def publish_release(self, source, target, deis_registry=False, creds=None):
"""Update a source Docker image with environment config and publish it to deis-registry."""
# get the source repository name and tag
src_name, src_tag = docker.utils.parse_repository_tag(source)
# get the target repository name and tag
name, tag = docker.utils.parse_repository_tag(target)
# strip any "http://host.domain:port" prefix from the target repository name,
# since we always publish to the Deis registry
repo, name = auth.split_repo_name(name)
# pull the source image from the registry
# NOTE: this relies on an implementation detail of deis-builder, that
# the image has been uploaded already to deis-registry
if deis_registry:
repo = "{}/{}".format(self.registry, src_name)
else:
repo = src_name
try:
# log into pull repo
if creds is not None:
self.login(repo, creds)
# pull image from source repository
self.pull(repo, src_tag)
# tag the image locally without the repository URL
image = "{}:{}".format(src_name, src_tag)
self.tag(image, "{}/{}".format(self.registry, name), tag=tag)
# push the image to deis-registry
self.push("{}/{}".format(self.registry, name), tag)
except APIError as e:
raise RegistryException(str(e))
def publish_release(self, source, target, deis_registry=False, creds=None):
"""Update a source Docker image with environment config and publish it to deis-registry."""
# get the source repository name and tag
src_name, src_tag = docker.utils.parse_repository_tag(source)
# get the target repository name and tag
name, tag = docker.utils.parse_repository_tag(target)
# strip any "http://host.domain:port" prefix from the target repository name,
# since we always publish to the Deis registry
repo, name = auth.split_repo_name(name)
# pull the source image from the registry
# NOTE: this relies on an implementation detail of deis-builder, that
# the image has been uploaded already to deis-registry
if deis_registry:
repo = "{}/{}".format(self.registry, src_name)
else:
repo = src_name
try:
# log into pull repo
if creds is not None:
self.login(repo, creds)
# pull image from source repository
self.pull(repo, src_tag)
# tag the image locally without the repository URL
image = "{}:{}".format(src_name, src_tag)
self.tag(image, "{}/{}".format(self.registry, name), tag=tag)
# push the image to deis-registry
self.push("{}/{}".format(self.registry, name), tag)
except APIError as e:
raise RegistryException(str(e))
def get_port(self, target, deis_registry=False, creds=None):
"""
Get a port from a Docker image
"""
# get the target repository name and tag
name, _ = docker.utils.parse_repository_tag(target)
# strip any "http://host.domain:port" prefix from the target repository name,
# since we always publish to the Deis registry
repo, name = auth.split_repo_name(name)
# log into pull repo
if not deis_registry:
self.login(repo, creds)
info = self.inspect_image(target)
if 'ExposedPorts' not in info['Config']:
return None
port = int(list(info['Config']['ExposedPorts'].keys())[0].split('/')[0])
return port
def get_port(self, target, deis_registry=False, creds=None):
"""
Get a port from a Docker image
"""
# get the target repository name and tag
name, _ = docker.utils.parse_repository_tag(target)
# strip any "http://host.domain:port" prefix from the target repository name,
# since we always publish to the Deis registry
repo, name = auth.split_repo_name(name)
# log into pull repo
if not deis_registry:
self.login(repo, creds)
info = self.inspect_image(target)
if "ExposedPorts" not in info["Config"]:
return None
port = int(list(info["Config"]["ExposedPorts"].keys())[0].split("/")[0])
return port
def _get_private_registry_config(self, image, registry=None):
name = settings.REGISTRY_SECRET_PREFIX
if registry:
# try to get the hostname information
hostname = registry.get('hostname', None)
if not hostname:
hostname, _ = docker_auth.split_repo_name(image)
if hostname == docker_auth.INDEX_NAME:
hostname = 'https://index.docker.io/v1/'
username = registry.get('username')
password = registry.get('password')
elif settings.REGISTRY_LOCATION == 'off-cluster':
secret = self._scheduler.secret.get(
settings.WORKFLOW_NAMESPACE, 'registry-secret').json()
username = secret['data']['username']
password = secret['data']['password']
hostname = secret['data']['hostname']
if hostname == '':
hostname = 'https://index.docker.io/v1/'
name = name + '-' + settings.REGISTRY_LOCATION
elif settings.REGISTRY_LOCATION in ['ecr', 'gcr']:
return None, name + '-' + settings.REGISTRY_LOCATION, False
else:
return None, None, None
# create / update private registry secret
auth = bytes('{}:{}'.format(username, password), 'UTF-8')
# value has to be a base64 encoded JSON
docker_config = json.dumps({
'auths': {
hostname: {
'auth': base64.b64encode(auth).decode(encoding='UTF-8')
}
}
})
return docker_config, name, True
def _get_private_registry_config(self, image, registry=None):
name = settings.REGISTRY_SECRET_PREFIX
if registry:
# try to get the hostname information
hostname = registry.get('hostname', None)
if not hostname:
hostname, _ = docker_auth.split_repo_name(image)
if hostname == docker_auth.INDEX_NAME:
hostname = 'https://index.docker.io/v1/'
username = registry.get('username')
password = registry.get('password')
elif settings.REGISTRY_LOCATION == 'off-cluster':
secret = self._scheduler.secret.get('deis', 'registry-secret').json()
username = secret['data']['username']
password = secret['data']['password']
hostname = secret['data']['hostname']
if hostname == '':
hostname = 'https://index.docker.io/v1/'
name = name + '-' + settings.REGISTRY_LOCATION
elif settings.REGISTRY_LOCATION in ['ecr', 'gcr']:
return None, name + '-' + settings.REGISTRY_LOCATION, False
else:
return None, None, None
# create / update private registry secret
auth = bytes('{}:{}'.format(username, password), 'UTF-8')
# value has to be a base64 encoded JSON
docker_config = json.dumps({
'auths': {
hostname: {
'auth': base64.b64encode(auth).decode(encoding='UTF-8')
}
}
})
return docker_config, name, True