cerc-io/stack-orchestrator
17
1
Fork 3
Code Issues 113 Pull Requests 18 Actions Packages Projects Releases 480 Wiki Activity

Updatge auth

Browse Source
This commit is contained in:
David Boreham 2024-02-26 19:26:55 -07:00
parent 6af45e21d1
commit 14eb26c618
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
stack_orchestrator/build/fetch_containers.py
View File

@ -28,16 +28,17 @@ from stack_orchestrator.build.build_util import get_containers_in_scope
def _local_tag_for(container: str): def _local_tag_for(container: str):
return f"{container}:local" return f"{container}:local"
# Emulate this: # Emulate this:
# $ curl -u "my-username:my-token" -X GET "https://<container-registry-hostname>/v2/cerc-io/cerc/test-container/tags/list" # $ curl -u "my-username:my-token" -X GET "https://<container-registry-hostname>/v2/cerc-io/cerc/test-container/tags/list"
# {"name":"cerc-io/cerc/test-container","tags":["202402232130","202402232208"]} # {"name":"cerc-io/cerc/test-container","tags":["202402232130","202402232208"]}
def _get_tags_for_container(container: str, registry: str) -> List[str]: def _get_tags_for_container(container: str, registry: str, registry_username: str, registry_token: str) -> List[str]:
# registry looks like: git.vdb.to/cerc-io # registry looks like: git.vdb.to/cerc-io
registry_parts = registry.split("/") registry_parts = registry.split("/")
url = f"https://{registry_parts[0]}/v2/{registry_parts[1]}/{container}/tags/list" url = f"https://{registry_parts[0]}/v2/{registry_parts[1]}/{container}/tags/list"
if opts.o.debug: if opts.o.debug:
print(f"Fetching tags from: {url}") print(f"Fetching tags from: {url}")
response = requests.get(url, auth=("dboreham", "fb44b8dd36638bcf4abf478f7b1c3e18ed578f10")) response = requests.get(url, auth=(registry_username, registry_token))
if response.status_code == 200: if response.status_code == 200:
tag_info = response.json() tag_info = response.json()
if opts.o.debug: if opts.o.debug:
@ -53,14 +54,15 @@ def _find_latest(candidate_tags: List[str]):
return candidate_tags[0] return candidate_tags[0]
def _get_latest_image(container: str, registry: str): def _get_latest_image(container: str, registry: str, registry_username: str, registry_token: str):
all_tags = _get_tags_for_container(container, registry) all_tags = _get_tags_for_container(container, registry, registry_username, registry_token)
latest_tag = _find_latest(all_tags) latest_tag = _find_latest(all_tags)
return f"{container}:{latest_tag}" return f"{container}:{latest_tag}"
def _fetch_image(tag: str, registry: str): def _fetch_image(tag: str, registry: str, registry_username: str, registry_token: str):
docker = DockerClient() docker = DockerClient()
docker.login(registry, registry_username, registry_token)
remote_tag = f"{registry}/{tag}" remote_tag = f"{registry}/{tag}"
if opts.o.debug: if opts.o.debug:
print(f"Attempting to pull this image: {remote_tag}") print(f"Attempting to pull this image: {remote_tag}")
@ -87,8 +89,10 @@ def _add_local_tag(remote_tag: str, registry: str, local_tag: str):
@click.option('--exclude', help="don\'t fetch these containers") @click.option('--exclude', help="don\'t fetch these containers")
@click.option("--force-local-overwrite", is_flag=True, default=False, help="Overwrite a locally built image, if present") @click.option("--force-local-overwrite", is_flag=True, default=False, help="Overwrite a locally built image, if present")
@click.option("--image-registry", required=True, help="Specify the image registry to fetch from") @click.option("--image-registry", required=True, help="Specify the image registry to fetch from")
@click.option("--registry_username", required=True, help="Specify the image registry username")
@click.option("--registry_token", required=True, help="Specify the image registry access token")
@click.pass_context @click.pass_context
def command(ctx, include, exclude, force_local_overwrite, image_registry): def command(ctx, include, exclude, force_local_overwrite, image_registry, registry_username, registry_token):
'''EXPERIMENTAL: fetch the images for a stack from remote registry''' '''EXPERIMENTAL: fetch the images for a stack from remote registry'''
# Generate list of target containers # Generate list of target containers
@ -101,10 +105,10 @@ def command(ctx, include, exclude, force_local_overwrite, image_registry):
print(f"Processing: {container}") print(f"Processing: {container}")
# For each container, attempt to find the latest of a set of # For each container, attempt to find the latest of a set of
# images with the correct name and platform in the specified registry # images with the correct name and platform in the specified registry
image_to_fetch = _get_latest_image(container, image_registry) image_to_fetch = _get_latest_image(container, image_registry, registry_username, registry_token)
if opts.o.debug: if opts.o.debug:
print(f"Fetching: {image_to_fetch}") print(f"Fetching: {image_to_fetch}")
_fetch_image(image_to_fetch, image_registry) _fetch_image(image_to_fetch, image_registry, registry_username, registry_token)
# Now check if the target container already exists exists locally already # Now check if the target container already exists exists locally already
if (_exists_locally(container)): if (_exists_locally(container)):
if not opts.o.quiet: if not opts.o.quiet:
@ -113,11 +117,13 @@ def command(ctx, include, exclude, force_local_overwrite, image_registry):
if (force_local_overwrite): if (force_local_overwrite):
# In that case remove the existing :local tag # In that case remove the existing :local tag
if not opts.o.quiet: if not opts.o.quiet:
print(f"Warning: removing local tag from this image: {container} because --force-local-overwrite was specified") print(f"Warning: removing local tag from this image: {container} because "
"--force-local-overwrite was specified")
_remove_local_tag(local_tag) _remove_local_tag(local_tag)
else: else:
if not opts.o.quiet: if not opts.o.quiet:
print(f"Skipping download for this image: {container}") print(f"Skipping local tagging for this image: {container} because that would "
"overwrite an existing :local tagged image, use --force-local-overwrite to do so.")
# Tag the fetched image with the :local tag # Tag the fetched image with the :local tag
_add_local_tag(image_to_fetch, image_registry, local_tag) _add_local_tag(image_to_fetch, image_registry, local_tag)
else: else: