Container Registry now supports Flux media types
Release notes
With our move to Flux CD for GitOps workflows, in this release we are adding support to the OCI images generated by the Flux CLI. While the GitLab container registry supports storing OCI images, it does not allow custom OCI-compatible media type. The current change enables the Flux-specific media types in the GitLab container registry.
Original report
We get this error when using Flux to push an OCI registry artifact to a container registry under registry.gitlab.com:
flux push artifact oci://registry.gitlab.com/sylva-projects/sylva-core/kustomize-units:test --path=. --source=git@gitlab.com:sylva-projects/sylva-core.git --revision=kustomize-units-oci-artifact/0574980c2e57149cb5879c27c61cba2551040e59
► pushing artifact to registry.gitlab.com/sylva-projects/sylva-core/kustomize-units:tmorin-test
✗ pushing artifact failed: pushing artifact failed: PUT https://registry.gitlab.com/v2/sylva-projects/sylva-core/kustomize-units/manifests/tmorin-test: MANIFEST_INVALID: manifest invalid; unknown media type: application/vnd.cncf.flux.config.v1+json
Flux CD maintainer Stefan Prodan explained that gitlab.com registry could possibly be configured to accept some media types that are used by Flux:
Starting with Flux 0.40 the artifacts produced by the CLI are proper OCI artifacts and looks like GitLab doesn't support that.
The OCI artifacts produced with flux push artifact have the following media types:
- artifact media type
application/vnd.oci.image.manifest.v1+json
- config media type
application/vnd.cncf.flux.config.v1+json
- content media type
application/vnd.cncf.flux.content.v1.tar+gzip
Please open an issue with them, they should be able to addvnd.cncf.flux
to their allow list.