























ORAS is a tool for working with OCI artifacts and OCI registries. It allows you to distribute OCI artifacts across OCI Registries. ORAS was established and open-sourced in Dec 2018 and joined CNCF as a Sandbox project in June 2021.
As you can see, ORAS has a long history and is still growing since it has an active community behind it. I was fortunate to join the ORAS community as a release manager in May 2022 and growing with the project this year. So I write this article to share the growth of the active community and project iteration that I witnessed in 2022. Let’s look back at what’s been happening this year and what we can expect in 2023 and beyond.
ORAS provides an OCI registry client ORAS CLI with functional-rich command sets that users can benefit from, while developers can build their own clients on top of one of the ORAS client libraries including Golang and Python libraries.
We are following a monthly release cadence to ensure fast iteration so that we can get feedback and detect problems from the community and then fix them efficiently.
As some users might be aware, the ORAS project has an obvious growing trend in both user adoption and contributions starting from the middle of 2022. We are working to properly document the contribution and development process. Let’s see the remarkable statistics in 2022 as follows. You can also check out the detailed dashboards here.
ORAS CLI, ORAS Go, and Python SDK are designed to help users and developers manage OCI Distribution based artifacts. ORAS empowers the secure supply chain by enabling users to leverage the existing services they already have across their development to production environments.
Currently, the biggest cloud providers like Microsoft Azure, AWS, and Google Cloud are using ORAS to manage OCI artifacts in registries. ORAS Go SDK has been integrated and adopted by some industry-leading vendors and popular open-source projects. Here is part of known adopters till now:
Just a few years ago, there were no standards nor tooling for registries to natively store, discover, and pull a graph of OCI artifacts. To extend the registry’s role and form the industry standard, ORAS maintainers proposed a new artifact manifest type to describe and query relationships between objects stored in a registry, without mutating the existing content.
Initially, the reference types work was incubated under the CNCF ORAS Artifact manifest project. It has been contributed to the OCI Image and Distribution v1.1-RC specifications in Sep 2022. Now it is an industry standard and there are already a few early implementations, such as Azure Container Registry and Zot registry. After the OCI v1.1 specification is available, we expect more registry vendors start to support and implement it.
Open-source contributions are not limited to coding. The non-code contributions like blogging, writing documentation, and technical sharing are also important for the ORAS community. It’s so good to see more and more users and contributors from different organizations sharing their use cases and best practices with ORAS toolings via blog posts or conference presentations this year. You can learn more about their experience from their articles and videos below.
Looking forward to 2023, several exciting plans have already been identified:
Last but not least, special thanks go to the many outstanding contributors, community evangelists, adopters. We are also grateful to those who have incorporated ORAS in production and have been providing feedback to ensure ORAS is continuously improving. Let’s collaborate more on future milestones in 2023.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。