-
-
Save robv8r/fa66f5e0fdf001f425fe9facf2db6d49 to your computer and use it in GitHub Desktop.
Based on @matrey's comment, the updated script would look like this.
#!/usr/bin/env bash
# Gets all tags for a given docker image.
# Dependencies: curl, jq
# Examples:
# retrieve all tags for a single library
# docker-tags "library/redis"
# retrieve all tags for multiple libraries
# docker-tags "library/mongo" "library/redis"
token_uri="https://auth.docker.io/token"
list_uri="https://registry-1.docker.io/v2/###IMAGE###/tags/list"
images=($@)
scope=''
for image in "${images[@]}"; do
scope+="scope=repository:${image}:pull&"
done
token=$( curl -Ss "${token_uri}?service=registry.docker.io&${scope}" | jq -r .token )
for image in "${images[@]}"; do
this_uri=$( echo -n "${list_uri}" | sed -e "s^###IMAGE###^${image}^" )
curl -Ss -H "Accept: application/json" -H "Authorization: Bearer $token" "${this_uri}" | jq .
done
How can I use this to access a private repo? I keep getting the "UNAUTHORIZED" "authentication required" response, and I don't know how to provide my credentials.
@jcwatson11: It depends on the authentication mechanism of your private repository. What type of private repository are your working with? Specifically, is it registry:2
, ghcr.io, or a hosted provider?
arr=("$@")
for item in "${arr[@]}";
This is just a clumsy and memory-squandering way to say for item in "$@";
images=($@)
for image in "${images[@]}"; do
This adds a quoting error (you want "$@"
, always, not a bare $@
).
Thx for this script. I used a bit of jq/sort/sed to get the version number of the "latest" tag like so. Given that an image can have many tags going way back one probably needs to know apriori which major version is the "latest" and supply that.
docker_latest_image() {
image=$1
major=${2:-1}
tokenUri="https://auth.docker.io/token"
data=("service=registry.docker.io" "scope=repository:$image:pull")
token="$(curl --silent --get --data-urlencode ${data[0]} --data-urlencode ${data[1]} $tokenUri | jq --raw-output '.token')"
listUri="https://registry-1.docker.io/v2/$image/tags/list"
curl --silent --get -H "Accept: application/json" -H "Authorization: Bearer $token" $listUri \
| jq --raw-output ".tags[] | select(. | startswith(\"$major.\"))" | sort -V | sed -n \$p
}
docker_latest_image library/alpine 3
3.18.4
Several scopes can be requested at the same time, you don't need to get a new token for each image: