ORAS (OCI Registry As Storage) handles OCI (Open Container Initiative) Artifacts. It doesn’t assume that container images are the main artifacts and places significant importance on media types.
ORAS offers CLI tools and client libraries, enabling the distribution of artifacts across OCI-compliant registries.
“Registries are evolving as generic artifact stores. To enable this goal, the ORAS project provides a way to push and pull OCI Artifacts to and from OCI Registries. Users seeking a generic registry client can benefit from the ORAS CLI, while developers can build their own clients on top of one of the ORAS client libraries,” the project’s website states.
ORAS is a tool that operates similarly to Docker. It provides functionalities like pushing (uploading) and pulling (downloading) data to and from an OCI (Open Container Initiative) Registry. Additionally, ORAS handles authentication for login and authorization through token flow.
What sets ORAS apart is its emphasis on supporting various types of artifacts beyond container images. It encourages authors of new OCI Artifacts to define their own media types that are specific to their artifact type. This allows custom clients to understand and work with these artifacts effectively.
In summary, ORAS functions similarly to Docker but expands its capabilities to handle a broader range of artifacts. It facilitates pushing, pulling, authentication, and authorization processes while encouraging the use of custom media types for different artifact types.
The tool enables users to attach supply chain artifacts to container images, discover and show the artifact reference relations, and extend the registries not just for storing container images.
Projects currently using ORAS include Helm, Singularity, Falcoctl, Policy, Wasm to OCI, Conftest, Notation, and SOCI Snapshotter. Registries supporting OCI artifacts include CNCF Distribution, AWS Elastic Container Registry, Azure Container Registry, and more.