// ImagePush requests the docker host to push an image to a remote registry.
// It executes the privileged function if the operation is unauthorized
// and it tries one more time.
// It's up to the caller to handle the io.ReadCloser and close it properly.
func (cli *Client) ImagePush(ctx context.Context, ref string, options types.ImagePushOptions) (io.ReadCloser, error) {
distributionRef, err := distreference.ParseNamed(ref)
if err != nil {
return nil, err
}
if _, isCanonical := distributionRef.(distreference.Canonical); isCanonical {
return nil, errors.New("cannot push a digest reference")
}
var tag = ""
if nameTaggedRef, isNamedTagged := distributionRef.(distreference.NamedTagged); isNamedTagged {
tag = nameTaggedRef.Tag()
}
query := url.Values{}
query.Set("tag", tag)
resp, err := cli.tryImagePush(ctx, distributionRef.Name(), query, options.RegistryAuth)
if resp.statusCode == http.StatusUnauthorized && options.PrivilegeFunc != nil {
newAuthHeader, privilegeErr := options.PrivilegeFunc()
if privilegeErr != nil {
return nil, privilegeErr
}
resp, err = cli.tryImagePush(ctx, distributionRef.Name(), query, newAuthHeader)
}
if err != nil {
return nil, err
}
return resp.body, nil
}
//PushImage pushes the remotely tagged image to docker. Returns a reader of the stream, or an error
func (imageCreator LocalImageCreator) PushImage(dockerInfo *DockerInfo) (chan (string), error) {
localTag := dockerInfo.GetTagName()
remoteRepo := imageCreator.remoteRepo
remoteTag := dockerInfo.GetRemoteTagPath(remoteRepo)
revision := dockerInfo.Revision
imageTagOptions := types.ImageTagOptions{
Force: true,
ImageID: localTag,
RepositoryName: remoteTag,
Tag: revision,
}
LogInfo.Printf("Tagging local image id of %s with remote tag of %s and tag %s", localTag, remoteTag, revision)
err := imageCreator.client.ImageTag(context.Background(), imageTagOptions)
if err != nil {
return nil, err
}
imagePushOptions := types.ImagePushOptions{
ImageID: remoteTag,
Tag: revision,
}
//this call on every invocation is deliberate. Our keys should rotate and we want to continue to function when
//that happens
authConfig := generateAuthConfiguration(imageCreator.remoteRepo)
imagePushOptions.RegistryAuth = authConfig
//not sure why we need this when authconfig is already provided, but required at the API level
privledgedFunction := func() (string, error) {
return authConfig, nil
}
reader, err := imageCreator.client.ImagePush(context.Background(), imagePushOptions, privledgedFunction)
if err != nil {
return nil, err
}
streamParser := NewPushStreamParser(reader)
//start consuming/emitting
go streamParser.Parse()
return streamParser.Channel(), nil
}