Docker registry API authentication workflow example
After spending a fair bit of time experimenting with getting authentication to work in python with the Docker registry API, I finally worked out the workflow. As a public service I'm posting a non-language specific workflow here.
Getting auth info
https://index.docker.io
send: b'GET /v2/?account=dockerhubuser’
header: Authorization: Basic Y3N0....9ndTNzcw==
reply: 'HTTP/1.1 401 Unauthorized'
header: Content-Type: application/json
header: Docker-Distribution-Api-Version: registry/2.0
header: Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io"
header: Date: Tue, 09 Jun 2020 16:18:07 GMT
header: Content-Length: 87
header: Strict-Transport-Security: max-age=31536000
body:{
‘errors': [{'code': 'UNAUTHORIZED',
'detail': None,
'message': 'authentication required'}]
}
Connecting to repository
https://auth.docker.io/
send: b'GET /token?scope=repository%3Alibrary%2Fbusybox%3Apull&service=registry.docker.io&account=dockerhubuser
Authorization: Basic Y3N0.....9ndTNzcw==
reply: 'HTTP/1.1 200 OK'
header: Content-Type: application/json
header: Date: Tue, 09 Jun 2020 16:18:07 GMT
header: Transfer-Encoding: chunked
header: Strict-Transport-Security: max-age=31536000
body: :{
‘access_token': 'eyJ...4epQ',
'expires_in': 300,
'issued_at': '2020-06-09T16:18:07.58167979Z',
'token': 'eyJ...4epQ'
}
Getting TagList
https://index.docker.io
send: b'GET /v2/library/busybox/tags/list?scope=repository%3Alibrary%2Fbusybox%3Apull&service=registry.docker.io&account=dockerhubuser
Authorization: Bearer eyJ...4epQ
reply: 'HTTP/1.1 200 OK'
header: Content-Type: application/json
header: Docker-Distribution-Api-Version: registry/2.0
header: Date: Tue, 09 Jun 2020 16:18:07 GMT
header: Content-Length: 1806
header: Strict-Transport-Security: max-age=31536000
body:{
‘name': 'library/busybox',
'tags': ['1-glibc',
:
'uclibc']
}
No comments:
Post a Comment