index with subject but contains no artifactType

[qweeah]

OCI image spec 1.1.0-rc4 allows image index to have subject(updated in this commit) and artifactType(update in this commit). Since both fields are optional, it's possible that user can push an index with subject but no artifactType like below.

flowchart
index --subject--> image

Loading

Should we enforce the requirement on both fields like: if subject is presented, artifactType MUST be presented, otherwise the index is invalid?

[qweeah]

Also created an issue on distribution-spec side opencontainers/distribution-spec#458 since it's related to the implementation of referrers API and tag-schema fallback.

[sudo-bmitch]

This is related to #1020 and #1077. CC @vbatts and @sajayantony from those PRs.
Edit: adding #1066.

[sajayantony]

Is this stemming from the fact that the artifact Type is a MUST from the referreres API ?
https://github.com/opencontainers/distribution-spec/blob/main/spec.md#listing-referrers
This doesn't handle the index case and maybe we should clarify that subject and artifactType are required for Index if we want to support index in the referrers API. @vbatts @jonjohnsonjr

[qweeah]

Is this stemming from the fact that the artifact Type is a MUST from the referrers API?

Yes.

if we want to support index in the referrers API

Good catch. Index with subject should be included in the referrers API, otherwise user cannot find the referrer index from the subject manifest and there is no meaning to set subject, right? What I suggest is: artfactType MUST present if subject presents.

[sudo-bmitch]

I'd be curious how to write the json schema for that. Is there a "conditional required" syntax? Ref:

image-spec/schema/image-index-schema.json

Line 96 in 4b568ff

"required": [

[tianon]

Wouldn't that be dependentRequired?
(https://json-schema.org/understanding-json-schema/reference/conditionals.html)

  "dependentRequired": {
    "subject": ["artifactType"]
  }

[sajayantony]

From the call today there were multiple options discussed of from making artifactType a MUST, to making it optional in the referrers. The second option sounded like there was more acceptance which would be a change to the distribution spec.
There needs to be a follow up PR on the distribution spec and it also means that there is no PR expected for the image spec at this point.

[qweeah]

to making it optional in the referrers. The second option sounded like there was more acceptance which would be a change to the distribution spec.

Can you help elaborate on what's the motivation for this preference of making it optional? Will it also be applied to image referrer descriptors?

Synced offline with @sajayantony, making artifactType optional for referrers requires less on server side and distributions can skip filling the field if filtering is not supported. Such change can be applied to image referrers.

[qweeah]

Closing as it should be fixed by making artifact type optional in the Referrers API in distribution-spec. Let's continue the discussion in opencontainers/distribution-spec#458