[jbosstools-issues] [JBoss JIRA] (ERT-470) Unable to list image tags on DockerHub [EBZ#508282]
Friendly Jira Robot (JIRA)
issues at jboss.org
Wed Nov 30 02:27:00 EST 2016
Friendly Jira Robot created ERT-470:
---------------------------------------
Summary: Unable to list image tags on DockerHub [EBZ#508282]
Key: ERT-470
URL: https://issues.jboss.org/browse/ERT-470
Project: Eclipse Release Train
Issue Type: Task
Components: Linux Tools
Reporter: Friendly Jira Robot
Fix For: Neon.2 (4.6)
It seems like the '/v1/' endpoint has been removed, resulting in an empty list of tags in the "Search Images" wizard.
But there's hope. The Docker Hub registry now runs on the '/v2' endpoint but requires authentication:
curl https://index.docker.io/v2/jboss/wildfly/tags/list -v
* Trying 54.85.12.131...
* Connected to index.docker.io (54.85.12.131) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.docker.io
* Server certificate: RapidSSL SHA256 CA - G3
* Server certificate: GeoTrust Global CA
> GET /v2/jboss/wildfly/tags/list HTTP/1.1
> Host: index.docker.io
> User-Agent: curl/7.43.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: application/json; charset=utf-8
< Docker-Distribution-Api-Version: registry/2.0
< Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:jboss/wildfly:pull"
< Date: Mon, 28 Nov 2016 10:29:37 GMT
< Content-Length: 145
< Strict-Transport-Security: max-age=31536000
<
{"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":[{"Type":"repository","Name":"jboss/wildfly","Action":"pull"}]}]}
The request above failed because not auth token was provided, but the registry returned a special 'Www.Authenticate' response header which points to the authentication service to call, along with the parameters to provide:
curl -v https://auth.docker.io/token\?service\=registry.docker.io\&scope\=repository:jboss/wildfly:pull
* Trying 52.72.61.89...
* Connected to auth.docker.io (52.72.61.89) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.docker.io
* Server certificate: RapidSSL SHA256 CA - G3
* Server certificate: GeoTrust Global CA
> GET /token?service=registry.docker.io&scope=repository:jboss/wildfly:pull HTTP/1.1
> Host: auth.docker.io
> User-Agent: curl/7.43.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: application/json
< Date: Mon, 28 Nov 2016 10:29:58 GMT
< Content-Length: 1442
< Strict-Transport-Security: max-age=31536000
<
{"token":"eyJ...Rg"}
Once the token has be retrieved, the first request can be run again, this time with the token:
curl https://index.docker.io/v2/jboss/wildfly/tags/list -v -H "Authorization: Bearer eyJ...Rg"
* Trying 52.207.178.113...
* Connected to index.docker.io (52.207.178.113) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.docker.io
* Server certificate: RapidSSL SHA256 CA - G3
* Server certificate: GeoTrust Global CA
> GET /v2/jboss/wildfly/tags/list HTTP/1.1
> Host: index.docker.io
> User-Agent: curl/7.43.0
> Accept: */*
> Authorization: Bearer eyJ...Rg
>
< HTTP/1.1 200 OK
< Content-Type: application/json; charset=utf-8
< Docker-Distribution-Api-Version: registry/2.0
< Date: Mon, 28 Nov 2016 10:30:13 GMT
< Content-Length: 157
< Strict-Transport-Security: max-age=31536000
<
{"name":"jboss/wildfly","tags":["10.0.0.Final","10.1.0.Final","8.1.0.Final","8.2.0.Final","8.2.1.Final","9.0.0.Final","9.0.1.Final","9.0.2.Final","latest"]}
See https://docs.docker.com/registry/spec/api/#/listing-image-tags
and https://docs.docker.com/registry/spec/auth/token/#/requesting-a-token
The logic to retrieve the list of tags for a given image should check if the registry is a 'v2' and if it needs authentication as described above.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jbosstools-issues
mailing list