Skip to content

Instantly share code, notes, and snippets.

@imjasonh

imjasonh/demo.md

Last active May 17, 2023 13:36
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save imjasonh/c19141e41570ff8762c3aa4cec80cae4 to your computer and use it in GitHub Desktop.
Save imjasonh/c19141e41570ff8762c3aa4cec80cae4 to your computer and use it in GitHub Desktop.
Download ZIP
cgr.dev Tag History API
Raw
demo.md

Demoing cgr.dev tag history

We're going to use the new tag history API to see tag updates to cgr.dev/chainguard/static:latest!

First, exchange your Chainguard token for a registry token. This assumes you've set up auth with chainctl auth configure-docker:

tok=$(curl -H "Authorization: Bearer $(echo 'cgr.dev' | docker-credential-cgr get)" -v "https://cgr.dev/token?scope=repository:chainguard/static:pull" | jq -r .token)

Then pass that token to the Tag History API endpoint:

curl -H "Authorization: Bearer $tok" https://cgr.dev/v2/chainguard/static/_chainguard/history/latest | jq
{
  "history": [
    {
      "UpdateTimestamp": "2023-05-12T13:52:14.835Z",
      "Digest": "sha256:a117fb6e8c62246fe60e40eaa0c2cb51575db8cec42c114bc5a9d4cb89d94fee"
    },
    {
      "UpdateTimestamp": "2023-05-12T20:59:13.023Z",
      "Digest": "sha256:fc902adb6ed38298c20e59b212774f635732d9f9f3212fa52ced79153e1ee046"
    },
    {
      "UpdateTimestamp": "2023-05-12T21:24:46.707Z",
      "Digest": "sha256:c6567cbd31ea3495ef7139e85d239a6b235f65b4393d625fe465ae6ff34cc012"
    },
...

(A future release will change the keys to updateTimestamp and digest)

Because this is a public image, you can also request the tag history anonymously, by requesting a registry token without providing any pre-existing auth.

tok=$(curl "https://cgr.dev/token?scope=repository:chainguard/static:pull" | jq -r .token)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment