How do I publish an actual *image* using `apko publish`, not just the index?
runiq opened this issue · comments
Hey,
I'm trying to publish my own Zola image for use on Codeberg, it looks like this:
contents:
repositories:
- https://dl-cdn.alpinelinux.org/alpine/edge/main
- https://dl-cdn.alpinelinux.org/alpine/edge/community
packages:
- alpine-baselayout-data
- busybox
- zola
entrypoint:
command: /usr/bin/zolaI'm currently building using rootless podman, like this:
podman run \
--rm -it --init \
--security-opt label=disable \
-v "$XDG_RUNTIME_DIR/containers/auth.json:/root/.docker/config.json" \
-v "$PWD:/work" \
cgr.dev/chainguard/apko \
publish \
--sbom=false \
--arch=host \
zola.yml \
codeberg.org/runiq/zola:0.17.2While that publishes the index, it doesn't publish the image itself:
ℹ️ x86_64 | finished building filesystem in /tmp/apko-633604221/x86_64
ℹ️ x86_64 | built image layer tarball as /tmp/apko-633604221/image/apko-x86_64.tar.gz
❕ x86_64 | Not generating SBOMs (WantSBOM = false)
ℹ️ x86_64 | building image from layer
ℹ️ x86_64 | OCI layer digest: sha256:57b0f1420ff3510fd14a81d4f81c65bb6bb25795bd7e1feae6761aba7cb52da6
ℹ️ x86_64 | OCI layer diffID: sha256:58a51444a95bb165b6a1386ad7a66d8b633336e5055198d1138473109b9f877e
ℹ️ x86_64 | built index file as /tmp/apko-temp-796979251/index.json
ℹ️ | publish image tag codeberg.org/runiq/zola:0.17.2
ℹ️ | publishing index tag codeberg.org/runiq/zola:0.17.2
codeberg.org/runiq/zola@sha256:46da478fe0cea238520e4856525bc7bcf1ffb657b2e1e9f20eddaa94a3fee175
What am I doing wrong here? 🤔
Not sure if that's related, but I also can't get the --package-version-tag flag to work. I was under the impression that it would additionally publish the image under the version of the installed package with the given name, but it does nothing.
It does publish the image, just as a child of index:
Not sure if that's related, but I also can't get the --package-version-tag flag to work.
This was just recently fixed in: #825
There is a bug I have hit with the Gitea hosted registry where if you switch from a single-arch image to a multi-arch image, it won't show the multi-arch image correctly in the UI. I hit this in my personal infrastructure when moving some Docker-based builds over to Melange and apko.
A workaround is to delete the entire released package and let it get recreated when apko uploads the new image. That should fix it.
Thanks a lot to both of you, especially for the registry explorer link, hadn't seen that one before.
Also, I'm sorry for blaming your software when it was the registry's fault instead. I was a bit frustrated because it appeared that I'd hit several bugs at once.
Wait, actually, no. I published that image manually. I just removed the zola image entirely (as per @kaniini's suggestion), re-ran apko publish as in the OP, and Registry Explorer only shows the index record. When I click on the amd64 image manifest link, I'm getting MANIFEST UNKNOWN.
Edit: Publishing on the Gitlab registry instead does upload the image, but appears to run into missing SLSA support on the Gitlab side: The Web UI displays a warning sign with the message "invalid tag: missing manifest digest". Pulling the image using the 0.17.2 tag works fine, however.
At this point I'm fairly sure this is with the registries lacking support for whatever apko is doing. Sorry for the noise!
Edit2: The image manifest for codeberg.org/runiq/zola:0.17.2 turned up a few minutes later. I don't know anymore, I give up. 🤷
All my issues have gone away with the release of v0.10. Thanks, everybody! <3