client/image_pull.go - third_party/github.com/moby/moby - Git at Google

 package client

 import (
 	"io"
 	"net/http"
 	"net/url"

 	"golang.org/x/net/context"

 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/reference"
 )

 // ImagePull requests the docker host to pull an image from a remote registry.
 // It executes the privileged function if the operation is unauthorized
 // and it tries one more time.
 // It's up to the caller to handle the io.ReadCloser and close it properly.
 //
 // FIXME(vdemeester): there is currently used in a few way in docker/docker
 // - if not in trusted content, ref is used to pass the whole reference, and tag is empty
 // - if in trusted content, ref is used to pass the reference name, and tag for the digest
 func (cli *Client) ImagePull(ctx context.Context, ref string, options types.ImagePullOptions) (io.ReadCloser, error) {
 	repository, tag, err := reference.Parse(ref)
 	if err != nil {
 		return nil, err
 	}

 	query := url.Values{}
 	query.Set("fromImage", repository)
 	if tag != "" && !options.All {
 		query.Set("tag", tag)
 	}

 	resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth)
 	if resp.statusCode == http.StatusUnauthorized && options.PrivilegeFunc != nil {
 		newAuthHeader, privilegeErr := options.PrivilegeFunc()
 		if privilegeErr != nil {
 			return nil, privilegeErr
 		}
 		resp, err = cli.tryImageCreate(ctx, query, newAuthHeader)
 	}
 	if err != nil {
 		return nil, err
 	}
 	return resp.body, nil
 }
	package client

	import (
	"io"
	"net/http"
	"net/url"

	"golang.org/x/net/context"

	"github.com/docker/docker/api/types"
	"github.com/docker/docker/api/types/reference"
	)

	// ImagePull requests the docker host to pull an image from a remote registry.
	// It executes the privileged function if the operation is unauthorized
	// and it tries one more time.
	// It's up to the caller to handle the io.ReadCloser and close it properly.
	//
	// FIXME(vdemeester): there is currently used in a few way in docker/docker
	// - if not in trusted content, ref is used to pass the whole reference, and tag is empty
	// - if in trusted content, ref is used to pass the reference name, and tag for the digest
	func (cli *Client) ImagePull(ctx context.Context, ref string, options types.ImagePullOptions) (io.ReadCloser, error) {
	repository, tag, err := reference.Parse(ref)
	if err != nil {
	return nil, err
	}

	query := url.Values{}
	query.Set("fromImage", repository)
	if tag != "" && !options.All {
	query.Set("tag", tag)
	}

	resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth)
	if resp.statusCode == http.StatusUnauthorized && options.PrivilegeFunc != nil {
	newAuthHeader, privilegeErr := options.PrivilegeFunc()
	if privilegeErr != nil {
	return nil, privilegeErr
	}
	resp, err = cli.tryImageCreate(ctx, query, newAuthHeader)
	}
	if err != nil {
	return nil, err
	}
	return resp.body, nil
	}