search for: fslayers

...the layer > +(F</tmp/blobsum.sh>): > + > + #!/bin/sh - > + TOKEN=`/tmp/auth.sh` > + IMAGE=library/fedora > + curl -s -X GET -H "Authorization: Bearer $TOKEN" \ > + "https://registry-1.docker.io/v2/$IMAGE/manifests/latest" | > + jq -r '.fsLayers[0].blobSum' > + > +Both scripts must be executable, and both can be run on their own to > +check they are working. To run nbdkit: > + > + IMAGE=library/fedora > + BLOBSUM=`/tmp/blobsum.sh` > + URL="https://registry-1.docker.io/v2/$IMAGE/blobs/$BLOBSUM" > + &gt...

Evolution of this patch series: https://www.redhat.com/archives/libguestfs/2020-July/thread.html#00073 Instead of auth-script, this implements header-script and cookie-script. It can be used for similar purposes but the implementation is somewhat saner. Rich.

...need this script to get the blobSum of the layer +(F</tmp/blobsum.sh>): + + #!/bin/sh - + TOKEN=`/tmp/auth.sh` + IMAGE=library/fedora + curl -s -X GET -H "Authorization: Bearer $TOKEN" \ + "https://registry-1.docker.io/v2/$IMAGE/manifests/latest" | + jq -r '.fsLayers[0].blobSum' + +Both scripts must be executable, and both can be run on their own to +check they are working. + +Note C<auth-script-renew> is used because the tokens expire by default +after about 5 minutes (300 seconds). + + IMAGE=library/fedora + BLOBSUM=`/tmp/blobsum.sh` + URL="htt...

...:pull" \=0A| jq -r '.token' \=0A)"=0Aecho= TOKEN=3D$TOKEN=0A=0ABLOBSUM=3D\=0A"$(curl \=0A--silent \=0A--request 'GET'= \=0A--header "Authorization: Bearer $TOKEN" \=0A"https://registry-1.docker= =2Eio/v2/$image/manifests/latest" \=0A| jq -r '.fsLayers[].blobSum'=0A)"=0A= echo BLOBSUM=3D$BLOBSUM=0A=0AURL=3D"https://registry-1.docker.io/v2/$image/= blobs/$BLOBSUM"=0A=0A# Run nbdkit.=0A$nbdkit -f -v \=0A curl "$URL" = header=3D"Authorization: Bearer $TOKEN" \=0A --filter=3Dtar --filter= =3Dgzip t...

This is an RFC only, at the very least it lacks tests. This implements a rather complex new feature in nbdkit-curl-plugin allowing you to specify an external shell script that can be used to fetch an authorization token for services which requires a token or cookie for access, especially if that token must be renewed periodically. The motivation can be seen in the changes to the docs in patch 2.

...need this script to get the blobSum of the layer +(F</tmp/blobsum.sh>): + + #!/bin/sh - + TOKEN=`/tmp/auth.sh` + IMAGE=library/fedora + curl -s -X GET -H "Authorization: Bearer $TOKEN" \ + "https://registry-1.docker.io/v2/$IMAGE/manifests/latest" | + jq -r '.fsLayers[0].blobSum' + +Both scripts must be executable, and both can be run on their own to +check they are working. To run nbdkit: + + IMAGE=library/fedora + BLOBSUM=`/tmp/blobsum.sh` + URL="https://registry-1.docker.io/v2/$IMAGE/blobs/$BLOBSUM" + + nbdkit curl "$URL" \ +...