# test pull image ## 需求 * 安裝podman * 可連線至Quay * Token權限 ## 流程 ### 產生token 到quay頁面，連至任一organization中  建立application  點選建立的application進入畫面，點選左邊建立token的標籤，勾選view權限  取得token並記錄  ### 建立目錄 ```bash= mkdir image-test cd image-test ``` ### 設定環境變數 $TOKEN的部分填入Quay的token $REGISTRY的部分填入Quay的位置 ```bash= cat << env > EOF TOKEN=$TOKEN REGISTRY=$REGISTRY EOF ``` 如下 ```bash= cat << env > EOF TOKEN=xPRKxzjAW5sYlDCOnaL9HvvRfl6Stmu7qwtyumOr REGISTRY=quay.home.lab EOF ``` ### 放入shell script 由於script中，環境變數的路徑固定，因此需要與env在同一目錄底下，如下 ```bash= find ``` ```shell= . ./env ./get_repo_list.sh ./get_tags_list.sh ``` ### 取得repository清單 ```bash= sh get_repo_list.sh ``` 執行後會產生檔案repos-list 檢查 ```bash= cat repos-list ``` ### 取得tag清單 ```bash= for i in $(cat ./repos-list); do echo $i; sh get_tags_list.sh $i; done ``` ```bash= . ./get_org_list.sh ./env ./ocp_ocp-release-tags ./test_examples-bookinfo-ratings-v1-tags ./test_examples-bookinfo-reviews-v3-tags ./test_examples-bookinfo-reviews-v2-tags ./test_examples-bookinfo-reviews-v1-tags ./test_examples-bookinfo-details-v1-tags ./test2_nginx-tags ./test_etcd-operator-tags ./get_repo_list.sh ./repos-list ./test_examples-bookinfo-productpage-v1-tags ./get_tags_list.sh ./test_nginx-tags ``` 檢查 ```bash= cat *-tags ``` ### 測試抓取image ```bash= for i in $(ls *tags); do echo $i; sh pull_image.sh $i ; done ``` 若有執行失敗的image會產生檔案fail_record_* (*為執行日期) 確認結果 ```bash= cat fail_record_* ``` ## Shell Script ### get_repo_list.sh #### 預期結果 repos-list #### 內文 ```bash= #!bin/bash ### # Get all repository ### source ./env declare -i page_num=1 curl -X GET -H "Authorization: Bearer $TOKEN" https://$REGISTRY/api/v1/repository?public=* > repos-temp-1 NP=$(cat repos-temp-1 | jq -r .next_page) echo NP is $NP while [ "$NP" != null ] do page_num=$page_num+1 echo PAGE : $page_num curl -X GET -H "Authorization: Bearer $TOKEN" https://$REGISTRY/api/v1/repository?"public=*&next_page=$NP" > repos-temp-$page_num NP=$(cat repos-temp-$page_num | jq -r .next_page) echo NP is $NP done cat repos-temp-* | jq -r '.repositories[]| "\(.namespace)/\(.name)"' > repos-list rm -f repos-temp-* ``` ### get_tags_list.sh #### 預期結果 \$ORGRNAIZATION_$REPOSITORY-tags 例： ocp_ocp-release-tags #### 內文 ```bash= #!bin/bash ### # Get all tags in a repository ### source ./env declare -i page_num=1 REPOSITORY=$1 echo $REPOSITORY curl -X GET -H "Authorization: Bearer $TOKEN" https://$REGISTRY/api/v1/repository/$REPOSITORY/tag/ > tags-temp-1 NP=$(cat tags-temp-1 | jq -r .has_additional) echo NP is $NP while [ "$NP" == true ] do page_num=$page_num+1 echo PAGE : $page_num curl -X GET -H "Authorization: Bearer $TOKEN" https://$REGISTRY/api/v1/repository/$REPOSITORY/tag/?page=$page_num > tags-temp-$page_num NP=$(cat tags-temp-$page_num | jq -r .has_additional) echo NP is $NP done #new_string="${string//\//_}" NEW_REPOSITORY="${REPOSITORY//\//_}" cat tags-temp-*| jq -r ".tags[] | \"$REPOSITORY:\(.name)\"" > $NEW_REPOSITORY-tags rm -f tags-temp-* ``` ### test_image.sh #### 注意 會於本地端刪除下載清單中未使用中之image (若其registry, repository, image, tags皆相同的話) 若本地端有正在使用中的image，會因為無法刪除，也一併紀錄於失敗清單 #### 預期結果 若有執行失敗，產生並記錄內容於fail_record_* #### 內文 ```bash= #!/bin/bash source ./env DATE=$(date +%Y%m%d) while read -r IMAGE; do echo "image: $REGISTRY/$IMAGE" if podman pull "$REGISTRY/$IMAGE"; then echo "Pull successed: $REGISTRY/$IMAGE" if podman rmi "$REGISTRY/$IMAGE"; then echo "delete image: $REGISTRY/$IMAGE" else echo "delete image failed: $REGISTRY/$IMAGE" >> fail_record_$DATE fi else echo "Pull failed: $REGISTRY/$IMAGE" echo "$REGISTRY/$IMAGE" >> fail_record_$DATE fi done < $1 ``` ## 參考資料 https://access.redhat.com/documentation/zh-tw/red_hat_quay/3.7/html-single/red_hat_quay_api_guide/index https://docs.quay.io/api/swagger/