通过 Docker API 将私有镜像推送到 Docker Registry
[英]Push Private Image to Docker Registry via Docker API
问题描述
I'm using the Docker SDK for Python to push a local image repository into a Docker Registry (DockerHub in my case.)
我正在使用Docker SDK for Python将本地图像存储库推送到 Docker Registry(在我的例子中是 DockerHub。)
I use the "push" method on "client.images" described on documentation here .我在文档here中描述的“client.images”上使用“push”方法。
Unfortunately all published repositories are public.不幸的是,所有已发布的存储库都是公开的。 There appears to be no flag to push into a private repository or to ensure the pushed repository is private.似乎没有标志可以推送到私有存储库或确保推送的存储库是私有的。 Is this possible with the Docker Python API?这可以通过 Docker Python API 实现吗?
I tried this in three separate ways (all result in a public repo only):我以三种不同的方式尝试了这个(所有结果都只导致公共回购):
- Method One: Separate login (works, but results in public repo):方法一:单独登录(有效,但导致公共回购):
client = docker.from_env() auth_client = client.login(username = "kelly_peyton", password = "nightingale", email = "kpeyton@prophet5.org", registry = "docker.io", reauth = True) # other code here, not shown, to validate login succeeded cli = APIClient(base_url="unix:///var/run/docker.sock") br = cli.build(path = temp_local, dockerfile = f"{temp_local}/Dockerfile", tag = docker_repo_reference_tagged) # other code here, not shown, to validate build succeeded push_res = cli.push(repository = f"{docker_repo_reference}", tag = docker_repo_tag, stream = False, decode = False)
- Method Two: Credentials passed to push call (works, but results in public repo):方法二:传递给推送调用的凭据(有效,但导致公共回购):
client = docker.from_env() cli = APIClient(base_url="unix:///var/run/docker.sock") br = cli.build(path = temp_local, dockerfile = f"{temp_local}/Dockerfile", tag = docker_repo_reference_tagged) # other code here, not shown, to validate build succeeded push_res = cli.push(repository = f"{docker_repo_reference}", tag = docker_repo_tag, stream = False, auth_config = { "username" : "kelly_peyton", "password" : "nightingale", "email" : "kpeyton@prophet5.org", "registry" : "docker.io" }, decode = False)
- Method Three: command line login (not via code) (works, but results in public repo):方法三:命令行登录(不是通过代码)(有效,但会导致公共回购):
client = docker.from_env() cli = APIClient(base_url="unix:///var/run/docker.sock") br = cli.build(path = temp_local, dockerfile = f"{temp_local}/Dockerfile", tag = docker_repo_reference_tagged) # other code here, not shown, to validate build succeeded push_res = cli.push(repository = f"{docker_repo_reference}", tag = docker_repo_tag, stream = False, decode = False)
All three methods work since the image does indeed get pushed to the registry (DockerHub in my case), and clearly auth worked since I push to my private DockerHub account.所有三种方法都有效,因为图像确实被推送到注册表(在我的例子中是 DockerHub),并且自从我推送到我的私人 DockerHub 帐户后,身份验证显然有效。 However, the images are always public.但是,图像始终是公开的。
1 个解决方案
解决方案1
1 已采纳 2019-03-14 19:27:41
You can't make repo private by set your credentials to API.您不能通过将凭据设置为 API 来使 repo 私有。 It makes you be able to push the image to your repo only.它使您只能将图像推送到您的存储库。
You should create or convert repo to be private.您应该创建或将 repo 转换为私有。 Please read documentation to know how to do it.请阅读文档以了解如何操作。 Generally, only you can push to the repo.通常,只有您可以推送到 repo。 If repo public then everyone can download, if repo private then only you can download.如果 repo public 那么每个人都可以下载,如果 repo private 那么只有你可以下载。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.