| package client |
| |
| import ( |
| "io" |
| "net/http" |
| "net/url" |
| |
| "golang.org/x/net/context" |
| |
| "github.com/docker/docker/api/types" |
| "github.com/docker/docker/api/types/reference" |
| ) |
| |
| // ImagePull requests the docker host to pull an image from a remote registry. |
| // It executes the privileged function if the operation is unauthorized |
| // and it tries one more time. |
| // It's up to the caller to handle the io.ReadCloser and close it properly. |
| // |
| // FIXME(vdemeester): there is currently used in a few way in docker/docker |
| // - if not in trusted content, ref is used to pass the whole reference, and tag is empty |
| // - if in trusted content, ref is used to pass the reference name, and tag for the digest |
| func (cli *Client) ImagePull(ctx context.Context, ref string, options types.ImagePullOptions) (io.ReadCloser, error) { |
| repository, tag, err := reference.Parse(ref) |
| if err != nil { |
| return nil, err |
| } |
| |
| query := url.Values{} |
| query.Set("fromImage", repository) |
| if tag != "" && !options.All { |
| query.Set("tag", tag) |
| } |
| |
| resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth) |
| if resp.statusCode == http.StatusUnauthorized && options.PrivilegeFunc != nil { |
| newAuthHeader, privilegeErr := options.PrivilegeFunc() |
| if privilegeErr != nil { |
| return nil, privilegeErr |
| } |
| resp, err = cli.tryImageCreate(ctx, query, newAuthHeader) |
| } |
| if err != nil { |
| return nil, err |
| } |
| return resp.body, nil |
| } |