def get_tag(self, repo, tag): try: tag_info = {} dxf = DXF(REGISTRY_ADDRESS, repo) digest = dxf.get_digest(tag) response = self.request_registry(self.GET_LAYER_TEMPLATE.format( url=REGISTRY_V2_API_ADDRESS, repo=repo, digest=digest), method='HEAD') if response.status == 200: manifest = self.get_manifest(repo, tag) tag_info['Tag'] = tag tag_info['Created'] = manifest.get_created_date() tag_info['Entrypoint'] = manifest.get_entrypoint() tag_info['DockerVersion'] = manifest.get_docker_version() tag_info['ExposedPorts'] = manifest.get_exposed_ports() tag_info['Volumes'] = manifest.get_volumes() return tag_info else: return None except Exception as ex: LOGGER.error(ex)
def confirm_registry_asset(repo, pointer): """ Validates a registry asset by querying the remote registry. Returns the registry manifest at the given pointer, and a pullable image string. """ host, username, api_key = get_registry_connectivity() image = host + '/' + repo + '@' + pointer log.debug('Validating image ' + image + '...') # Authenticate via callable def auth(dxf, response): log.debug('Authenticating to registry...') dxf.authenticate(username, api_key, response=response) log.debug('Auth to registry successful') # Connects over internal network with override host and autogenerated TLS dxf = DXF(host, repo, auth, tlsverify=False) # Fetch and sanity check the blob size blob_id = str(dxf.get_digest(pointer)) if dxf.blob_size(blob_id) > (10 * 1000 * 1000): # 10 MB to bytes raise Exception( 'Manifest is larger than 10 MB. Possible registry error?') # Pull and assemble the manifest raw_blob, _ = dxf.pull_blob(blob_id, size=True) manifest = json.loads(''.join(raw_blob)) # Compatibility checks for the gears platform if manifest['architecture'] != 'amd64': raise Exception("Architecture must be amd64") if manifest['os'] != 'linux': raise Exception("Os must be linux") return manifest, image
def delete(self, _, **kwargs): """ @api {delete} /registry/repository/<str:repo>/<str:tag>/ Delete an image @apiName DeleteImage @apiGroup RegistryManager @apiVersion 0.1.0 @apiPermission admin @apiSuccess {Object} payload Success payload is empty @apiUse APIHeader @apiUse Success @apiUse OperationFailed @apiUse Unauthorized """ try: repo = kwargs.get('repo') tag = kwargs.get('tag') dxf = DXF(REGISTRY_ADDRESS, repo) digest = dxf.get_digest(tag) dxf.del_blob(digest) return JsonResponse(RESPONSE.SUCCESS) except Exception as ex: LOGGER.exception(ex) return JsonResponse(RESPONSE.OPERATION_FAILED)