Pubtools-quay
Project description
Set of scripts used for operating with Quay service
Requirements
Python 2.6+
Python 3.5+
Skopeo is required for the tagging operation
Features
pubtools-quay-tag-image - Copy a quay image from source to destination(s)
pubtools-quay-merge-manifest-list - Merge manifest lists of new and old images. The architectures of new (source) image overwrite destination’s archs. Archs missing from the source image will still remain in the merged manifest list. Destination image’s manifest list is overwritten by the merged manifest list.
pubtools-quay-untag - Remove tags from quay repositories. Tags to remove are specified by image references. In addition to Docker credentials, Quay API OAuth token has to be specified. Script will not perform the untagging operation if some image in a repo will lose its last tag. In this scenario, untagging can be forced by using the –remove-last argument.
Setup
$ pip install -r requirements.txt $ pip install . or $ python setup.py install
Usage
Locally copy an image from source to destination. Quay password is injected from the environment variable.
$ export QUAY_PASSWORD=token $ pubtools-quay-tag-image \ --source-ref quay.io/source/image:34 \ --dest-ref quay.io/target/image:34 \ --quay-user quay+username \
Connect to a remote host via ssh (using password) and perform the copying to multiple destinations.
$ export QUAY_PASSWORD=token $ export SSH_PASSWORD=123456 $ pubtools-quay-tag-image \ --source-ref quay.io/source/image:34 \ --dest-ref quay.io/target/image:34 \ --dest-ref quay.io/target/image2:34 \ --quay-user quay+username \ --remote-exec \ --ssh-remote-host 127.0.0.1 \ --ssh-remote-host-port 2222 \ --ssh-username user
Connect to a remote host via ssh (using private key), perform the copying
$ export QUAY_PASSWORD=token $ export SSH_PASSWORD=123456 $ pubtools-quay-tag-image \ --source-ref quay.io/source/image:34 \ --dest-ref quay.io/target/image:34 \ --quay-user quay+username \ --remote-exec \ --ssh-remote-host 127.0.0.1 \ --ssh-remote-host-port 2222 \ --ssh-username user \ --ssh-key-filename /path/to/file.key \
Merge manifest lists of source-ref and dest-ref and overwrite dest-ref with the result.
$ export QUAY_PASSWORD=token $ pubtools-quay-merge-manifest-list \ --source-ref quay.io/src/image:1 \ --dest-ref quay.io/dest/image:1 \ --quay-user quay+username
Untag multiple images
$ export QUAY_PASSWORD=token $ export QUAY_API_TOKEN=oauth_token $ pubtools-quay-tag-image \ --reference quay.io/src/image:1 \ --reference quay.io/src/image:2 \ --quay-user quay+username \ --remote-exec \ --ssh-remote-host 127.0.0.1 \ --ssh-remote-host-port 2222 \ --ssh-username user \ --ssh-key-filename /path/to/file.key \
Untag an image and force the operation in case the tag is a last reference of some digest.
$ export QUAY_PASSWORD=token $ export QUAY_API_TOKEN=oauth_token $ pubtools-quay-tag-image \ --reference quay.io/src/image:1 \ --remove-last \ --quay-user quay+username \
ChangeLog
0.10.4 (2022-10-04)
Verify bundles presence
Do not pass arches in IIB request
0.10.3 (2022-10-04)
Push images to quay in multi-threads
Added support for hotfix operators
Use a random filename for the password file in containers
Fix signatures removal
0.10.2 (2022-08-16)
Use real task ID for tag docker signing
Get intermediate repo from build details
0.10.1 (2022-6-17)
Remove duplicate destinations when pushing docker
Listen on specific sub topic on signing service
0.10.0 (2022-6-01)
Fix arch of amd64 image
Return empty manifest claims when there’s nothing to sign
Remove sorting of Push items
Unpin the version of python-qpid-proton
Remove created from claim message
Change condition to not require hashing
Push multiarch image when the current destination doesn’t have a ML
Poll for consistent results of whether a tag exists
0.9.3 (2022-04-01)
Fixing signing issues
Skip getting v2s1 digest for non-amd64 images
Less skopeo login to source registry
Tolerate get_manifest 404 in image untagger
0.9.2 (2022-03-02)
Add a timeout to all HTTP requests
Removed the option for entrypoints to send UMB messages
0.9.1 (2022-02-02)
Fixed creating manifests for v2ch2 single arch containers
0.9.0 (2022-28-1)
Support v2ch2 single arch containers
Support v2ch1 containers
Run rollback only when all index image builds fail
Add retries to image tagging as a part of pushes
Skip checking for repo deprecation based on value in target settings
Support extra source host for quay operations
Sign V2S1 manifests
Tag index image timestamps with permanent index image as a source
0.8.3 (2021-10-6)
Fix the usage of overwrite from index
0.8.2 (2021-10-6)
Make deprecation list functionality optional
0.8.1 (2021-10-5)
Disable sending UMB messages for taggign and untagging images
0.8.0 (2021-9-7)
Use SSL certificates for Pyxis authentication
Remove duplicate digests when getting signatures from Pyxis
Remove return of push_docker entrypoint
0.7.2 (2021-8-23)
Don’t raise 404 errors when deleting tags during rollback
0.7.1 (2021-8-20)
Fix installation of ‘docker’ dependency on Python 2.6
0.7.0 (2021-8-18)
Add hooks to declare events of interest
Create documentation
Add option to execute commands inside a container
Add pagination support for getting all tags via Docker HTTP API
Capture IIB operation exception
Get index image manifests with its own token
Lower python-qpid-proton version
0.6.0 (2021-7-14)
Create entrypoint for removing a Quay repo
Create entrypoint for clearing a Quay repo
Add signature removal to tag-docker operations
Drop unnecessary ‘external_repos’
Add using extra Quay tokens for OSBS organizations
Allow specifying multiple repos in remove-repo and clear-repo tasks
Skip signing when no operator claim messages are constructed
Add support for delimeter-less repositories
Change “repo” parameter of claim messages to have external representation
Fix loggers per pubtools conventions
Check username in output of skopeo –get-login
Remove the usage of Quay API reading repo data
Add signature removal for IIB operations
Update sigstore to be up-to-date with current implementation
Allow pushing to non-existent repo
0.5.0 (2021-6-2)
Fix intermediate index image
Implement tag docker
Add skip to signing if signing key is None
Fix pub XMLRPC call
Implement entrypoints for IIB methods
0.4.0 (2021-5-4)
Implement push-docker prototype
Change signing order to happen before pushing
Use intermediate index image for signing
0.3.0 (2021-2-11)
Fix the versioning constraint of pyrsistent dependency
0.2.0 (2021-2-9)
Fix the definition of requirements.txt, allowing installation on Python 2.6
0.1.0 (2021-2-9)
Initial release.
Added tag image entrypoint
Added merge manifest list entrypoint
Added push docker code skeleton
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pubtools-quay-0.10.4.tar.gz
.
File metadata
- Download URL: pubtools-quay-0.10.4.tar.gz
- Upload date:
- Size: 85.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 32be1ddeade7f8ea08899330419eb0898b13f93b0f826e563830d64b4f18c462 |
|
MD5 | 8c718c35dcac0fa219393f2c4fac3c74 |
|
BLAKE2b-256 | c7a2f288281f52d5c418cb05e796d80fadf5963ae9d456d0f55f4a401f212e07 |
File details
Details for the file pubtools_quay-0.10.4-py2.py3-none-any.whl
.
File metadata
- Download URL: pubtools_quay-0.10.4-py2.py3-none-any.whl
- Upload date:
- Size: 89.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9e1091e65c5274151d853fab940f013e7901fd02b8d24fd31fa749dedf7e1e0d |
|
MD5 | 8f9245bba230b7ec758e70b95ad129db |
|
BLAKE2b-256 | 743db432d52e4d47e85c0bfb30ef160eea7cb27ed9d84631b498081111123bf4 |