add retrive-manifest endpoint
#668
Conversation
|
@davidsiaw please review this |
| if heritage.image_name.start_with?("quay.io/") | ||
| response = RetrieveQuayManifest.new().process(user, password, heritage) | ||
| else | ||
| raise ExceptionHandler::InternalServerError.new("Unsupported Registry") | ||
| end |
There was a problem hiding this comment.
This is strange because we should be able to login to quay using the docker API. Please see the docker CLI implementation https://github.com/docker/cli/blob/a32cd16160f1b41c1c4ae7bee4dac929d1484e59/cli/command/registry/login.go
It is possible for the docker CLI to login to quay without having to use the quay-specific CLI, which I think should be the case with barcelona as well.
There was a problem hiding this comment.
@davidsiaw
Sure, we can use the docker api to log in.
but to use manifest endpint https://docs.docker.com/registry/spec/api/#manifest
we need bare token and it requires a basic auth
I do not think docker CLI support manifest endpoint yet.
curl -X GET --user username:password "https://quay.io/v2/auth?service=quay.io&scope=repository:NAMESPACE/REPOSITORY:pull"
I think once https://docs.docker.com/engine/reference/commandline/manifest_inspect/ is not experimental,
we can start to look how they are doing it.
part of #613
Add a
retrive-manifestendpoint to Barcerola to resolve this issue.Initially, I tried to get the manifest using dockercfg, but after checking with quay's CS, he said that was not possible.
So we need a user and password for auth.
We can use this endpoint to check if the docker image is in the registry.