genuinetools / reg Goto Github PK

View Code? Open in Web Editor NEW

1.6K 35.0 172.0 31.58 MB

Docker registry v2 command line client and repo listing generator with security checks.

Home Page: https://r.j3ss.co

License: MIT License

Makefile 6.08% Go 78.53% CSS 3.92% JavaScript 2.22% HTML 5.31% Dockerfile 0.47% Less 3.47%

docker docker-registry linux cli containers vulnerability-reports opencontainers

reg's People

Contributors

Stargazers

Watchers

Forkers

majst01 jpetazzo bgrissin eunomie jonboulle maxamillion puiterwijk ivinpolosony joonas wefine cemmurphy soedar jfchevrette telmo pombredanne yankcrime fakarakas curx kaleworsley 3r1co anokun7 thewhitewizard eddie007bkk doddo codefresh-io irivera007 csmith imagespy simonferquel cdrage xyntrix xocasdashdash albertogviana waynz0r pawelprazak elliottpolk daniel-garcia cplee mishak87 sajayantony vad1mo mrueg jstoja jkroepke azillion abitrolly elyscape knopka acrewdson pgavlin stshow adisong timperrett okoye lexfork rikkuness pwfoo westonsteimel syadav2015 zhujo01 dublado keyboardnerd lixiaomeng8520 xorilog dsbaha jondlm m4ns0ur mattnworb jesstracy gcstang fr34k8 alexeldeib jjo93sa saghaulor mittyok pks-os daddykotex enarendar9 danielorf rkamath3 glerchundi chunchila isgasho kupson tomoyamachi adohkan linbit jacobweinstock studioetrange jessestuart rkhozinov marcosnils cquon liujianping bsmr nooproblem drpaneas seemethere soulseen ndeloof

reg's Issues

checking out source code to case insensitive filesystem results in error

Checking out this repo to a case insensitive filesystem (like OSX HFS+) results in an error during checkout. This is not a problem for development but it is a problem for vendoring reg into other projects. MR inbound.

Container won't run if domain doesn't exist

When setting the registry with -r, if there's nothing in the domain you run, the container won't run. This is ok if you run the image as is, but if you want to use a reverse proxy like nginx it's a problem. This change is recent, in the verson v0.9.0 it did work.

PD: Thanks for your work! This UI is awesome.

reg-server exits after ping to docker registry

I tried to run you r.j3ss.co/reg-server with following command:
docker run --rm r.j3ss.co/reg-server -d -r r.nitram.at:5000 --username $REG_USER --password $REG_PWD

the output is

2017/03/15 13:29:01 registry.ping url=https://r.nitram.at:5000/v2/

And exit code 0 ... i tried to read your code through but i was not able to come to a solution.
When i restart the registry without htpasswd authentication the reg-server starts ...

When i use the reg command ( r.j3ss.co/reg ) i get the following error message:

Get https://r.nitram.at:5000/v2/: malformed auth challenge header: 'Basic realm="r.nitram.at"'

A docker login r.nitram.at:5000 works fine and also pulls and pushes are working

Proposal: Add --auth-url parameter

In some registries, like gitlab which uses registry v2, authentication might be done in a different url than the registry url. Example from docker distribution docs:
https://docs.docker.com/registry/spec/auth/jwt/

repos are under docker.io/namespace/repo and authentication is done with auth.docker.io.

My organizations private gitlab registry is using something similar.

Use of `-k` fails on registry.token

When adding the -k flag for reg vulns the code that does a GET for the registry token doesn't use the HTTP transport in the Registry object. This causing errors even when passing -k

/ # reg -k -r https://toolchain-docker-registry:5000 -d vulns --clair http://toolchain-clair:6060 hello-helm:bb5c83266423c9df1be4167d6a37d670fcfbeb7c
2018/03/03 00:04:54 registry.ping url=https://toolchain-docker-registry:5000/v2/
2018/03/03 00:04:54 registry.manifests uri=https://toolchain-docker-registry:5000/v2/hello-helm/manifests/bb5c83266423c9df1be4167d6a37d670fcfbeb7c repository=hello-helm ref=bb5c83266423c9df1be4167d6a37d670fcfbeb7c
2018/03/03 00:04:54 registry.registry resp.Status=200 OK
DEBU[0000] 0: layer={sha256:8a9dd1217d249766a7531546fabd659da4cebcccf9bd97ba213c6fd0baa7fbe1} <-- append
DEBU[0000] 1: layer={sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4}
DEBU[0000] 2: layer={sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4}
DEBU[0000] 3: layer={sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4}
DEBU[0000] 4: layer={sha256:46896e703a67aa57edeb7ee41bb624de538d5d41c0d4f95fa303ef437b9dc1e5} <-- append
DEBU[0000] 5: layer={sha256:1bd100b85ae7c9647877ddce75e965bc1d1823836acebe40d803fbb44c6baba2} <-- append
DEBU[0000] 6: layer={sha256:4ebb41998934f28008092c9c058617dae4ac0419589183305478f8b23dfcc46c} <-- append
DEBU[0000] 7: layer={sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4}
DEBU[0000] 8: layer={sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4}
DEBU[0000] 9: layer={sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4}
DEBU[0000] 10: layer={sha256:128191993b8a5e9d949346160926359ad02df93bde62f5af8a7bc3573f53553e} <-- append
Analysing 5 layers
2018/03/03 00:04:54 registry.token url=https://toolchain-docker-registry:5000/v2/hello-helm/blobs/sha256:128191993b8a5e9d949346160926359ad02df93bde62f5af8a7bc3573f53553e
FATA[0000] Get https://toolchain-docker-registry:5000/v2/hello-helm/blobs/sha256:128191993b8a5e9d949346160926359ad02df93bde62f5af8a7bc3573f53553e: x509: certificate signed by unknown authority

Proposal: Add support for re-tagging/aliasing tags

Right now the workflow for pushing identical image tags to a registry is through docker tag:

docker build -t r.j3ss.co/mycoolimage:tag .
docker push r.j3ss.co/mycoolimage:tag
docker tag r.j3ss.co/mycoolimage:tag r.j3ss.co/mycoolimage:tag2
docker push r.j3ss.co/mycoolimage:tag2

Is there possibly a way to "fake" a push to re-tag a tag as another tag, pointing to the same manifest? e.g.

docker build -t r.j3ss.co/mycoolimage:tag .
docker push r.j3ss.co/mycoolimage:tag
reg -r r.j3ss.co tag mycoolimage:tag mycoolimage:tag2

malformed auth challenge header error

Hello,

When I use curl or wget I can connect to our registry, e.g.,

$ curl -u myuser:mypass -D - https://docker.wyplay.com/v2/
HTTP/1.1 200 OK
Content-Length: 2
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
X-Content-Type-Options: nosniff
Date: Fri, 10 Mar 2017 16:16:05 GMT
{}

But when I use reg, I have the following error (with or without -k):

$ reg -d -u myuser -p mypass list 
2017/03/10 17:16:03 registry.ping url=https://docker.wyplay.com/v2/
Get https://docker.wyplay.com/v2/: malformed auth challenge header: 'Basic realm="Registry Realm"'
[...]

Do I need to modify something on the server? I am using a registry:2.5.1 image.

[Feature request] "reg ls" should accept hostname

reg ls command should accept a registry host e.g. reg ls gcr.io, otherwise it seems like it's randomly picking something in .docker/config.json

$ reg ls
Repositories for https://eu-mirror.gcr.io
^C
$ reg ls
Repositories for https://us-mirror.gcr.io
^C
$ reg ls
Repositories for https://l.gcr.io
^C
$ reg ls
Repositories for https://launcher.gcr.io
^C
$ reg ls
Repositories for https://asia.gcr.io

Clair support can be affected by layer name collisions

It isn't safe to use the layer name or SHA for the name of a layer in Clair 2.x. This is because in the Clair 2.x data model, each layer has a pointer to its parent layer. This means that the name has to be unique to the ancestry (aka image) in order to avoid accidentally tangling up your history with another image's history.

Clair 3.x fixes this by forcing users to explicitly POST all the layers at once allowing Clair to maintain the idea of an ancestry internally, rather than simply by naming convention.

I should have totally warned you about this before. Sorry!

Listing my registry

Hello, please i want some help, when i try to list my registry by typing this :
./reg-linux-amd64 reg -r registry.com ls
it returns me error :
FATA[0000] No auth was present in /home/adrien/.docker, please pass a registry, username, and password
My registry is public.
Thank you

Container not working on run

Hello,

I did a gitclone to get your files then i wanted to use docker build and docker run to run reg in a container but the container stay exited.

Do you have a command to let the container up ?

by the way i tried docker container run reg:latest vulns --clair https://localhost:6060 ubuntu its not working

i have a clair container in local

Empty output from "reg tags" in GCR

I am using GCR.io and authenticated to the engine with gcloud docker -a (provides short-lived tokens).

I'm

➜  gcloud container images list
NAME
gcr.io/ahmetb-starter/coffeedirectory
gcr.io/ahmetb-starter/foo
gcr.io/ahmetb-starter/userdirectory
gcr.io/ahmetb-starter/web
➜  reg tags gcr.io/ahmetb-starter/web

➜  reg tags gcr.io/ahmetb-starter/non-existing . image
FATA[0000] invalid character '<' looking for beginning of value

➜  reg tags gcr.io/ahmetb-starter/adsfadsfadsf

➜

I'm getting empty output for images that actually has tags. What am I doing wrong? reg tags --help doesn't reveal much info.

Option to supply CA cert chain for self-signed registry?

I'm using a self-signed certificate for my private registry. I get an error

Get https://domain.example/v2/: x509: certificate signed by unknown authority

when trying access it. Of course I can use option --insecure to ignore this error, but I'd rather have req validate the registry certificate using a provided CA cert chain.

A new option to provide the CA cert chain would be great!

Return code for vulnerable images

Hi,

While integrating with CI job, it would be good if there is a return code, when a vulnerability is detected for the image

github.com/docker/distribution/digest moved to github.com/opencontainers/go-digest

Seems the dep moved to github.com/opencontainers/go-digest

Feature allow to use a registry without using SSL

Hi jess,

the registry option said we can specify a URL to the registry server.
The problem is that in https://github.com/jessfraz/reg/blob/master/registry/registry.go#L55 you force to use an https scheme.
Can you change the code so we can use a full URL for the --registry option (like http://myown.registry.butts.com) ?

namespaces in the commands

how to include namespace while listing the repo and tags inside the namespace, can I do that with this tool?

Version output is not correct

It looks like placeholder values are being outputted instead.

$ reg --version

reg version version , build

As a user I would like to see that it is unable to overwrite an existing tag

I do not know whether this should be included in a bash script or that another repo should be created, but sometimes tags will be overwritten when docker push is executed. If it is possible to include a function that is able to check whether a tag exists and exists 1 then this could be prevented.

https://devops.stackexchange.com/q/1549/210

Travis builds fail for tip version - use stable instead

All recent builds fail in a weird way:

$ staticcheck $(go list ./... | grep -v vendor)
/home/travis/gopath/src/github.com/jessfraz/reg/vendor/github.com/docker/docker/registry/session.go:572:32: cannot use tarsumLayer (variable of type github.com/jessfraz/reg/vendor/github.com/docker/docker/pkg/tarsum.TarSum) as io.Reader value in argument to io.TeeReader: missing method Read
couldn't load packages due to errors: github.com/jessfraz/reg/vendor/github.com/docker/docker/registry
The command "staticcheck $(go list ./... | grep -v vendor)" exited with 1.

I was not able to reproduce it locally. But from what I can gather, tip == master:
travis-ci/gimme#110
travis-ci/travis-build@b114b18#diff-fe52d3b67e8fe283d39c20d2b87d82f8

Moreover, the docs doesn't mention tip at all, there's only 1.x and master.

So IMHO something like this would be better / more stable, e.g.:

...
go:
  - 1.x
  - master
matrix:
  allow_failures:
    - go: master
  fast_finish: true
...
    on:
      go: 1.x
...

malformed auth challenge header returned when service is not quoted

I am working with a registry implementation that returns service in the challenge header without any surrounding quotes. Eg

Bearer realm="https://foobar.com/api/v1/token",service=foobar.com,scope=""

The docker client seems to handle this fine but this library does not.

Clicking on https://github.com/jessfraz/reg/releases/download/v0.4.2/reg-linux-arm64 results in

Deceptive Site!

This web page at github-production-release-asset-2e65be.s3.amazonaws.com has been reported as a deceptive site and has been blocked based on your security preferences.

Deceptive sites are designed to trick you into doing something dangerous, like installing software, or revealing your personal information, like passwords, phone numbers or credit cards.

Entering any information on this web page may result in identity theft or other fraud.

Picks a random server when -r is omitted

I tried to run reg tags tor-browser in README however it's picking up a random server from my .docker/config.json every time:

➜  ~ reg -d tags tor-browser
2017/07/17 15:05:47 registry.ping url=https://asia.gcr.io/v2/
2017/07/17 15:05:47 registry.tags url=https://asia.gcr.io/v2/tor-browser/tags/list repository=tor-browser

➜  ~ reg -d tags tor-browser
2017/07/17 15:05:52 registry.ping url=https://gcr.io/v2/
2017/07/17 15:05:52 registry.tags url=https://gcr.io/v2/tor-browser/tags/list repository=tor-browser

➜  ~ reg -d tags tor-browser
2017/07/17 15:05:53 registry.ping url=https://bucket.gcr.io/v2/
2017/07/17 15:05:53 registry.tags url=https://bucket.gcr.io/v2/tor-browser/tags/list repository=tor-browser

➜  ~ reg -d tags tor-browser
2017/07/17 15:05:53 registry.ping url=https://us.gcr.io/v2/
2017/07/17 15:05:53 registry.tags url=https://us.gcr.io/v2/tor-browser/tags/list repository=tor-browser

FWIW I do not have a index.docker.io in my .dockercfg

As a user I do not want to pass the password as a parameter as this will be stored in my history

What about implementing the option to set the password in a dotenv file?

Can't delete images

Hi @jessfraz
nice tool! Love it! Thanks for sharing it :)

I have pushed an image to my repo (https, but without auth, registry v2).

REPO                TAGS
alpine              latest

manifest

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
     "mediaType": "application/vnd.docker.container.image.v1+json",
     "size": 1512,
     "digest": "sha256:053cde6e8953ebd834df8f6382e68be83adb39bfc063e40b0fc61b4b333938f1"
   },
   "layers": [
     {
       "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
       "size": 1991435,
       "digest": "sha256:b56ae66c29370df48e7377c8f9baa744a3958058a766793f821dadcb144a4647"
     }
   ]
 }

There is no fsLayers blobSum part used to delete / rm the image?

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
     "mediaType": "application/vnd.docker.container.image.v1+json",
     "size": 1512,
     "digest": "sha256:053cde6e8953ebd834df8f6382e68be83adb39bfc063e40b0fc61b4b333938f1"
   },
   "layers": [
     {
       "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
       "size": 1991435,
       "digest": "sha256:b56ae66c29370df48e7377c8f9baa744a3958058a766793f821dadcb144a4647"
     }
   ]
 }

Tried layers digest, but image is still there?

reg --registry https://... delete alpine:latest@sha256:b56ae66c29370df48e7377c8f9baa744a3958058a766793f821dadcb144a4647

Response:

Deleted alpine:latest@sha256:b56ae66c29370df48e7377c8f9baa744a3958058a766793f821dadcb144a4647

REPO                TAGS
alpine              latest```

Any idea?

Proposal: platform flag for image manifests

Querying for image manifests results in "fat" manifest list. Is there any way to download image manifest for particular platform?

[root@localhost LI]# ./reg-linux-amd64 manifest library/nginx:latest
'Using registry "https://registry-1.docker.io" with no authentication
{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
   "manifests": [
     {
       "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
       "size": 948,
       "digest": "sha256:600bff7fb36d7992512f8c07abd50aac08db8f17c94e3c83e47d53435a1a6f7c",
       "platform": {
         "architecture": "amd64",
         "os": "linux"
       }
     },
     {
       "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
       "size": 948,
       "digest": "sha256:23a8e61e8ff927e1b8d8a083cd0e9bdcfe8f4ae7b708b60ebdaa1db5ed094521",
       "platform": {
         "architecture": "arm",
         "os": "linux",
         "variant": "v7"
       }
     },
     {
       "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
       "size": 948,
       "digest": "sha256:513c36e245f734291a7b47f9a53dfa44309580d16a0847843dc616a5314a9935",
       "platform": {
         "architecture": "arm64",
         "os": "linux",
         "variant": "v8"
       }
     },
     {
       "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
       "size": 948,
       "digest": "sha256:e5968c02775bed962e0db27e5168afaaf5c171f0e3d49b8713c8a675033caac5",
       "platform": {
         "architecture": "386",
         "os": "linux"
       }
     },
     {
       "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
       "size": 948,
       "digest": "sha256:207111fb250fc1d538cedc1d8e57aedeb46889980a67ab01f809ef4ab797aa90",
       "platform": {
         "architecture": "ppc64le",
         "os": "linux"
       }
     },
     {
       "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
       "size": 948,
       "digest": "sha256:5bef583411287c3cf5fe9c5ebb28ac55cff1cd5bdf9fa5a0742c0dd7fe9cefe3",
       "platform": {
         "architecture": "s390x",
         "os": "linux"
       }
     }
   ]
 }

getsockopt: no route to host

I'm making an Ansible role to deploy your registry and I've encountered a problem.

I'm testing the role with Molecule with the Vagrant driver. In the end I've got
a docker registry up with the command:

/usr/bin/docker run -i --name docker-registry \
  -p 127.0.0.1:5000:5000 --rm \
  -v /root/docker/registry/data:/var/lib/registry \
  -v /root/docker/registry/auth:/var/lib/auth \
  -v /root/docker/registry/config/:/etc/docker/registry \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/var/lib/auth/htpasswd \
  registry:2

And the reg server docker with the command:

/usr/bin/docker run \
  --link 'docker-registry' \
  --rm --name "ui-registry" \
  -i -p 127.0.0.1:8080:8080 \
  "localhost:5000/ui-registry" \
  --username testuser \
  --password testpassword \
  --insecure \
  --registry "docker-registry:5000"

The docker was constructed from the server Dockerfile and uploaded to the
local registry. I've tried also using the line --registry "http://docker-registry:5000"
--registry "docker-registry".

From the host I can perform a docker login without problems, and if I start a debian docker I am able to curl http://docker-registry:5000 that gives back a 401

Nevertheless when I try to run the reg server I encounter

2018/02/14 09:24:22 registry.ping url=http://docker-registry:5000/v2/
time="2018-02-14T09:24:22Z" level=fatal msg="Get http://docker-registry:5000/v2/: dial tcp 192.168.32.141:5000: getsockopt: no route to host"

http: read on closed response body

I am trying to move layers from one registry to another.

Layer download is working fine however when I try to upload a layer I get http: read on closed response body"

I am not sure if the problem has to do something with the lack of my golang knowledge or an issue with reg.

	reader, err := sourceRegistry.DownloadLayer(sourceRepository,descriptor.Digest)
	if err != nil {
		Log.Errorf("error downloading layer %s from source Repository %s. Error is : %v",reference,sourceRepository, err)
		return
	}

	err = targetRegistry.UploadLayer(targetRepository,descriptor.Digest,reader)
	if err != nil {
		Log.Errorf("error uploading layer %s from source Repository %s. Error is : %s",reference,sourceRepository, err)
		return
	}

What I did so far was to dump, layer to a file which worked as expected. After this test I suspect the problem has to do with UploadLayer or rather its use of the http client.

	reader, err := sourceRegistry.DownloadLayer(sourceRepository,descriptor.Digest)
	if err != nil {
		Log.Errorf("error downloading layer %s from source Repository %s. Error is : %v",reference,sourceRepository, err)
		return
	}

	fo, err := os.Create("output.txt")
	if err != nil {
		panic(err)
	}
	// close fo on exit and check for its returned error
	defer func() {
		if err := fo.Close(); err != nil {
			panic(err)
		}
	}()
	// make a write buffer
	w := bufio.NewWriter(fo)
	buf := make([]byte, 1024)
	for {
		// read a chunk
		n, err := reader.Read(buf)
		if err != nil && err != io.EOF {
			panic(err)
		}
		if n == 0 {
			break
		}

		// write a chunk
		if _, err := w.Write(buf[:n]); err != nil {
			panic(err)
		}
	}

	if err = w.Flush(); err != nil {
		panic(err)
	}

crash/panic doing `ls`

Failure mode:

$ reg -r docker.int ls
Repositories for docker.int
REPO                       TAGS
lighttpd-docker            1.0.1, 1.0.0
event-apiweather-service   1.0.0, 1.1.0, 1.2.0, latest 1.5.0, 1.4.0, 1.3.0-SNAPSHOT, 1.1.0, 1.2.0, latest
panic: runtime error: slice bounds out of range [recovered]
	panic: tabwriter: panic during Flush [recovered]
	panic: tabwriter: panic during Write

goroutine 132 [running]:
text/tabwriter.handlePanic(0xc42023dee0, 0x1417580, 0x5)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:458 +0x117
panic(0x1388ec0, 0xc42047c8b0)
	/usr/local/opt/go/libexec/src/runtime/panic.go:491 +0x283
text/tabwriter.handlePanic(0xc42023ddd0, 0x14174ea, 0x5)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:458 +0x117
panic(0x13ac260, 0x1631760)
	/usr/local/opt/go/libexec/src/runtime/panic.go:491 +0x283
text/tabwriter.(*Writer).writeLines(0xc4200fe100, 0x89, 0x3, 0x5, 0x89)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:297 +0x495
text/tabwriter.(*Writer).format(0xc4200fe100, 0x0, 0x3, 0x5, 0x5)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:385 +0x2e5
text/tabwriter.(*Writer).flush(0xc4200fe100, 0x0, 0x0)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:484 +0x189
text/tabwriter.(*Writer).Flush(0xc4200fe100, 0xc42024c4e0, 0x4)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:467 +0x2b
text/tabwriter.(*Writer).Write(0xc4200fe100, 0xc4202202d0, 0x2c, 0x30, 0x2c, 0x0, 0x0)
	/usr/local/opt/go/libexec/src/text/tabwriter/tabwriter.go:518 +0x3df
main.main.func2.1(0xc4200fe100, 0xc4204aa380, 0xc4204aa370, 0xf)
	/Users/bbronosky/Go/src/github.com/jessfraz/reg/main.go:153 +0x311
created by main.main.func2
	/Users/bbronosky/Go/src/github.com/jessfraz/reg/main.go:146 +0x225

Since docker.int is a private repo you cannot reach, I can offer you:

$ while read; do echo "## $REPLY"; reg -r docker.int tags $REPLY; done < repos
## admin-ui
1.0.2
1.0.3
1.0.1
1.0.6
1.0.0
1.0.7
1.0.5
1.0.4
latest
## admin-ui-prod
1.0.16
1.0.13
1.0.11
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.14
1.0.8
## admin-ui-uat
1.0.16
1.0.13
1.0.11
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.14
1.0.8
## alpine
latest
## android-installer
1.0.1
1.0.0
## appliance-service
1.11.0
1.6.0
1.15.0
1.16.0
1.28.0
1.29.0
1.20.0
1.24.0
1.9.0
1.3.0
1.0.0
1.18.0
1.7.0
1.5.0
1.4.0
1.25.0
1.30.0
1.17.0
1.10.0
1.13.0
1.31.0
1.19.0
1.12.0
1.23.0
1.1.0
1.14.0
1.8.0
1.22.0
1.27.0
1.2.0
1.26.0
1.21.0
latest
## billing-meter-service
1.6.0
0.3
1.3.0
1.0.0
1.5.0
1.4.0
0.2
0.4
1.1.0
1.2.0
latest
## comm-jarvis-analytics
latest
## comm-jarvis-app
gunicorn
latest
henri
## comm-message-api
1.3.0
1.0.0
1.5.0
1.4.0
1.1.0
1.2.0
latest
## comm-preference-api
1.3.0
1.0.0
1.4.0
1.1.0
1.2.0
latest
## comm-processor
1.6.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.1.0
1.2.0
latest
## comm-validator
1.11.0
1.6.0
1.9.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.10.0
1.4.0-SNAPSHOT
1.1.0
1.8.0
1.2.0
latest
## config-service
1.6.0
1.3.0
1.0.0
1.7.0
1.5.0
1.0.0-SNAPSHOT
1.4.0
1.1.0
1.2.0
latest
## config-service-reader
1.0.0
1.0.0-SNAPSHOT
latest
## config-service-writer
1.0.0
1.0.0-SNAPSHOT
latest
## consumer-ui
3.154.0
3.139.0
3.153.0
3.152.0
3.144.0
3.146.0
3.135.0
3.143.0
3.145.0
3.149.0
3.142.0
3.141.0
3.138.0
3.136.0
3.140.0
3.148.0
3.147.0
3.137.0
3.151.0
latest
3.150.0
## customer-control-charts-data
2de7142
3d2a8c8
653b1c1
0871d6f
d7620e0
## datavault-service
0.1
1.0.0
1.1.0
latest
## dependencies-service
1.2.3
1.0.0
1.2.2
1.2.1
1.1.0
1.2.0
latest
## device-collector-service
1.0.2
1.0.29
1.0.18
1.0.21
1.0.22
1.0.23
1.0.3
1.0.27
1.0.36
1.0.16
1.0.1
1.0.25
1.3.0
1.0.6
1.0.0
1.5.0
1.0.7
1.4.0
1.0.13
1.0.5
1.0.19
1.0.30
1.0.4
1.0.32
1.0.26
1.0.31
1.0.35
1.0.33
1.0.11
1.0.15
1.0.9
1.0.10
1.0.12
1.1.0
1.0.17
1.0.28
1.0.14
1.2.0
latest
1.0.8
1.0.24
1.0.34
1.0.20
## device-grid-microservice
1.3.0
1.0.0
1.5.0
1.4.0
1.1.0
1.2.0
latest
## device-installer-ui
1.0.2
1.0.18
1.0.21
1.0.22
1.0.23
1.0.3
1.0.27
1.0.16
1.0.1
1.0.25
1.0.6
1.0.0
1.0.7
1.0.13
1.0.5
1.0.19
1.0.4
1.0.26
1.0.11
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.14
1.0.8
1.0.24
1.0.20
## device-installer-ui-prod
1.0.29
1.0.36
1.0.30
1.0.32
1.0.31
1.0.35
1.0.33
1.0.28
1.0.34
## device-installer-ui-uat
1.0.29
1.0.36
1.0.30
1.0.32
1.0.31
1.0.35
1.0.33
1.0.28
1.0.34
## device_grid
3.154.0
3.139.0
3.153.0
3.152.0
3.144.0
3.146.0
3.143.0
3.145.0
3.149.0
3.142.0
3.141.0
3.138.0
3.136.0
3.140.0
3.148.0
3.147.0
3.137.0
3.151.0
latest
3.150.0
## devicecloud-microservice
1.0.0
1.1.0
latest
## docker-java8
latest
## docker-jre8-alpine
1.0.0
## docker-jre8-alpine-alpn
1.0.2
1.0.3
1.0.1
1.0.0
## docker-scala-2.10.4
latest
## ema-ui-prod
1.0.2
1.0.29
1.0.18
1.0.21
1.0.22
1.0.3
1.0.27
1.0.16
1.0.1
1.0.25
1.0.6
1.0.0
1.0.7
1.0.13
1.0.5
1.0.19
1.0.4
1.0.26
1.0.11
1.0.23b
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.28
1.0.14
1.0.22b
1.0.8
1.0.24
1.0.20
## ema-ui-uat
1.0.2
1.0.29
1.0.18
1.0.21
1.0.22
1.0.3
1.0.27
1.0.16
1.0.1
1.0.25
1.0.6
1.0.0
1.0.7
1.0.13
1.0.5
1.0.19
1.0.4
1.0.26
1.0.11
1.0.23b
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.28
1.0.14
1.0.22b
1.0.8
1.0.24
1.0.20
## email-service
1.11.0
0.1
1.6.0
1.9.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.10.0
1.12.0
0.2
1.1.0
1.8.0
1.2.0
latest
## redacted-service
1.0.0
1.1.0
1.2.0
latest
## redacted-monitor-server
3.1.0
3.1.0-SNAPSHOT-a5b2637
## event-alert-service
1.0.0
1.1.0
1.2.0
latest
## event-api
1.6.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.3.0-SNAPSHOT
1.1.0
1.2.0
latest
## fluentd-alpine-elasticsearch
1.0.0
## health-check
1.3.0
1.0.0
1.1.0
1.2.0
latest
## heapster_riemann
canary
## home-status-processor
1.6.0
1.3.0
1.0.0
1.5.0
1.4.0
1.3.0-SNAPSHOT
1.4.0-debug
1.1.0
1.2.0
latest
## ies-vacant-home-runner
v1.2
## ies-vsftpd
1.0.0
## ies-redacted
latest
## iesartifactory
latest
## iesbackup
1.0.2
1.0.1
1.0.0
## iesdns
latest
## iesjenkins
1.0.3
test_b
1.0.6
test_c
1.0.7
1.0.13
1.0.5
1.0.4
test_a
1.0.11
1.0.9
1.0.10
1.0.12
1.0.14
latest
1.0.8
## iesnagios
1.0.1
1.0.0
## installer-service
1.11.0
1.6.0
1.15.0
1.16.0
1.20.0
1.9.0
1.3.0
1.0.0
1.18.0
1.7.0
1.5.0
1.4.0
1.17.0
1.10.0
1.13.0
1.19.0
1.12.0
1.1.0
1.14.0
1.8.0
1.2.0
latest
## internal-control-charts-data
653b1c1
0871d6f
## internal-control-charts-data-ipc
2de7142
d7620e0
## internal-control-charts-data-smud
3d2a8c8
d7620e0
## irom-core
3.5.0
3.6.0
3fb5de2
a5245e7
91e6579
4c6adfd
## irom-core-integration
3.5.0
3.6.0
b6a21df
eb2cf16
## irom-plugins
3.10.0-SNAPSHOT
3.5.2
latest
## irom-rt
3.154.0
3.139.0
3.153.0
3.152.0
3.144.0
3.146.0
3.143.0
3.145.0
3.149.0
3.142.0
3.141.0
3.138.0
3.136.0
3.140.0
3.148.0
3.147.0
3.137.0
3.151.0
latest
3.150.0
## irom-ws
3.5.0
3.6.0
3fb5de2
91e6579
## iromcoremonitor
latest
## java
1.0.0
## jenkins
1.0.10
## knife
11
## redacted
latest
## lighttpd-docker
1.0.1
1.0.0
## misc-jobs
latest
## mv-runner
3.25.0
3.25.1
2.0
## nagios3
20150812_backup
latest
## network-utilities-service
1.0.0
latest
## network-utils-service
1.0.2
14d7808
1.0.3
v1.0.1
1.1.1
1.3.0
1.0.6
1.0.0
1.4.0
1.0.5
0.1.0
1.0.6-SNAPSHOT
1.1.3
1.0.4
1.4.1
1.1.2
1.2.1
v0.0.1
1.1.0
1.2.0
latest
## nginx-admin-ui-prod
1.0.18
1.0.21
1.0.22
1.0.23
1.0.16
1.0.19
1.0.15
1.0.17
1.0.24
1.0.20
## nginx-admin-ui-uat
1.0.2
1.0.18
1.0.21
1.0.22
1.0.23
1.0.3
1.0.16
1.0.1
1.0.6
1.0.0
1.0.7
1.0.13
1.0.5
1.0.19
1.0.4
1.0.11
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.14
1.0.8
1.0.24
1.0.20
## nginx-ema-ui-prod
1.0.0
## nginx-ema-ui-uat
1.0.0
## nginx-installer-ui-prod
1.0.18
1.0.16
1.0.17
## nginx-installer-ui-uat
1.0.2
1.0.18
1.0.3
1.0.16
1.0.1
1.0.6
1.0.0
1.0.7
1.0.13
1.0.5
1.0.4
1.0.11
1.0.15
1.0.9
1.0.10
1.0.12
1.0.17
1.0.14
1.0.8
## nginx-jwt
1.0.0
## nginx-php
latest
## node-service
1.6.0
1.9.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.9.1
1.10.0
1.1.0
1.8.0
1.2.0
latest
## nw-utils
latest
## openadr
latest
## push-notification-service
0.1
0.3
0.5
0.2
0.4
latest
## pushnotification-service
0.16
0.17
0.10
0.8
0.21
0.12
0.14
0.22
0.15
0.11
0.13
0.20
0.6
0.7
0.18
0.19
0.9
latest
0.23
## resident-billing-meter-service
0.1
latest
## root
3.7.0-SNAPSHOT
## salesforce-service
1.1.0
latest
## sms-service
1.6.0
1.9.0
1.3.0
1.7.0
1.5.0
1.4.0
1.1.0
1.8.0
1.2.0
latest
## sysintegration
latest
## ubuntu14-oracle-jre7
1.0.0
## ubuntu14-oracle-jre7-yjp
1.0.0
## user-service
1.11.0
1.6.0
1.9.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.10.0
1.13.0
1.12.0
1.1.0
1.8.0
1.2.0
latest
## vacant-home-api
1.0.2
1.0.3
1.0.1
1.0.6
1.0.0
1.0.7
1.0.5
1.0.4
1.0.9
latest
1.0.8
## verification-service
1.6.0
1.9.0
1.3.0
1.0.0
1.7.0
1.5.0
1.4.0
1.1.0
1.8.0
1.2.0
latest
## weather-service
1.0.0
1.1.0
1.2.0
latest

[Feature request] Infer registry host from image name argument

In issues #30, #31 I was mainly confused about the way I am supposed to specify private registry host to the reg CLI.

I assumed these would work:

reg ls r.j3ss.co
reg tags r.j3ss.co/chrome

however it looks like the actual syntax is:

reg -r https://r.j3ss.co ls
reg -r https://r.j3ss.co tags chrome

To me I needed to provide full HTTPS url:

reg -d -r https://gcr.io tags ahmetb/imagename

This seemed a bit weird to me:

Registry host is almost always part of image name (i.e. when you specify it while running it)
Docs say reg -r r.j3ss.co, but in my case all ~/.docker/config.json starts with https://. For example docker login to docker hub creates https://index.docker.io/v1/ which I have no idea how I can use with reg tool.

Overall, it seems like inference of the registry host from image (if no host, default to index.docker.io) and being more forgiving about URLs that appear with/without https:// prefix can improve the user experience.

Fails to build

docker build -t reg .

Sending build context to Docker daemon 5.014 MB
Step 1/8 : FROM alpine:latest
 ---> 88e169ea8f46
Step 2/8 : MAINTAINER Jessica Frazelle <[email protected]>
 ---> Using cache
 ---> d57522e47d20
Step 3/8 : ENV PATH /go/bin:/usr/local/go/bin:$PATH
 ---> Using cache
 ---> 7bf6f8e62d72
Step 4/8 : ENV GOPATH /go
 ---> Using cache
 ---> 0bb28171e107
Step 5/8 : RUN apk add --no-cache 	ca-certificates
 ---> Using cache
 ---> 71a28ccb1040
Step 6/8 : COPY . /go/src/github.com/jessfraz/reg
 ---> c84652c75135
Removing intermediate container 18806d1bb7e6
Step 7/8 : RUN set -x 	&& apk add --no-cache --virtual .build-deps 		go 		git 		gcc 		libc-dev 		libgcc 	&& cd /go/src/github.com/jessfraz/reg 	&& go build -o /usr/bin/reg . 	&& apk del .build-deps 	&& rm -rf /go 	&& echo "Build complete."
 ---> Running in 1f3855a840f4
+ apk add --no-cache --virtual .build-deps go git gcc libc-dev libgcc
fetch http://dl-cdn.alpinelinux.org/alpine/v3.5/main/x86_64/APKINDEX.tar.gz
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.5/main/x86_64/APKINDEX.tar.gz: temporary error (try again later)
fetch http://dl-cdn.alpinelinux.org/alpine/v3.5/community/x86_64/APKINDEX.tar.gz
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/v3.5/community/x86_64/APKINDEX.tar.gz: temporary error (try again later)
ERROR: unsatisfiable constraints:
  .build-deps-0:
    masked in: cache
    satisfies: world[.build-deps]
  go (missing):
    required by:
  git (missing):
    required by:
  gcc (missing):
    required by:
  libc-dev (missing):
    required by:
  libgcc (missing):
    required by:
The command '/bin/sh -c set -x 	&& apk add --no-cache --virtual .build-deps 		go 		git 		gcc 		libc-dev 	libgcc 	&& cd /go/src/github.com/jessfraz/reg 	&& go build -o /usr/bin/reg . 	&& apk del .build-deps 	&& rm -rf /go 	&& echo "Build complete."' returned a non-zero code: 6

From current master just now

vulns not working with private registry (protected by basic auth)

Hi, I've setup a private registry with basic auth and successfully managed to list my repositories:

$ reg -d -r registry.example.com list
2017/06/14 12:16:18 registry.ping url=https://registry.example.com/v2/
2017/06/14 12:16:18 registry.catalog url=https://registry.example.com/v2/_catalog
Repositories for registry.example.com
2017/06/14 12:16:18 registry.tags url=...
REPO                               TAGS
organisation/imagename1            latest, 0.1.24
organisation/imagename2            latest

Reg is perfectly using my .docker/config.json to pass Basic Auth header and retrieve my repos.

Then, I installed a coreos clair vulnerability analysis container on localhost:

$ curl http://localhost:6060/v1/namespaces         
{"Namespaces":[{"Name":"debian:8","VersionFormat":"dpkg"},...]}

When I try:

$ reg -d -r registry.example.com vulns --clair http://localhost:6060 organisation/imagename1

I get:

2017/06/14 12:15:50 registry.ping url=https://registry.example.com/v2/
2017/06/14 12:15:50 registry.manifests uri=https://registry.example.com/v2/organisation/imagename1/manifests/latest repository=organisation/imagename1 ref=latest
2017/06/14 12:15:50 registry.token url=https://registry.example.com/v2/organisation/imagename1/blobs/sha256:b7...cf
FATA[0000] malformed auth challenge header: 'Basic realm="Registry Realm"'

Does vulns support Basic Auth with a private registry?

reg-server seems to stop executing but exit 0

I'm sure I'm doing something silly like not providing necessary info/config but I'm not sure what I'm missing here. Any hints would be greatly appreciated.

$ reg-server -r registry.fedoraproject.org                                                                            
INFO[0000] fetching catalog                             
INFO[0000] fetching tags                                
INFO[0001] creating temporary file for template         
INFO[0001] parsing and executing the template           
INFO[0001] renaming the temporary file /tmp/reg-server916716219 to /go/src/github.com/jessfraz/reg/server/static/index.html 

$ ls -l /go/src/github.com/jessfraz/reg/server/static/index.html
ls: cannot access '/go/src/github.com/jessfraz/reg/server/static/index.html': No such file or directory

Improve index.html

Hi,

we have ~9000 rows in the resulting index.html because we have a lot of images with a lot of tags each.
Loading index.html takes forever because its 8mb in size.

I would like to reduce the content of the index.html to only list all images which are links to a page per image which will list all tags of this image. The reference to the vulns will be located there as well.

@jessfraz what do you think ?

list repositories from docker hub.

I'm getting unauthorized although I was able to login.

what am I'm missing ?

➜  docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username (odedp):
Password:
Login Succeeded
➜  reg list
FATA[0003] Get https://registry-1.docker.io/v2/_catalog: http: non-successful response (status=401 body="{\"errors\":[{\"code\":\"UNAUTHORIZED\",\"message\":\"authentication required\",\"detail\":[{\"Type\":\"registry\",\"Class\":\"\",\"Name\":\"catalog\",\"Action\":\"*\"}]}]}\n")```

garbled ls output

Looks like the parallelised ls output is causing garbled output sometimes. The following are all from a private registry, all called kolla/xx and have 4.0.3 and 5.0.0 tags:

olla/centos-binary-keystone4                     .0.3, 5.0.0k
olla/centos-binary-nova-spicehtml5proxy4         .0.3, 5.0.0k
olla/centos-binary-nova-compute-ironic4          .0.3, 5.0.0k
olla/centos-binary-designate-mdns4               .0.3k
olla/centos-binary-nova-ssh4                     .0.3, 5.0.0k
olla/centos-binary-openvswitch-db-server4        .0.3, 5.0.0k
olla/centos-binary-neutron-vpnaas-agent4         .0.3, 5.0.0k
olla/centos-binary-neutron-sriov-agent5          .0.0k
olla/centos-binary-neutron-metadata-agent4       .0.3, 5.0.0k
olla/centos-binary-cinder-volume4                .0.3, 5.0.0k

PR coming soon...

Malformed auth challenge header on layer upload

I am using the latest genuinetools/reg master api to move images from one registry to another.
Ping, Login, HasLayer and Listing are working fine on both the target and source registry.

However I get this error when I try to push the layer to the target registry which is in version 2.6.2.

"Post https://target.example.com/v2/pdr/tls-proxy/blobs/uploads/: 
malformed auth challenge header: 'Bearer realm=\"https://docker.example.com/v2/token\",service=\"target.example.com\",scope=\"repository:pdr/tls-proxy:pull,push\"'"
time="2018-06-02T18:24:47+02:00" level=info msg="Tag := 1.3.2"

This is the log excerpt from the registry itself.

time="2018-06-02T21:25:09.957720975Z" 
level=warning msg="error authorizing context: authorization token required" 
go.version=go1.7.6 
http.request.contenttype="application/octet-stream" 
http.request.host=target.example.com 
http.request.id=78dc7065-d1cc-4e09-923c-9d96527f0a3d 
http.request.method=POST 
http.request.remoteaddr=88.152.186.104 
http.request.uri="/v2/pdr/tls-proxy/blobs/uploads/" 
http.request.useragent="Go-http-client/2.0" 
instance.id=19e1450d-f69e-4fe2-9463-025bd1d4426e service=registry 
vars.name="pdr/tls-proxy" version=v2.6.2 

172.18.0.5 - - [02/Jun/2018:21:25:09 +0000] "POST /v2/pdr/tls-proxy/blobs/uploads/ HTTP/1.1" 401 228 "" "Go-http-client/2.0"

Can't list info from hub.docker.com

I am trying my private and public images on hub.docker.com however I am not able to do so.

➜  reg ls vad1mo 
Using registry "https://registry-1.docker.io" with no authentication
FATA[0004] Get https://registry-1.docker.io/v2/_catalog: http: non-successful response (status=401 body="{\"errors\":[{\"code\":\"UNAUTHORIZED\",\"message\":\"authentication required\",\"detail\":[{\"Type\":\"registry\",\"Class\":\"\",\"Name\":\"catalog\",\"Action\":\"*\"}]}]}\n") 
➜  reg -u vad1mo -p redacted ls vad1mo
FATA[0004] Get https://registry-1.docker.io/v2/_catalog: http: non-successful response (status=401 body="{\"errors\":[{\"code\":\"UNAUTHORIZED\",\"message\":\"authentication required\",\"detail\":[{\"Type\":\"registry\",\"Class\":\"\",\"Name\":\"catalog\",\"Action\":\"*\"}]}]}\n") 
➜  reg -u vad1mo -p redacted -r registry-1.docker.io ls vad1mo
FATA[0004] Get https://registry-1.docker.io/v2/_catalog: http: non-successful response (status=401 body="{\"errors\":[{\"code\":\"UNAUTHORIZED\",\"message\":\"authentication required\",\"detail\":[{\"Type\":\"registry\",\"Class\":\"\",\"Name\":\"catalog\",\"Action\":\"*\"}]}]}\n") 
➜  docker login -u vad1mo -p redacted                                   
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded

loop when image is not known from Clair Server

when you click on an image on the reg-server interface , if this image is not known from clair you will have a looping wheel and message like this in logs

time="2017-07-13T11:30:43Z" level=info msg="fetching tags" URL=/repo/anchore_jenkins/tags func=tags method=GET
time="2017-07-13T11:30:43Z" level=info msg="fetching vulnerabilities" URL=/repo/anchore_jenkins/tag/latest/vulns.json func=vulnerabilities method=GET
time="2017-07-13T11:30:44Z" level=error msg="vulnerability scanning for anchore_jenkins:latest failed: clair error: could not find layer" URL=/repo/anchore_jenkins/tag/latest/vulns.json func=vulnerabilities method=GET

do you think that if such error occurs "failed: clair error: could not find layer" , it could be possible to try to push the image to Clair automatically ?

RegServer getting v1 manifest for image failed: missing signature key

Hi !!

When i run the following command....

FATA[0001] missing signature key``` 

If i run this curl, it works:

curl -H "Accept: application/vnd.docker.distribution.manifest.v2+json" -X GET -k https:/reg.myprivatedomain.lo/v2/myrepo/demo/manifests/latest
{
"schemaVersion" : 1,
"name" : "myrepo/demo",
"tag" : "latest",
"architecture" : "amd64",
"fsLayers" : [ {
"blobSum" : "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
}, {
"blobSum" : "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
}, {
"blobSum" : "sha256:426ce2ddcd39174b367fbfc3bc52923a6d844e51bcb05d5a88a1cb603957e6db"
}, {
"blobSum" : "sha256:eb076ff0681f21f6a22d343663082577780c4aa16943e2379b58dd1d29a217e1"
}, {
"blobSum" : "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
}, {
"blobSum" : "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
}, {
"blobSum" : "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"
}, {
"blobSum" : "sha256:ff3a5c916c92643ff77519ffa742d3ec61b7f591b6b7504599d95a4a41134e28"
} ],
"history" : [ {
... stuff
} ]
}```

I'm not sure if could be related to #41 or not, but my docker registry is nexus3.

Any clue?

(Suggestion) Easier method to remove images

This might be my fault, but I only get v1 schemas from reg manifest <image>. Is there any way to force getting v2 schemas so I can get the image digest and remove it? Otherwise I'm not sure how I'm supposed to remove images. Deleting "fsLayers" doesn't seem like a good idea.

Thanks! 😄

No error out when image is missing.

For example: Going to https://r.j3ss.co/repo/foobar/tags doesn't produce an error, but rather, no tags.

Could the test paragraph be extended and explained why the following issue could occur?

The project has been forked and when go test is run then

# github.com/030/reg
./main.go:41: cannot use c (type *"github.com/030/reg/vendor/github.com/urfave/cli".Context) as type *"github.com/jessfraz/reg/vendor/github.com/urfave/cli".Context in argument to utils.GetAuthConfig
./main.go:41: cannot assign "github.com/jessfraz/reg/vendor/github.com/docker/docker/api/types".AuthConfig to auth (type "github.com/030/reg/vendor/github.com/docker/docker/api/types".AuthConfig) in multiple assignment
./main.go:53: cannot use auth (type "github.com/030/reg/vendor/github.com/docker/docker/api/types".AuthConfig) as type "github.com/jessfraz/reg/vendor/github.com/docker/docker/api/types".AuthConfig in argument to "github.com/jessfraz/reg/registry".NewInsecure
./main.go:58: cannot use auth (type "github.com/030/reg/vendor/github.com/docker/docker/api/types".AuthConfig) as type "github.com/jessfraz/reg/vendor/github.com/docker/docker/api/types".AuthConfig in argument to "github.com/jessfraz/reg/registry".New
./main.go:109: cannot use c (type *"github.com/030/reg/vendor/github.com/urfave/cli".Context) as type *"github.com/jessfraz/reg/vendor/github.com/urfave/cli".Context in argument to utils.GetRepoAndRef
./main.go:165: cannot use c (type *"github.com/030/reg/vendor/github.com/urfave/cli".Context) as type *"github.com/jessfraz/reg/vendor/github.com/urfave/cli".Context in argument to utils.GetRepoAndRef
./main.go:223: cannot use c (type *"github.com/030/reg/vendor/github.com/urfave/cli".Context) as type *"github.com/jessfraz/reg/vendor/github.com/urfave/cli".Context in argument to utils.GetRepoAndRef
./main.go:228: cannot use "github.com/030/reg/vendor/github.com/opencontainers/go-digest".Digest(ref) (type "github.com/030/reg/vendor/github.com/opencontainers/go-digest".Digest) as type "github.com/jessfraz/reg/vendor/github.com/opencontainers/go-digest".Digest in argument to r.DownloadLayer
./main.go:262: cannot use c (type *"github.com/030/reg/vendor/github.com/urfave/cli".Context) as type *"github.com/jessfraz/reg/vendor/github.com/urfave/cli".Context in argument to utils.GetRepoAndRef
./main.go:279: cannot use layer (type "github.com/jessfraz/reg/vendor/github.com/docker/distribution/manifest/schema1".FSLayer) as type "github.com/030/reg/vendor/github.com/docker/distribution/manifest/schema1".FSLayer in append
./main.go:279: too many errors
FAIL	github.com/030/reg [build failed]

occurs

Proposal: sort tags page

Hi,

I've been tweaking and testing the server part of reg. Simple, fast. Awesome...thanks for sharing.

I wish to sort the tags page by created date. Sorting the result before exec'ing the template, I think is what needs to be done, however, no luck.
Go is very new to me, still learning.

Any pointers?

Thanks,
Tom

feature request: allow registry to be specified by env variable

If you work a lot with a particular private registry, it can be useful to specify this in your environment so you don't have to specify it with every command.

Proposal: Add a flag to change output format

Hi!

Would you be open to a PR about adding an output format flag? I'd like to output json from the ls command to further script some processes.

Thanks!

add tests

getting a few PRs and would be nice to test vs. just making sure it compiles lol

reg uses incorrect registry endpoint

Seems like reg is munging the registry endpoint when the docker config registry URL contains a path

$ cat ~/.docker/config.json
{
	"auths": {
		"https://index.docker.io/v1/": {
			"auth": "*******"
		}
	}
}

$ reg --debug manifest library/ubuntu:trusty
2017/04/05 20:57:51 registry.ping url=https://index.docker.io/v1/v2/
2017/04/05 20:57:52 registry.manifests uri=https://index.docker.io/v1/v2/library/ubuntu/manifests/trusty repository=library/ubuntu ref=trusty

Proposal: Add pagination to tags page

Hi folks,
is it possible to add pagination for repo/tags page? Currently application displays all images from repo on a single page and I can see problems with big repos. We have huge repos with thousands images and tags page creation for repo with approximately 12000 images takes 50min :). So, perhaps pagination can fix this issue.

Thanks!

`ls` combined with passing username, password and registry fails

$ reg-linux-amd64 --insecure -u <user> -p <password> -r <registry> ls
No help topic for '<registry>'
ERROR: Job failed: exit code 1

while this works

reg-linux-amd64 -k ls