Brandon Mitchell

@dmesser best guess is something changed to sign the entire descriptor and a digest isn't enough. The fix for that would be using an OCI Layout. But the underlying problem...

It's referring to the on-disk format. There's still a lot to develop for this (not just in cosign), and you'd need a separate step to copy the signed image to...

I'd definitely want something automated if this is added. For the most part, the help wanted is because I don't have a Mac to test this. Goreleaser is on the...

Interesting. Looks like another place that ECR violates the spec. A chunk (PATCH) from the distribution spec: > Each successful chunk upload MUST have a 202 Accepted response code https://github.com/opencontainers/distribution-spec/blob/main/spec.md...

The chunked uploads become the default on blobs that exceed 100MB, so it only affects large images by default. It also falls back to a chunked upload if the network...

They've certainly taken a different approach with their interpretation of the spec. I think I can reproduce this locally, so I'll see if that can be fixed up today. In...

@davidgiga1993 I haven't forgotten about you. AWS is looking into the ECR issues, seems like there may be some known problems with chunked blob pushes. I've got an [open forum...

It's set per registry with `regctl registry set $registry_name --blob-max -1`

Thanks for the report @davidgiga1993 . I think this is now fixed in main (which is built as regclient/regctl:edge). Let me know if you still experience issues with that. I've...

> The questions remain: > > 1. Why does one image work and the other doesn't if the target registry is the same. I would expected both to get a...