Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(clean): Fix clean cmd for private registries (#3446)
Without this patch, running `cosign clean` on an image in a private registry uses the wrong object reference and fails to delete artifacts for the image. On Dockerhub, it is sufficient to call DELETE directly on an object name: ``` DELETE /v2/namespace/repo/manifests/sha256-deadbeef.sig ``` On registry version v2.3 and greater, this does not work. Instead, we need to perform a GET to retrieve the object digest, and call DELETE on that: ``` GET /v2/namespace/repo/manifests/sha256-deadbeef.sig => ... Docker-Content-Digest: sha256:cafeb0ba DELETE /v2/namespace/repo/manifests/sha256:cafeb0ba ``` Since we can't know what type of registry we're dealing with, we try the original version first, and the new version as a fallback. See the GitHub issue[1] which explains the issue, and the API documentation[2]. This also fixes a minor formatting issue in the error message. [1] distribution/distribution#1579 [2] https://github.com/distribution/distribution/blob/main/docs/content/spec/api.md#deleting-an-image Fixes #2265 Signed-off-by: Colleen Murphy <colleenmurphy@google.com>
- Loading branch information
Showing
4 changed files
with
103 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters