pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / build-support / docker / pull.sh
at 16.09-beta 86 lines 2.4 kB view raw
1# Reference: docker src contrib/download-frozen-image.sh 2 3source $stdenv/setup 4 5# Curl flags to handle redirects, not use EPSV, handle cookies for 6# servers to need them during redirects, and work on SSL without a 7# certificate (this isn't a security problem because we check the 8# cryptographic hash of the output anyway). 9curl=$(command -v curl) 10curl() { 11 [[ -n ${token:-} ]] && set -- -H "Authorization: Token $token" "$@" 12 $curl \ 13 --location --max-redirs 20 \ 14 --retry 3 \ 15 --fail \ 16 --disable-epsv \ 17 --cookie-jar cookies \ 18 --insecure \ 19 $curlOpts \ 20 $NIX_CURL_FLAGS \ 21 "$@" 22} 23 24fetchLayer() { 25 local url="$1" 26 local dest="$2" 27 local curlexit=18; 28 29 # if we get error code 18, resume partial download 30 while [ $curlexit -eq 18 ]; do 31 # keep this inside an if statement, since on failure it doesn't abort the script 32 if curl -C - "$url" --output "$dest"; then 33 return 0 34 else 35 curlexit=$?; 36 fi 37 done 38 39 return $curlexit 40} 41 42headers=$(curl -o /dev/null -D- -H 'X-Docker-Token: true' \ 43 "$indexUrl/$registryVersion/repositories/$imageName/images") 44 45header() { 46 grep $1 <<< "$headers" | tr -d '\r' | cut -d ' ' -f 2 47} 48 49# this only takes the first endpoint, more may be provided 50# https://docs.docker.com/v1.6/reference/api/docker-io_api/ 51if ! registryUrl=$(header X-Docker-Endpoints); then 52 echo "error: index returned no endpoint" 53 exit 1 54fi 55baseUrl="https://$registryUrl/$registryVersion" 56 57token="$(header X-Docker-Token || true)"; 58 59if [ -z "$imageId" ]; then 60 imageId="$(curl "$baseUrl/repositories/$imageName/tags/$imageTag")" 61 imageId="${imageId//\"/}" 62 if [ -z "$imageId" ]; then 63 echo "error: no image ID found for ${imageName}:${imageTag}" 64 exit 1 65 fi 66 67 echo "found image ${imageName}:${imageTag}@$imageId" 68fi 69 70mkdir -p $out 71 72jshon -n object \ 73 -n object -s "$imageId" -i "$imageTag" \ 74 -i "$imageName" > $out/repositories 75 76curl "$baseUrl/images/$imageId/ancestry" -o ancestry.json 77 78layerIds=$(jshon -a -u < ancestry.json) 79for layerId in $layerIds; do 80 echo "fetching layer $layerId" 81 82 mkdir "$out/$layerId" 83 echo '1.0' > "$out/$layerId/VERSION" 84 curl "$baseUrl/images/$layerId/json" | python $detjson > "$out/$layerId/json" 85 fetchLayer "$baseUrl/images/$layerId/layer" "$out/$layerId/layer.tar" 86done