-
-
Save achetronic/2db363e6c2fbecd42ae67512fbea50ca to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| SHA256_HASH="5bb4faffc8b35e2702b2ffa78e982b979d7b66db29bd55b0c58de8fa745df661" | |
| for i in {1..1000} | |
| do | |
| echo "Looking into page: $i" | |
| curl "https://registry.hub.docker.com/v2/repositories/apache/superset/tags/?page=$i" \ | |
| | jq '.results[] | select(.["images"][]["digest"] == "sha256:'${SHA256_HASH}'")' | |
| done |
@ThomDietrich @aryehb Thank you for the contribution mates!
This is used more as a life-saver trick when you only have the sha256 and you need to find the tag pointing to that digest in the repo to fix it in your deployment manifests
Putting it together:
SHA256_HASH='5bb4faffc8b35e2702b2ffa78e982b979d7b66db29bd55b0c58de8fa745df661'
NAMESPACE='apache'
REPO_NAME='superset'
for i in {1..1000}; do
if [ $i -eq 100 ]; then
echo -e "\e[35mSleeping for 7 seconds on page $i...\e[0m"
sleep 7
fi
echo "Looking into page: $i"
result=$(curl -s "https://registry.hub.docker.com/v2/repositories/$NAMESPACE/$REPO_NAME/tags/?page=$i" | jq -r ".results[] | select(.[\"images\"][][\"digest\"] == \"sha256:$hash\" or .digest == \"sha256:$SHA256_HASH\")") || break
if [ ! -z "$result" ]; then
echo "$result" | jq '.'
break
fi
done
For official images like https://hub.docker.com/_/node the namespace is "library".
Also, I think @Kyu meant for $hash to be $SHA256_HASH. Fixed:
#!/bin/bash
SHA256_HASH="5bb4faffc8b35e2702b2ffa78e982b979d7b66db29bd55b0c58de8fa745df661"
NAMESPACE='apache'
REPO_NAME='superset'
for i in {1..1000}; do
if [ $i -eq 100 ]; then
echo -e "\e[35mSleeping for 7 seconds on page $i...\e[0m"
sleep 7
fi
echo "Looking into page: $i"
result=$(
curl -s "https://registry.hub.docker.com/v2/repositories/$NAMESPACE/$REPO_NAME/tags/?page=$i" \
| jq -r ".results[] | select(.[\"images\"][][\"digest\"] == \"sha256:$SHA256_HASH\" or .digest == \"sha256:$SHA256_HASH\")"
) || break
if [ ! -z "$result" ]; then
echo "$result" | jq '.'
break
fi
done
For the benefit of anyone else who happens to hit this, if what you have is the hash of a particular tag of a multi-arch image, this approach does not work.
Ha, the later iterations do work! It's the or .digest == [...] part which does the trick I think.
Anyway, for posterity, here's my iteration of the script, with simplistic command line argument handling, sleeping every 100 pages and adding the sha256: prefix if not given.
#!/bin/bash
set -eou pipefail
SHA256_HASH=""
IMAGE=""
while [[ $# -gt 0 ]]; do
case "$1" in
--hash)
shift
SHA256_HASH="$1"
shift
;;
--image)
shift
IMAGE="$1"
shift
;;
*)
echo "Unknown argument \"$1\"" >&2
echo "Usage: $0 --hash HASH --image REPO/IMAGE" >&2
exit 1
;;
esac
done
if [[ -z "$SHA256_HASH" || -z "$IMAGE" ]]; then
echo "Usage: $0 --hash HASH --image REPO/IMAGE" >&2
exit 1
fi
if [[ ! "${SHA256_HASH:0:7}" == "sha256:" ]]; then
SHA256_HASH="sha256:${SHA256_HASH}"
fi
for i in {1..1000}; do
if [[ $(expr $i % 100) -eq 0 ]]; then
echo "Sleeping for 7 seconds on page $i..."
sleep 7
fi
echo "Looking into page: $i"
result=$(
curl "https://registry.hub.docker.com/v2/repositories/$IMAGE/tags/?page=$i" |
jq '.results[] | select(.["images"][]["digest"] == "'${SHA256_HASH}'" or .digest == "'${SHA256_HASH}'")'
) || break
if [[ ! -z "$result" ]]; then
echo "$result" | jq .
break
fi
done
To find your SHA256_HASH: