Expand description
This crate implements the basic support to download and unpack OCI images stored in a container registry.
It is not expected to support every feature in the OCI specifications. Instead, the goal is to implement all features used in the most common images.
§Usage
The first step for unpacking an OCI image is to get a reference instance to describe its location:
let reference = Reference::try_from("debian:stable").unwrap();The string is parsed following the same rules as the docker pull command,
as described in the Reference documentation.
Then, an Unpacker instance is created to configure how to download and
unpack the referenced image.
Unpacker::new(reference).unpack("/tmp/image").unwrap();An instance of EventHandler can be used to receive notifications during
the download/unpack process. The file examples/unpack.rs in the repository
has a full implementation of a handler.
§Sandbox
Before creating any file in the target directory, Unpacker::unpack tries
to create a sandbox with Landlock, so the process will
be able to create files only beneath the target directory.
Errors on creating the sandbox can be ignored by setting Unpacker::require_sandbox
to false.
The sandbox is only available if the crate is built with the sandbox feature, which
is enabled by default.
§Zstd Compression
The zstd feature (enabled by default) is required to support images compressed with zstd.
Modules§
- errors
- Errors from the functions in the public API.
Structs§
- Digest
- A digest to validate a blob.
- NoEvent
Handler EventHandlerinstance to ignore all events.- Reference
- Reference to an image in an OCI registry.
- Repository
- Represents a repository name, like
library/debianornixos/nix. - Unpacker
- Download an image and unpack its contents to a new directory.
Enums§
- Digest
Algorithm - Algorithm to compute the hash value.
- Media
Type - Known media types.
Traits§
- Event
Handler - Handler to receive notifications for events during the unpack process.