Push Private Image to Docker Registry via Docker API

Question

I'm using the Docker SDK for Python to push a local image repository into a Docker Registry (DockerHub in my case.)

I use the "push" method on "client.images" described on documentation here.

Unfortunately all published repositories are public. There appears to be no flag to push into a private repository or to ensure the pushed repository is private. Is this possible with the Docker Python API?

I tried this in three separate ways (all result in a public repo only):

Method One: Separate login (works, but results in public repo):

client = docker.from_env()   
auth_client = client.login(username = "kelly_peyton", 
                    password = "nightingale", 
                    email = "kpeyton@prophet5.org", 
                    registry = "docker.io",
                    reauth = True)
# other code here, not shown, to validate login succeeded

cli = APIClient(base_url="unix:///var/run/docker.sock")
br = cli.build(path = temp_local, 
    dockerfile = f"{temp_local}/Dockerfile", 
    tag = docker_repo_reference_tagged)
# other code here, not shown, to validate build succeeded

push_res = cli.push(repository = f"{docker_repo_reference}", 
    tag = docker_repo_tag, 
    stream = False, 
     decode = False)

Method Two: Credentials passed to push call (works, but results in public repo):

client = docker.from_env()   
cli = APIClient(base_url="unix:///var/run/docker.sock")
br = cli.build(path = temp_local, 
    dockerfile = f"{temp_local}/Dockerfile", 
    tag = docker_repo_reference_tagged)
# other code here, not shown, to validate build succeeded

push_res = cli.push(repository = f"{docker_repo_reference}", 
    tag = docker_repo_tag, 
    stream = False, 
    auth_config = {
        "username" : "kelly_peyton",
        "password" : "nightingale", 
        "email" : "kpeyton@prophet5.org", 
        "registry" : "docker.io"
        }, 
    decode = False)

Method Three: command line login (not via code) (works, but results in public repo):

client = docker.from_env()   
cli = APIClient(base_url="unix:///var/run/docker.sock")
br = cli.build(path = temp_local, 
    dockerfile = f"{temp_local}/Dockerfile", 
    tag = docker_repo_reference_tagged)
# other code here, not shown, to validate build succeeded

push_res = cli.push(repository = f"{docker_repo_reference}", 
    tag = docker_repo_tag, 
    stream = False, 
    decode = False)

All three methods work since the image does indeed get pushed to the registry (DockerHub in my case), and clearly auth worked since I push to my private DockerHub account. However, the images are always public.

The first link is broken, it's https://docker-py.readthedocs.io/en/stable/ — quimnuss, Oct 28 '22 at 14:28

score 1 · Accepted Answer · answered Mar 14 '19 at 19:27

1

You can't make repo private by set your credentials to API. It makes you be able to push the image to your repo only.

You should create or convert repo to be private. Please read documentation to know how to do it. Generally, only you can push to the repo. If repo public then everyone can download, if repo private then only you can download.

answered Mar 14 '19 at 19:27

ozlevka

1,988
16
28

Thanks for your comment. You noted "You should create or convert repo to be private" though the goal here to to use the Docker Python SDK to do this (rather than doing it manually.) Does the Docker Python SDK not offer a facility to set this programmatically? It seems not, but that is the goal of the question -- to do it programmatically, or minimally via a command-line (which can then be called programmatically) – CoderOfTheNight Mar 14 '19 at 20:54
1

@CoderOfTheNight you can use some another docker registry when being able to create a private repository by default. – ozlevka Mar 15 '19 at 05:58

Push Private Image to Docker Registry via Docker API

1 Answers1