Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there a way to override DOCKER_HUB_API_ENDPOINT #21

Open
chimmmpie opened this issue Feb 9, 2023 · 4 comments
Open

Is there a way to override DOCKER_HUB_API_ENDPOINT #21

chimmmpie opened this issue Feb 9, 2023 · 4 comments
Labels
enhancement

Comments

@chimmmpie
Copy link

As there are becoming more and more docker registries it would be nice to be able to query them as well.
Is there a option to override the DOCKER_HUB_API_ENDPOINT and or would u consider it useful to make it configurable?
@amalfra
Copy link
Owner

amalfra commented Feb 15, 2023

@chimmmpie Thanks for the suggestion. That would be a good feature to have. It needs to be checked whether all these registries are also expected to have same API endpoints are the main registry.

@chimmmpie
Copy link
Author

I expect docker (unverified) to use the same API to fetch data. So i would expect it to be the same. But ill test a few if i have some time.

@chimmmpie
Copy link
Author

I did some digging around, From what i can find the tags api for docker registry is authenticated. For the web api used by dockerhub there does not seem to be a standard. That makes this case impossible.

https://docs.docker.com/registry/spec/api/#tags

@chimmmpie chimmmpie reopened this Sep 20, 2023
@chimmmpie
Copy link
Author

chimmmpie commented Sep 20, 2023
edited
Loading

I did some digging around when i found some other specs that point me on how to do it. Here is some dirty code that should work for any docker compatible repo given you have credentials. Those credentials we could be taken from the docker config. $HOME/.docker/config.json

USERNAME = 'someusername'
PASSWORD = 'somepassword'
# Define the authentication URL and registry URL
REGISTRY = "https://registry-1.docker.io/"
CI_PROJECT_PATH = "yuzutech/kroki-bpmn"

# Get the image tag list
response = requests.get(
    f"{REGISTRY}/v2/{CI_PROJECT_PATH}/tags/list"
)
token = None
if 'Www-Authenticate' in response.headers:
    www_authenticate = response.headers['Www-Authenticate']
    first = www_authenticate.split(',')[0]
    realm = first.split('"')[1]
    print('authenticate url', realm)
    services_raw = www_authenticate.split(',')[1]
    services = services_raw.split('"')[1]
    scope_raw = www_authenticate.split(',')[2]
    scope = scope_raw.split('"')[1]
    url = f"{realm}?service={services}&scope={scope}"
    print(url)
    response = requests.get(url, auth=(USERNAME, PASSWORD))
    token = response.json()['token']
    print(response.json())
    print(token)
    print()

if token is not None:
    headers = {
        'Authorization': f'Bearer {token}'
    }
else:
    headers = {}
print('headers:', headers)
response = requests.get(
    f"{REGISTRY}/v2/{CI_PROJECT_PATH}/tags/list", headers=headers
)
# print(response.headers['Www-Authenticate'])
REGISTRY_TAG_LIST = response.json()
print(REGISTRY_TAG_LIST)
tags = REGISTRY_TAG_LIST.get('tags', [])
print(tags)

I would keep the current code and add something like this as a fallback for other docker compatible registries.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@amalfra @chimmmpie