A tar archive of a Docker image contains a `mainfest.json` file that
lists the path to each embedded tar file containing the contents of a
layer in the image. This manifest file should be used to identify the
layer files instead of relying on file naming conventions and
assumptions on the directory structure that are not consistent
between container engine implementations.
Fixes gh-34324
Update `PrivateKeyParser` to support loading PEM formatted
elliptic-curve keys. We need to do a similar trick to the PKCS1 keys
and convert them to a `PKCS8EncodedKeySpec`.
Fixes gh-32646
When using the Gradle `bootBuildImage` task or Maven
`spring-boot:build-image` goal on a Linux distribution with SELinux
enabled, binding the Docker socket in the builder container might
fail. This commit disables the `label` security policy in the builder
container to prevent this type of failure.
Fixes gh-32000
This commit removes the requirement that `docker.publishRegistry`
configuration must be provided when an image is published by the Gradle
or Maven plugin.
Fixes gh-28844
This commit adds validation of any buildpacks that are specified for
image building to match them against buildpacks that are bundled in
the builder. If an image buildpack's ID, version, and one layer
hash match the same information stored in a label on the builder
image, that buildpack won't be added and the buildpack bundled in
the builder will be used instead. This reduces the chance of adding to
the total count of layers in a builder image unnecessarily.
Fixes gh-31233
Johnny Lim
Phillip Webb
Moritz Halbritter
Scott Frederick
Marc Wrobel
Andy Wilkinson
Moritz Halbritter
Stephane Nicoll