Billy Zha

@sharadregoti can you share the `--debug` log? Does `my-password-` have push access to the repository?

I cannot reproduce this issue. The logs are strange, the token for pull and push is re-obtained successfully: ``` DEBU[0003] Request #7 > Request URL: "https://auth.docker.io/token?scope=repository%3Asharadregoti%2Fhelm-kubevirt-vms%3Apull%2Cpush&service=registry.docker.io" > Request method: "GET"...

> oras restore --> oras push --archive [:[,][...]] [:] [...] I think the usage is change to `oras push [:[,][...]] {[:] [...]|--archive }`.

> Currently, pull skips successors though, right? Depends on the type. `subject` are skipped unless `--include-subject` is specified. `manifests` in an index will be pulled.

There is a little difference between [the proposal](https://github.com/oras-project/oras/issues/1366#issuecomment-2246699831) and #730: cross-repository operation is not in scope here.

> Please forgive me @qweeah, I'm not sure I follow. > > For my use case I just want to be able to pull and image and save it to...

Saving(pulling) to a tar file is not supported, but reading(pushing) from a tar file is supported. You may tar the folder after pulling.

> why not skip the extraction and support just downloading the tar, given that's what an OCI image actually is? @liamwh Image layer files can be tarball and oras will...

@stmlange Can you kindly explain your scenario and why the verification is needed?

Thanks @stmlange for the detailed explanation. You can utilize `oras manifest fetch` generate a checksum file and use `shasum -c $FILE` to check it. /cc @FeynmanZhou To validate if it's...