@snyk/docker-registry-v2-client

snyk/docker-registry-v2-client

Docker Registry HTTP V2 TypeScript client for read operations:

getRepos                 _catalog
getTags                  <repository>/tags/list
getManifest              <repository>/manifests/<tag or manifest digest> (application/vnd.docker.distribution.manifest.v2+json)
getImageConfig           <repository>/blobs/<image digest> (application/vnd.docker.container.image.v1+json)
getLayer                 <repository>/blobs/<layer digest> (application/vnd.docker.image.rootfs.diff.tar.gzip)
getAuthTokenForEndpoint  Return auth token for unauthorized endpoint

REPL example:

> import { getRepos } from "docker-registry-v2-client";
> (async () => await getRepos('snykgoof.azurecr.io', 'snykgoof', *****))().then((res) => console.log(res))
...
> [ { namespace: 'snykgoof', name: 'azure-goof' } ]

Tests

Set up your local env with the following env vars (see 1Password):

export SNYK_DRA_ARTIFACTORY_PASSWORD=<See 1password: Development/DRA env>
export SNYK_DRA_ARTIFACTORY_REGISTRY_BASE=dockere2e.artifactory.dev.snyk.io
export SNYK_DRA_ARTIFACTORY_REPOSITORY=goof
export SNYK_DRA_ARTIFACTORY_STORAGE_API_BASE=artifactory.dev.snyk.io/artifactory/api/storage/dockere2e
export SNYK_DRA_ARTIFACTORY_USERNAME=snyk-e2e-test

export SNYK_DRA_AZURE_PASSWORD=<See 1password: Development/Azure Container Registry (ACR) - Docker Registry Agent>
export SNYK_DRA_AZURE_REGISTRY_BASE=snykgoof.azurecr.io
export SNYK_DRA_AZURE_USERNAME=snykgoof
export SNYK_DRA_AZURE_REPOSITORY=snykgoof/azure-goof

export SNYK_DRA_DOCKER_HUB_PASSWORD=<See 1password: Development/DockerHub - snykgoof user>
export SNYK_DRA_DOCKER_HUB_REGISTRY_BASE=registry-1.docker.io
export SNYK_DRA_DOCKER_HUB_REPOSITORY=snykgoof/dockerhub-goof
export SNYK_DRA_DOCKER_HUB_USERNAME=snykgoof

export SNYK_AGENT_ACCESS_KEY_ID="AKIAX2FLE4CDHRAFCLS4"
export SNYK_DRA_ELASTIC_REGION=eu-west-3
export SNYK_DRA_ELASTIC_REPOSITORY=amazon-goof
export SNYK_AGENT_SECRET_ACCESS_KEY=<See 1password: Development/Elastic Container Registry (ECR) - Docker Registry Agent (role based auth)

export SNYK_DRA_GOOGLE_PASSWORD='<See 1Password: Development/GCR Google Container Registry snyk-magma>'
export SNYK_DRA_GOOGLE_REGISTRY_BASE=gcr.io
export SNYK_DRA_GOOGLE_REPOSITORY=snyk-magma/google-goof
export SNYK_DRA_GOOGLE_USERNAME=_json_key

export SNYK_DRA_QUAY_PASSWORD=<See 1password: Development/Quay - Team Magma>
export SNYK_DRA_QUAY_REPOSITORY=snyk_magma/goof
export SNYK_DRA_QUAY_REGISTRY_BASE=quay.io
export SNYK_DRA_QUAY_USERNAME=snyk_magma

export SNYK_OCI_AZURE_REPOSITORY=snykgoof/oci-goof
export SNYK_OCI_DOCKER_HUB_REPOSITORY=snykgoof/oci-goof
export SNYK_OCI_MULTI_ARCH_DOCKER_HUB_REPOSITORY=snykgoof/nodejs18

To run the tests:

$ npm run test

Open coverage/index.html in your web browser to view the coverage reports

Linting and formatting

Note: Linting tasks are also run as part of the test run. However, due to their execution speed, it can be useful to run them as you develop, to keep your code organised.

To run the code formatting tasks:

$ npm run format

To run the linting tasks:

$ npm run lint

Host Filtering

Set the allowedHosts: string[] option to allow connections to only the specified hosts. Set the disallowDangerousHosts: boolean option to disallow connections to hosts which are IPs, are in the .cluster.local subdomain or do not have a TLD+1 (i.e. disallow example but allow example.com).