从第 3 方存储库中检索 Docker 个图像标签
Retrieve Docker image tags from a 3rd party repo
对于直接来自 Docker Hub 的 Docker 图像,我可以通过访问它们的存储库 API 来检索图像的当前标签列表。例如,https://registry.hub.docker.com/v1/repositories/python/tags 会给我一个可以与 docker pull python:<tag>.
一起使用的标签列表
对于 Elastic Search,我使用的是他们的官方存储库,可以使用类似 docker pull docker.elastic.co/elasticsearch/elasticsearch:6.4.0
的方式拉取图像
但是,我不知道如何从该存储库中提取标签列表。我试过了
https://docker.elastic.co/elasticsearch/elasticsearch/tags
https://docker.elastic.co/v1/repositories/elasticsearch
https://docker.elastic.co/v2/repositories/elasticsearch/elasticsearch/_manifests/tags
..和其他几个变体。什么 URL/API 端点是 docker 命令行工具在后端请求中将 repository/image 名称翻译成什么?
您可以尝试使用与 python 相同的方法来获取可用版本的标签/列表。
示例:https://registry.hub.docker.com/v1/repositories/elasticsearch/tags
样本输出:[{"layer": "", "name": "1"}, {"layer": "", "name": "1-alpine"}]
所以您要尝试做的是,您将在 shell 脚本中提供标签的供应/显示列表,并要求他们选择。然后基于此,您将在自定义 Docker 文件中执行 docker pull 和 运行 那些命令?
原来docker.elastic.co是运行一个V2docker注册表,所以它需要V2API命令和token认证。尝试最初获取标签会导致 401,其中包含有关如何获取令牌的信息:
http https://docker.elastic.co/v2/elasticsearch/elasticsearch/tags/list (566ms)
HTTP/1.1 401 Unauthorized
Connection: keep-alive
Content-Length: 170
Content-Type: application/json; charset=utf-8
Date: Thu, 09 May 2019 15:24:42 GMT
Docker-Distribution-Api-Version: registry/2.0
Www-Authenticate: Bearer realm="https://docker-auth.elastic.co/auth",service="token-service",scope="repository:elasticsearch/elasticsearch:pull"
X-Content-Type-Options: nosniff
{
"errors": [
{
"code": "UNAUTHORIZED",
"detail": [
{
"Action": "pull",
"Class": "",
"Name": "elasticsearch/elasticsearch",
"Type": "repository"
}
],
"message": "authentication required"
}
]
}
使用 WWW-Authenticate 中的信息为给定的 service 和 scope 请求令牌:
http "https://docker-auth.elastic.co/auth?service=token-service&scope=repository:elasticsearch/elasticsearch:pull" (567ms)
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 790
Content-Type: application/json
Date: Thu, 09 May 2019 15:25:37 GMT
{
"token": "some-long-token"
}
最后,使用令牌发出请求:
http -v https://docker.elastic.co/v2/elasticsearch/elasticsearch/tags/list 'Authorization: Bearer some-long-token'
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1765
Content-Type: application/json; charset=utf-8
Date: Thu, 09 May 2019 15:26:18 GMT
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
{
"name": "elasticsearch/elasticsearch",
"tags": [
"5.0.0-731e78df",
"5.0.0-86a0b164",
"5.0.0-alpha5",
"5.0.0-beta1",
"5.0.0-ccd69424",
"5.0.0-rc1",
"5.0.0",
...
...
...
对于直接来自 Docker Hub 的 Docker 图像,我可以通过访问它们的存储库 API 来检索图像的当前标签列表。例如,https://registry.hub.docker.com/v1/repositories/python/tags 会给我一个可以与 docker pull python:<tag>.
对于 Elastic Search,我使用的是他们的官方存储库,可以使用类似 docker pull docker.elastic.co/elasticsearch/elasticsearch:6.4.0
但是,我不知道如何从该存储库中提取标签列表。我试过了
https://docker.elastic.co/elasticsearch/elasticsearch/tags
https://docker.elastic.co/v1/repositories/elasticsearch
https://docker.elastic.co/v2/repositories/elasticsearch/elasticsearch/_manifests/tags
..和其他几个变体。什么 URL/API 端点是 docker 命令行工具在后端请求中将 repository/image 名称翻译成什么?
您可以尝试使用与 python 相同的方法来获取可用版本的标签/列表。
示例:https://registry.hub.docker.com/v1/repositories/elasticsearch/tags
样本输出:[{"layer": "", "name": "1"}, {"layer": "", "name": "1-alpine"}]
所以您要尝试做的是,您将在 shell 脚本中提供标签的供应/显示列表,并要求他们选择。然后基于此,您将在自定义 Docker 文件中执行 docker pull 和 运行 那些命令?
原来docker.elastic.co是运行一个V2docker注册表,所以它需要V2API命令和token认证。尝试最初获取标签会导致 401,其中包含有关如何获取令牌的信息:
http https://docker.elastic.co/v2/elasticsearch/elasticsearch/tags/list (566ms)
HTTP/1.1 401 Unauthorized
Connection: keep-alive
Content-Length: 170
Content-Type: application/json; charset=utf-8
Date: Thu, 09 May 2019 15:24:42 GMT
Docker-Distribution-Api-Version: registry/2.0
Www-Authenticate: Bearer realm="https://docker-auth.elastic.co/auth",service="token-service",scope="repository:elasticsearch/elasticsearch:pull"
X-Content-Type-Options: nosniff
{
"errors": [
{
"code": "UNAUTHORIZED",
"detail": [
{
"Action": "pull",
"Class": "",
"Name": "elasticsearch/elasticsearch",
"Type": "repository"
}
],
"message": "authentication required"
}
]
}
使用 WWW-Authenticate 中的信息为给定的 service 和 scope 请求令牌:
http "https://docker-auth.elastic.co/auth?service=token-service&scope=repository:elasticsearch/elasticsearch:pull" (567ms)
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 790
Content-Type: application/json
Date: Thu, 09 May 2019 15:25:37 GMT
{
"token": "some-long-token"
}
最后,使用令牌发出请求:
http -v https://docker.elastic.co/v2/elasticsearch/elasticsearch/tags/list 'Authorization: Bearer some-long-token'
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1765
Content-Type: application/json; charset=utf-8
Date: Thu, 09 May 2019 15:26:18 GMT
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
{
"name": "elasticsearch/elasticsearch",
"tags": [
"5.0.0-731e78df",
"5.0.0-86a0b164",
"5.0.0-alpha5",
"5.0.0-beta1",
"5.0.0-ccd69424",
"5.0.0-rc1",
"5.0.0",
...
...
...