Last active
February 21, 2023 00:08
-
-
Save Exchizz/02b2276cb992c5c7cd04a824c921d0f3 to your computer and use it in GitHub Desktop.
Proof-of-concept on how "docker-pull" works
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Based on the following question from stack-exchange: | |
# https://devops.stackexchange.com/questions/2731/downloading-docker-images-from-docker-hub-without-using-docker | |
# Get token | |
TOKEN="$(curl --silent --header 'GET' "https://auth.docker.io/token?service=registry.docker.io&scope=repository:library/ubuntu:pull" | jq -r '.token')" | |
# Get manifest | |
echo "Manifest: " | |
curl --silent --request 'GET' --header "Authorization: Bearer ${TOKEN}" 'https://registry-1.docker.io/v2/library/ubuntu/manifests/latest' | jq "." | |
# Get filesystem layers from manifest | |
SHAs="$(curl --silent --request 'GET' --header "Authorization: Bearer ${TOKEN}" 'https://registry-1.docker.io/v2/library/ubuntu/manifests/latest' | jq -r '.fsLayers[].blobSum')" | |
# for SHA in SHAs | |
while read -r SHA; do | |
echo "Downloading $SHA" | |
curl --location --request GET --header "Authorization: Bearer ${TOKEN}" "https://registry-1.docker.io/v2/library/ubuntu/blobs/${SHA}" --output "${SHA/*:/}.gz" | |
done <<< "$SHAs" | |
# Reverse order of SHAs (due to how mount works) | |
SHAs=$(echo $SHAs | tac) | |
# Extract layers | |
MOUNT_ARGS="" | |
for SHA in $SHAs; do | |
mkdir -p ${SHA/*:/} | |
tar -C ./${SHA/*:/} -xf ${SHA/*:/}.gz | |
MOUNT_ARGS="${SHA/*:/}:$MOUNT_ARGS" | |
done | |
# Create directories | |
mkdir -p container-layer workdir mountpoint | |
# Mount the layers using overlay | |
echo "Mount fs: " | |
echo "mount -t overlay -o lowerdir=${MOUNT_ARGS::-1},upperdir=container-layer,workdir=workdir overlay mountpoint" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment