-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(digests): do not mandate sha256 as the only algorithm used for hashing blobs #2075
Conversation
c4c6abd
to
74edc3c
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2075 +/- ##
==========================================
+ Coverage 92.71% 92.72% +0.01%
==========================================
Files 169 169
Lines 22415 22467 +52
==========================================
+ Hits 20781 20832 +51
+ Misses 1019 1018 -1
- Partials 615 617 +2 ☔ View full report in Codecov by Sentry. |
9eed9c5
to
0aa09f8
Compare
17a45e0
to
b433e93
Compare
See also opencontainers/distribution-spec#494 |
2850123
to
bb85774
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
7e0f24e
to
d80d60f
Compare
e3e9d80
to
3073f17
Compare
b0fca40
to
22f7136
Compare
a95bf1e
to
23eb7bd
Compare
|
We need the spec for specifying a non-canonical digest algorithm for the manifest in case of pushing by tag. Otherwise this PR should be good for the blobs use case. But I don't know if there's any case in which the blobs use non-canonical digest algorithms while the manifest uses the canonical (sha256) digest algorithm. |
@rchincha I propose we merge this as is, and the API changes in a separate PR after opencontainers/distribution-spec#543 is agreed upon. If opencontainers/distribution-spec#543 stays the same the default behavior (the case in which the digest is not specified as a query parameter) does not change, so the code in this PR would stay the same. |
88ed344
to
eeb7795
Compare
…shing blobs Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
Summarizing 6 Failures: https://github.com/sudo-bmitch/distribution-spec/tree/pr-digest-on-tag-push |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.