From e7aa01a7490b82ff8cf09e42fac572094cf201bf Mon Sep 17 00:00:00 2001 From: Stephen J Day Date: Wed, 31 Aug 2016 17:34:28 -0700 Subject: [PATCH] layers: describe policy enforcement for foreign layer media type Signed-off-by: Stephen J Day --- layer.md | 10 ++++++++++ media-types.md | 1 + 2 files changed, 11 insertions(+) diff --git a/layer.md b/layer.md index ed75e5fd0..067edad44 100644 --- a/layer.md +++ b/layer.md @@ -156,3 +156,13 @@ Note that this opaque file will apply to _all_ children, including sub-directori Implementations SHOULD generate layers using _explicit whiteout_ files, but MUST accept both. Any given image is likely to be composed of several of these Image Filesystem Changeset tar archives. + +# Foreign Layers + +Certain layers, due to legal requirements, may not be regularly distributable. +Typically, one can download such layers but they should never be uploaded. + +Layers that have these restrictions SHOULD be tagged with an alternative mediatype of `application/vnd.oci.image.serialization.rootfs.foreign.tar.gzip`. +[Descriptors][descriptor.md] referencing these layers MAY include `urls` for downloading these layers. +Implementations MUST NOT distribute layers tagged with this media type. + diff --git a/media-types.md b/media-types.md index 19614d6ea..18257bdab 100644 --- a/media-types.md +++ b/media-types.md @@ -7,6 +7,7 @@ The following `mediaType` MIME types are used by the formats described here, and - `application/vnd.oci.image.manifest.v1+json`: [Image manifest format](manifest.md#image-manifest) - `application/vnd.oci.image.serialization.config.v1+json`: [Container config JSON](serialization.md) - `application/vnd.oci.image.serialization.rootfs.tar.gzip`: ["Layer", as a gzipped tar archive](layer.md) +- `application/vnd.oci.image.serialization.rootfs.foreign.tar.gzip`: ["Layer", as a gzipped tar that should never be pushed](serialization.md#foreign-layers) ## Compatibility Matrix