mirror of https://github.com/docker/cli.git
47 lines
1.4 KiB
Go
47 lines
1.4 KiB
Go
package client
|
|
|
|
import (
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
|
|
"golang.org/x/net/context"
|
|
|
|
"github.com/docker/docker/api/types"
|
|
"github.com/docker/docker/api/types/reference"
|
|
)
|
|
|
|
// ImagePull requests the docker host to pull an image from a remote registry.
|
|
// It executes the privileged function if the operation is unauthorized
|
|
// and it tries one more time.
|
|
// It's up to the caller to handle the io.ReadCloser and close it properly.
|
|
//
|
|
// FIXME(vdemeester): there is currently used in a few way in docker/docker
|
|
// - if not in trusted content, ref is used to pass the whole reference, and tag is empty
|
|
// - if in trusted content, ref is used to pass the reference name, and tag for the digest
|
|
func (cli *Client) ImagePull(ctx context.Context, ref string, options types.ImagePullOptions) (io.ReadCloser, error) {
|
|
repository, tag, err := reference.Parse(ref)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
query := url.Values{}
|
|
query.Set("fromImage", repository)
|
|
if tag != "" && !options.All {
|
|
query.Set("tag", tag)
|
|
}
|
|
|
|
resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth)
|
|
if resp.statusCode == http.StatusUnauthorized && options.PrivilegeFunc != nil {
|
|
newAuthHeader, privilegeErr := options.PrivilegeFunc()
|
|
if privilegeErr != nil {
|
|
return nil, privilegeErr
|
|
}
|
|
resp, err = cli.tryImageCreate(ctx, query, newAuthHeader)
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return resp.body, nil
|
|
}
|