1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
package images
import (
"fmt"
"os"
"github.com/containers/common/pkg/auth"
"github.com/containers/image/v5/types"
"github.com/containers/podman/v2/cmd/podman/registry"
"github.com/containers/podman/v2/pkg/domain/entities"
"github.com/containers/podman/v2/pkg/util"
"github.com/pkg/errors"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
)
// pullOptionsWrapper wraps entities.ImagePullOptions and prevents leaking
// CLI-only fields into the API types.
type pullOptionsWrapper struct {
entities.ImagePullOptions
TLSVerifyCLI bool // CLI only
CredentialsCLI string
}
var (
pullOptions = pullOptionsWrapper{}
pullDescription = `Pulls an image from a registry and stores it locally.
An image can be pulled by tag or digest. If a tag is not specified, the image with the 'latest' tag is pulled.`
// Command: podman pull
pullCmd = &cobra.Command{
Use: "pull [options] IMAGE",
Args: cobra.ExactArgs(1),
Short: "Pull an image from a registry",
Long: pullDescription,
RunE: imagePull,
Example: `podman pull imageName
podman pull fedora:latest`,
}
// Command: podman image pull
// It's basically a clone of `pullCmd` with the exception of being a
// child of the images command.
imagesPullCmd = &cobra.Command{
Use: pullCmd.Use,
Args: pullCmd.Args,
Short: pullCmd.Short,
Long: pullCmd.Long,
RunE: pullCmd.RunE,
Example: `podman image pull imageName
podman image pull fedora:latest`,
}
)
func init() {
// pull
registry.Commands = append(registry.Commands, registry.CliCommand{
Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
Command: pullCmd,
})
flags := pullCmd.Flags()
pullFlags(flags)
// images pull
registry.Commands = append(registry.Commands, registry.CliCommand{
Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
Command: imagesPullCmd,
Parent: imageCmd,
})
imagesPullFlags := imagesPullCmd.Flags()
pullFlags(imagesPullFlags)
}
// pullFlags set the flags for the pull command.
func pullFlags(flags *pflag.FlagSet) {
flags.BoolVar(&pullOptions.AllTags, "all-tags", false, "All tagged images in the repository will be pulled")
flags.StringVar(&pullOptions.CredentialsCLI, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.StringVar(&pullOptions.OverrideArch, "override-arch", "", "Use `ARCH` instead of the architecture of the machine for choosing images")
flags.StringVar(&pullOptions.OverrideOS, "override-os", "", "Use `OS` instead of the running OS for choosing images")
flags.StringVar(&pullOptions.OverrideVariant, "override-variant", "", " use VARIANT instead of the running architecture variant for choosing images")
flags.Bool("disable-content-trust", false, "This is a Docker specific option and is a NOOP")
flags.BoolVarP(&pullOptions.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
flags.StringVar(&pullOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&pullOptions.TLSVerifyCLI, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
flags.StringVar(&pullOptions.Authfile, "authfile", auth.GetDefaultAuthFile(), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
if !registry.IsRemote() {
flags.StringVar(&pullOptions.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
}
_ = flags.MarkHidden("signature-policy")
}
// imagePull is implement the command for pulling images.
func imagePull(cmd *cobra.Command, args []string) error {
// TLS verification in c/image is controlled via a `types.OptionalBool`
// which allows for distinguishing among set-true, set-false, unspecified
// which is important to implement a sane way of dealing with defaults of
// boolean CLI flags.
if cmd.Flags().Changed("tls-verify") {
pullOptions.SkipTLSVerify = types.NewOptionalBool(!pullOptions.TLSVerifyCLI)
}
if pullOptions.Authfile != "" {
if _, err := os.Stat(pullOptions.Authfile); err != nil {
return errors.Wrapf(err, "error getting authfile %s", pullOptions.Authfile)
}
}
if pullOptions.CredentialsCLI != "" {
creds, err := util.ParseRegistryCreds(pullOptions.CredentialsCLI)
if err != nil {
return err
}
pullOptions.Username = creds.Username
pullOptions.Password = creds.Password
}
// Let's do all the remaining Yoga in the API to prevent us from
// scattering logic across (too) many parts of the code.
pullReport, err := registry.ImageEngine().Pull(registry.GetContext(), args[0], pullOptions.ImagePullOptions)
if err != nil {
return err
}
if len(pullReport.Images) > 1 {
fmt.Println("Pulled Images:")
}
for _, img := range pullReport.Images {
fmt.Println(img)
}
return nil
}
|
