Document docker transport is the only supported remote transport

[rhatdan]

The goal is to improve errors when users use the wrong transport
in certain cases we stutter, in other cases we don't give enough
information.

Remove stutters when failing to pull remote images, because of
lack of support.

Fix errors returned by reference.Parse to wrap in image that was being
checked.

Fixes: #7116

Signed-off-by: Daniel J Walsh dwalsh@redhat.com

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [rhatdan]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[mheon]

"The image is specified using transport:path format. If no transport is specified, the docker transport will be used by default. For remote Podman, docker is the only allowed transport."

[rhatdan]

Fixed.

[mheon]

"Accepts images in archives created by the podman create command."

Also, please explain docker-reference better - I have no idea when and how I should be using it from this description.

[rhatdan]

Added an example.

[mheon]

"Accepts a reference to an image in a remote registry. The reference can include a path to a specific registry; if it does not, the registries listed in registries.conf will be queried to find a matching image. By default, credentials from podman login (stored at $XDG_RUNTIME_DIR/containers/auth.json by default) will be used to authenticate; if these cannot be found, we will fall back to using credentials in $HOME/.docker/config.json.

[mheon]

How do I make a directory like this? Providing a command would greatly help understanding.

[rhatdan]

podman push DIR
Would create this or podman pull DIR.

[mheon]

How do I make such an archive?

[rhatdan]

Podman pull or podman push, podman save.
podman save IMAGE --format docker-dir

[TomSweeneyRedHat]

Suggested change

	The `image` uses a "transport":"details" format.
	The specified `image` uses a "transport":"details" format.

[rhatdan]

rewritten.

[mheon]

The last two sentences seem to be redundant - the format can be a tag, or a digest, or a digest?

[mheon]

Everything in this section needs examples - it's extremely unclear how any of this is used in practice.

[mheon]

Also, we need to make it clear that some of these transports (I think not all?) do not pull the image if it is present locally in c/storage.

[rhatdan]

Added examples.

[mheon]

You should probably split what was written for podman run and podman create out into a separate manpage and have all of these reference that page.

[mheon]

If we don't have the Wrapf this can go on the previous line

[mheon]

Move to previous line

[mheon]

Previous line

[TomSweeneyRedHat]

Suggested change

	An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set using `(podman login)`. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using `(docker login)`.
	An image in a registry implementing the "Docker Registry HTTP API V2" format. By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set using `(podman login)`. If the authorization state is not found there, `$HOME/.docker/config.json` is checked, which is set using `(docker login)`.

[rhatdan]

Wait to review rewrite by @mheon

[TomSweeneyRedHat]

Suggested change

	An image _docker-reference_ stored in the docker daemon internal storage. _docker-reference_ must contain either a tag or a digest. Alternatively, when reading images, the format can also be docker-daemon:algo:digest (an image ID).
	An image in _docker-reference_ format stored in the docker daemon internal storage. _docker-reference_ must contain either a tag or a digest. Alternatively, when reading images, the format can also be docker-daemon:algo:digest (an image ID).

[TomSweeneyRedHat]

Suggested change

	An image _tag_ in a directory compliant with "Open Container Image Layout Specification" at _path_.
	An image in a directory compliant with the "Open Container Image Layout Specification" at the specified _path_ and specified with a _tag_.

Do we have more info io the OCI Layout Spec that we should/can point them to?

[TomSweeneyRedHat]

Same as prior comments

[mheon]

This is still really unclear about docker-reference - if it's only used when it created, why do we want it here when we're only pulling/using such an image?

[rhatdan]

@mheon @TomSweeneyRedHat PTA Fresh Look.

[TomSweeneyRedHat]

Suggested change

	$XDG_RUNTIME_DIR/containers/auth.json by default) will be used to authenticate; if these cannot be found, we
	$XDG_RUNTIME_DIR/containers/auth.json by default) will be used to authenticate; if these cannot be found,

[TomSweeneyRedHat]

Suggested change

	will fall back to using credentials in $HOME/.docker/config.json.
	credentials in $HOME/.docker/config.json will be used if available.

[TomSweeneyRedHat]

I'm not sure what to do with "either a tag"? At the very least an "or" is missing or perhaps it's a really bad cut/paste?

[TomSweeneyRedHat]

same comments as previous.

[rhatdan]

@mheon @TomSweeneyRedHat PTAL again. Would be nice to get this in to 2.2 release.

[mheon]

Extra " at end

[mheon]

One nit then LGTM

[mheon]

Merging as is, I will submit a fix PR later.

[mheon]

/lgtm