OCI_INDEX_SCHEMA shouldn't require the platform property

[elelaysh]

Version
pulpcore: 3.73.25
pulpcontainer: 2.25.1
docker image docker.io/pulp/pulp:3.73.25

Describe the bug
The OCI spec marks it as OPTIONAL

To Reproduce

1. patch registry_api.py for blob partial_upload to return 202 instead of 204 (blob chunk upload should return 202 not 204 #2199)

2. Try to attach an sbom artifact to an image using regctl

regctl -v debug artifact put --artifact-type application/spdx+json --subject 127.0.0.1:8080/foo/my/image:version < my-sbom.json
(...)
failed to put manifest 127.0.0.1:8080/foo/stackhpc-dev/openstack-base:sha256-b3b40066e24ae156719f0b2dfc287d15046f59bf6980f49b53956e990cf395bc: request failed: unexpected http status code: Bad Request [http 400]: {"errors":[{"code":"MANIFEST_INVALID","message":"manifests.0: 'platform' is a required property","detail":{"digest":"sha256:d801183c2a1add8a81f0ef177d03e11062e337481719811fd27694f8d8313f8a"}}]}

Expected behavior

Once the property is made option in the json schema, pulp_container accepts the manifest index without issue.
I can then do

# regctl artifact list  127.0.0.1:8080/foo/my/image:version
Subject:        127.0.0.1:8080/foo/stackhpc-dev/openstack-base@sha256:b3b40066e24ae156719f0b2dfc287d15046f59bf6980f49b53956e990cf395bc
Referrers:
  Name:         127.0.0.1:8080/my/image@sha256:a2d3893eb7f603f8a6ff6f4fa1da7a3f2d1b736e2fb9473d26c24c21aa8c7176
  Digest:       sha256:a2d3893eb7f603f8a6ff6f4fa1da7a3f2d1b736e2fb9473d26c24c21aa8c7176
  MediaType:    application/vnd.oci.image.manifest.v1+json
  ArtifactType: application/spdx+json

Additional context

I'm trying to add SBOM artifacts from a trivy scan to images in a pulp_container registry.
I've first hit #2199 then this issue.
With both fixed I think my use case would work fine.

[elelaysh]

Here is the oci index that is rejected:

{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.index.v1+json",
  "manifests": [
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:a2d3893eb7f603f8a6ff6f4fa1da7a3f2d1b736e2fb9473d26c24c21aa8c7176",
      "size": 587,
      "artifactType": "application/spdx+json"
    }
  ]
}

And the manifest is is referencing (just for your info):

{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.manifest.v1+json",
  "artifactType": "application/spdx+json",
  "config": {
    "mediaType": "application/vnd.oci.empty.v1+json",
    "digest": "sha256:44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a",
    "size": 2
  },
  "layers": [
    {
      "mediaType": "application/spdx+json",
      "digest": "sha256:c2d3238fd8c873470d102332e019052afe3ad5542792dcc98514a7b6af1f5183",
      "size": 1118596
    }
  ],
  "subject": {
    "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
    "digest": "sha256:b3b40066e24ae156719f0b2dfc287d15046f59bf6980f49b53956e990cf395bc",
    "size": 6078
  }
}