Expand description
OCI container image support for composefs.
This crate provides functionality for working with OCI (Open Container Initiative) container images in the context of composefs. It enables importing, extracting, and mounting container images as composefs filesystems with fs-verity integrity protection.
Key functionality includes:
- Pulling container images from registries using skopeo
- Converting OCI image layers from tar format to composefs split streams
- Creating mountable filesystems from OCI image configurations
- Sealing containers with fs-verity hashes for integrity verification
Modulesยง
- image
- OCI image processing and filesystem construction.
- skopeo
- Container image pulling and registry interaction via skopeo/containers-image-proxy.
- tar
- TAR archive processing and split stream conversion.
Functionsยง
- config_
identifier ๐ - hash ๐
- import_
layer - Imports a container layer from a tar stream into the repository.
- layer_
identifier ๐ - ls_
layer - Lists the contents of a container layer stored in the repository.
- mount
- Mounts a sealed container filesystem at the specified mountpoint.
- open_
config - Opens and parses a container configuration.
- pull
- Pull the target image, and add the provided tag. If this is a mountable image (i.e. not an artifact), it is not unpacked by default.
- seal
- Seals a container by computing its filesystem fs-verity hash and adding it to the config.
- write_
config - Writes a container configuration to the repository.
Type Aliasesยง
- Content
AndVerity ๐