Expand description
OCI container image support for composefs.
This crate provides functionality for working with OCI (Open Container Initiative) container images in the context of composefs. It enables importing, extracting, and mounting container images as composefs filesystems with fs-verity integrity protection.
Key functionality includes:
- Pulling container images from registries using skopeo
- Converting OCI image layers from tar format to composefs split streams
- Creating mountable filesystems from OCI image configurations
- Sealing containers with fs-verity hashes for integrity verification
Modulesยง
- image
- OCI image processing and filesystem construction.
- skopeo
- Container image pulling and registry interaction via skopeo/containers-image-proxy.
- tar
- TAR archive processing and split stream conversion.
Functionsยง
- hash ๐
- import_
layer - Imports a container layer from a tar stream into the repository.
- ls_
layer - Lists the contents of a container layer stored in the repository.
- mount
- Mounts a sealed container filesystem at the specified mountpoint.
- open_
config - Opens and parses a container configuration, following all layer references.
- open_
config_ shallow - Opens and parses a container configuration without following layer references.
- pull
- Pull the target image, and add the provided tag. If this is a mountable image (i.e. not an artifact), it is not unpacked by default.
- seal
- Seals a container by computing its filesystem fs-verity hash and adding it to the config.
- sha256_
from_ ๐descriptor - sha256_
from_ ๐digest - write_
config - Writes a container configuration to the repository.
Type Aliasesยง
- Content
AndVerity ๐