
- krane: drop k8schain, use cred helper directly w/o k8s by @imjasonh in #1250
- Ensure that layer is closed before renaming file in layout by @ben-krieger in #1254
- Bump aws-actions/configure-aws-credentials from 1.6.0 to 1.6.1 by @dependabot in #1259
- Fix krane:debug image to include shell by @imjasonh in #1264
- Fix NewKeychainFromHelper by @imjasonh in #1265
- Fix issue templates by @imjasonh in #1266
- Update k8schain README -- don't recommend modifting authn.DefaultKeyc… by @imjasonh in #1267
- Add EOF to remote default retry predicate by @jonjohnsonjr in #1268
- Bump containerd by @imjasonh in #1271
- Implement Platform.String and v1.ParsePlatform by @imjasonh in #1270
- Eagerly fetch image ID in daemon.Image by @jonjohnsonjr in #1272
- Add pkg/authn/github.Keychain to authenticate with ghcr.io by @imjasonh in #1252
- Fallback to anonymous if env or gcloud are not configured by @imjasonh in #1279
- Add one-time workflow to push an image to ghcr.io by @imjasonh in #1281
- remove push-image workflow by @imjasonh in #1282
- Pass gcloud stderr to logs.Warn by @imjasonh in #1284
- Add tarball.WithMediaType to specify layer media type by @imjasonh in #1286
- LayerFromReader: buffer contents to a temp file instead of in memory by @imjasonh in #1285
- Check docker config auths for repo and registry by @imjasonh in #1280
- Bump deps, add script to make it easier by @imjasonh in #1260
- Fix Windows e2e test by @imjasonh in #1292
- Update ecr-login dep to fix logspam issue by @imjasonh in #1294
- authn/kubernetes - fix auth config lookup by @dprotaso in #1299
- authn/kubernetes - fix index.docker.io case by @dprotaso in #1300
- Take advantage of Chainguard maintained versions of various actions. by @mattmoor in #1301
- Cover a couple special paths in keychain unit tests. by @mattmoor in #1302
- Add output option to mutate to save to a tar file and not push to a registry (same as append) by @ehmm in #1257
- Add GitHub Action to automatically bump deps by @imjasonh in #1291
- Include blob existence checks in retries by @jonjohnsonjr in #1307
- Bump golangci/golangci-lint-action from 2 to 3.1.0 by @dependabot in #1308
- Add rebase_test.sh to hack/presubmit.sh by @imjasonh in #1304
- crane export: Support reading tarball from a stream by @abitrolly in #1274
- Don't parse challenge's scopes, put them first by @jonjohnsonjr in #1312
- Bump actions/checkout from 2 to 3 by @dependabot in #1315
- Fix isolation of presubmit tools by @abitrolly in #1306
- Bump deps, fix ecr-login API change by @imjasonh in #1310
- Add --user flag to crane mutate by @matthewrobertson in #1316
- Bump peter-evans/create-pull-request from 3 to 4 by @dependabot in #1327
- Bump actions/setup-go from 2 to 3 by @dependabot in #1340
- Bump actions/stale from 4 to 5 by @dependabot in #1342
- Bump codecov/codecov-action from 2.1.0 to 3.0.0 by @dependabot in #1341
- use k8s keychain first by @dprotaso in #1346
- fix(v1/random): set MediaType in
randomIndex.manifest
by @estroz in #1343 - fix(v1/remote): return an error if both auth and keychain are set by @estroz in #1334
- AuthConfig now supports json (un)marshalling by @dprotaso in #1350
- authn.kubernetes.Resolve now behaves exactly like Kubernetes by @dprotaso in #1349
- bump require blocks to point to latest main (892d7a8) by @dprotaso in #1351
- update go action to always get the latest available and other updates by @cpanato in #1352
- Bump codecov/codecov-action from 3.0.0 to 3.1.0 by @dependabot in #1353
- Bump github/codeql-action from 1 to 2 by @dependabot in #1357
- transport: Don't pass default service if unset by @imjasonh in #1360
- fix(ConfigFile): Add Variant by @lippertmarkus in #1362
- Bump deps, fix issues by @imjasonh in #1317
- feat(crane): allow setting the repository to push by digest by @lippertmarkus in #1323
- Bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 by @dependabot in #1365
- Bump deps using ./hack/bump-deps.sh by @imjasonh in #1366
New Contributors
- @ben-krieger made their first contribution in #1226
- @bobychaudhary made their first contribution in #1239
- @abitrolly made their first contribution in #1274
- @matthewrobertson made their first contribution in #1316
- @estroz made their first contribution in #1343
- @lippertmarkus made their first contribution in #1362
Full Changelog: v0.8.0...v0.9.0
v0.8.0
What's Changed
- spelling: entrypoing->entrypoint by @vsoch in #1176
- update crane mutate annotation/label args to allow commas in label values by @vsoch in #1178
- Check for Podman's auth.json in DefaultKeychain by @imjasonh in #1181
- Enable gosec, exempt tests, ignore others by @imjasonh in #1169
- Revert "Check for Podman's auth.json in DefaultKeychain (#1181)" by @imjasonh in #1184
- Attempt 2: Check for Podman's auth in DefaultKeychain by @imjasonh in #1185
- Update deps by @dekkagaijin in #1188
- Include 1.17 in build and test matrix by @imjasonh in #1190
- Add issue templates by @imjasonh in #1192
- Add depcheck test that
pkg/registry
has light dependencies by @imjasonh in #1187 - Windowsify layers when
crane append
ing by @imjasonh in #1179 - Accept multiple entrypoint values in crane mutate by @imjasonh in #1194
- Added env vars and optional layers to mutate cmd by @ehmm in #1199
- Make crane export more ergonomic by @jonjohnsonjr in #1203
- Don't use the term 'runes' in error messages by @imjasonh in #1204
- Always use basic for anonymous pings by @jonjohnsonjr in #1207
- Support specifying osversion in the --platform flag by @imjasonh in #1206
- Bump golang.org/x/tools by @imjasonh in #1201
- crane push: Support OCI layout by @jonjohnsonjr in #1208
- Bump deps by @imjasonh in #1214
- Pluggable blob storage for pkg/registry by @imjasonh in #1209
- Add
--image-refs
tocrane push
. by @mattmoor in #1217 - Add a
krane
tool. by @mattmoor in #1218 - Fix krane build by @mattmoor in #1223
- Add UnavailableErrorCode by @jonjohnsonjr in #1230
- Add docker cred helper adapter in pkg/authn by @imjasonh in #1227
- crane pull: support pulling index to OCI Layout by @jonjohnsonjr in #1215
New Contributors
Full Changelog: v0.7.0...v0.8.0
v0.6.1
Changelog
Container Images
https://gcr.io/go-containerregistry/crane:v0.6.1
https://gcr.io/go-containerregistry/gcrane:v0.6.1
For example:
docker pull gcr.io/go-containerregistry/crane:v0.6.1
docker pull gcr.io/go-containerregistry/gcrane:v0.6.1
v0.7.0
Changelog
1830951 Add --set-base-image-annotations flag to crane append (#1098)
bea59b9 Add crane flatten (#1104)
5c9c442 Add pkg/registry/README.md documenting expectations (#1167)
dd86162 Add s390x arch to goreleaser (#1149)
8388fde Add temp codes when determining if an error is 'Temporary' (#1115)
6cb23fb Adding OS version to Crane for better Windows support. (#1173)
9ae11fe Allow image layers to use any custom media type (#1136)
d6bc6d5 Bump actions/stale from 3 to 4 (#1096)
a65a0a6 Bump codecov/codecov-action from 1 to 2.0.2 (#1095)
7e0ed51 Bump codecov/codecov-action from 2.0.2 to 2.0.3 (#1112)
40ba044 Bump codecov/codecov-action from 2.0.3 to 2.1.0 (#1125)
542cd56 Bump dependencies (#1175)
4580921 Bump docker/docker dependency to v20.10.10 (#1171)
c5dea0c Bump github.com/containerd/stargz-snapshotter/estargz (#1118)
230ff8e Bump github.com/containerd/stargz-snapshotter/estargz (#1138)
54c3445 Bump github.com/docker/cli (#1101)
d43a5ce Bump github.com/docker/cli (#1141)
be17d0a Bump github.com/docker/docker (#1100)
35e3541 Bump github.com/docker/docker (#1140)
f9a1886 Clean filepaths in mutate.Extract (#1106)
7a6ee45 Define a new remote.DefaultTransport
. (#1165)
3cd0cb5 Do not forget CreatedBy in mutate.Canonical (#978)
5f2509c Document setup-crane in cmd/crane/README.md (#1152)
c71ca9b Don't reuse errgroups, propagate contexts better (#1128)
dd49079 Enable golangci-lint (#1162)
a0c4bd2 Enable some more golangci-lint checks, fix findings (#1164)
0dfbb56 Fix presubmit (#1161)
b0e827a Fix small typo in partial README for UncompressedImageCore (#1156)
080751a Give the ping context a timeout. (#1163)
de8aff8 Implement annotation-based rebase hints (#960)
0e8b581 Make mutate
constructs immutable. (#1124)
e92a648 Make crane flatten work with indexes (#1105)
34b7f00 Make retrying transport and http errors configurable (#1122)
f337ecf Pass Options when recursively calling writeIndex (#1172)
b5cf9c4 Propagate crane options through gcrane cp -r (#1127)
2459de3 Re-enable codeql analysis (#1135)
e7cd6af Refactor the control flow for manifests and blobs. (#1157)
1781b9f Update dependabot.yml (#1084)
72ae53c Update go mod deps to latest releases, run go mod tidy
and go mod vendor
(#1139)
486e71f feat(daemon): avoid multiple initialization (#1126)
f0983da feat(daemon): lazy image saving (#1121)
bcbf8d3 feat: ability to set page size for tags list and catalog calls (#1102)
308547a pkg/authn/k8schain: run go mod tidy (#1131)
0de2b1e recipe: Document diffing filesystem contents (#1155)
Container Images
https://gcr.io/go-containerregistry/crane:v0.7.0
https://gcr.io/go-containerregistry/gcrane:v0.7.0
For example:
docker pull gcr.io/go-containerregistry/crane:v0.7.0
docker pull gcr.io/go-containerregistry/gcrane:v0.7.0
v0.6.0
Changelog
9b2cec9 Add SECURITY.md (#1031)
a27f4a4 Add WithTransport to gcrane (#1022)
8b535fa Add auth options to gcrane (#1021)
b448aba Add crane recipe for listing files, add note about symlinks (#1072)
b69114f Add google.com host suffix to gcrane keychain (#1039)
4759a5d Add recipe to calculate image size (#1088)
6118d45 Add retry when commiting a manifest (#1041)
092caf0 Add static.NewLayer (#1093)
2f6fbf7 Allow mutate.Annotations to annotate an Image or ImageIndex (#1082)
68edb3a Avoid race in progress_test.go (#1081)
9e56ddd Avoid trying https for insecure registries (#1002)
a0b9468 Bump github.com/containerd/stargz-snapshotter/estargz (#1083)
2b9ddcd Bump github.com/spf13/cobra from 1.1.3 to 1.2.1 (#1070)
ce35c99 Create a k8schain directly from pull secrets (#1049)
628a2ff Document released images in release notes (#1069)
03f1bf4 Don't overwrite WithTransport option (#1077)
acad0ed Drop error return for mutate.Annotations (#1058)
e2daef5 Enable dependabot (#1052)
8395cdf Fix install instructions for crane (#1020)
0233fcd Fix typo in state GitHub Action (#1023)
596751a Handle multiple www-authenticate headers (#1075)
5f53e4e Implement crane.Head (#1057)
0ffa4a5 Include a commit with K8s 1.20 libs (#1027)
13e1a6b Only verify size if we can (#1080)
426caf7 Plumb context through crane and gcrane (#995)
eca1cd8 Reduce default catalog page size (#1092)
d9ecc49 Remove report card (#1035)
11f8769 Revert "Avoid trying https for insecure registries (#1002)" (#1048)
5455b5b Revert "export manifest for tar file (#1033)" (#1043)
5ea3569 Set Content-Type to application/octet-stream (#1079)
a3a06bb Straighten out remote.List{WithContext} (#1090)
162d96e Update dependencies (#1036)
45aaa6c Use Data field when fetching in remote (#1076)
de6223d Verify size in verify.ReadCloser (#1044)
fbb5e78 bump ggcr in gccr/k8schain what! (#1030)
529b437 ci: test/build with go 1.14/1.15/1.16 (#1051)
3bfd0b5 crane: ignore TLS certificate validation when using --insecure flag (#1054)
f0ce227 export manifest for tar file (#1033)
764823a export manifest from tar file (#1046)
92e9e85 feat(mutate): added support for overriding manifest annotations (#1056)
3bfab55 update to add that crane retains the digest (#1037)
c086c7f use K8s 1.20 libs
14e26bf use K8s 1.21 libs
100e16a use go1.16's module aware install vs tools.go (#1028)
Container Images
https://gcr.io/go-containerregistry/crane:v0.6.0
https://gcr.io/go-containerregistry/gcrane:v0.6.0
For example:
docker pull gcr.io/go-containerregistry/crane:v0.6.0
docker pull gcr.io/go-containerregistry/gcrane:v0.6.0