Annotations are string key-value pairs similar to labels. Annotations are supported by OCI Image Manifest and OCI Content Descriptors. You can refer to our how-to guide to understand how ORAS CLI could be used to add them.
Artifacts are a conceptual piece of content stored as Blobs with an accompanying Manifest containing a Config. We can push, pull, attach artifacts using the ORAS CLI. In order to understand the usage better, you may follow the steps in our quick start guide.
Config is the JSON format describing images for use with a container runtime and execution tool and its relationship to filesystem changesets.
You may use
oras manifest fetch-config to check out the config of your artifact.
A container image is a small, standalone, executable file that contains all the components required to run an application, including the code, runtime, system tools, system libraries, and settings.
A Content Descriptor (or simply Descriptor) describes the disposition of the targeted content. It includes the type of the content, a content identifier (digest), and the byte-size of the raw content. Optionally, it includes the type of artifact it is describing.
A digest is a property of a Descriptor which uniquely identifies content by taking a collision-resistant hash of the bytes.
The OCI Distribution Spec defines an API protocol to facilitate and standardize the distribution of content.
The Distribution Specification Project includes a process and API for prototyping and testing extensions to the Distribution API.
The OCI Image Layout is the directory structure for OCI content-addressable blobs and location-addressable references (refs).
It must contain a
oci-layout file and an
To learn more, check out the how-to guide on OCI Layouts.
An image manifest provides a configuration and set of layers for a single container image for a specific architecture and operating system.
The OCI Image Spec defines an OCI Image, consisting of an image manifest, an image index (optional), a set of filesystem layers, and a configuration.
Image Index Specification
The image index is a higher-level manifest which points to specific image manifests, ideal for one or more platforms. It is a multi-descriptor entry point.
A registry is a place where container images and artifacts can easily be stored and accessed. Whereas, a local registry (like zot) is a registry that is present on our local machine. You can follow our quick start guide if you would like to try using zot registry.
Manifest Referrers API
Artifact-manifest provides the ability to reference artifacts to existing artifacts. Reference artifacts include signatures,
SBoMs and many other types.
referrers API returns all artifacts that have a
subject of the given manifest digest.
The Referrers API returns a list of manifests that reference a blob. You can understand how to use this API by referring to the details given in the distribution spec.
Referrer Tag Schema
The Referrer Tag Schema helps to pull the current list of referrers based on different digest formats or tags.
A registry is like a central repository where you can store, share and manage container images and artifacts.
Software Bill of Materials
A codebase's open source and third-party components are listed in a software Bill of Materials (SBOM). Additionally, an SBOM provides the versions of the components used in the codebase, their patch status, and the licences that govern them.
Supply Chain Security
Supply chain security emphasises risk management of outside vendors, suppliers, logistics, and transportation. It recognises, assesses, and reduces risks related to collaborating with other organisations as a part of your supply chain.
Tags are used to define keys and values and associate them with resources by adding metadata to resources.