Skip to content

Ideas for new functionality #60

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
Ideas for new functionality#60
@benperez

Description

@benperez
benperez
opened on Jun 9, 2018

First of all, just wanted to say thanks for putting this library together. I've been using it for a few weeks and it works great. I'm primarily using it to programmatically build, tag and push docker images on an Amazon EC2 instance to a private ECR registry.

I've added a few pieces of functionality in my fork that I'd be happy to merge back in but I wanted to run the implementations by you first.

Easy stuff:

  1. Tagging images.
tagImage :: forall m. MonadUnliftIO m => T.Text -> T.Text -> Maybe Tag -> DockerT m (Either DockerError ())
tagImage name repo maybeTag = requestUnit POST (TagImageEndpoint name repo maybeTag)
  1. Pushing images.
pushImage :: forall m. MonadUnliftIO m => T.Text ->  Maybe Tag -> DockerT m (Either DockerError ())
pushImage name maybeTag = requestUnit POST (PushImageEndpoint name maybeTag)

Medium Stuff

  1. MonadUnliftIO. How would you feel about switching the constraints on the Api.hs functions from (MonadIO m, MonadMask m) to just MonadUnliftIO m? I noticed you have a #if MIN_VERSION_http_conduit(2,3,0) check in Http.hs for backwards compatibility with older snapshots.

Bigger Stuff

  1. Authentication. I added X-REGISTRY-CONFIG for building images and X-REGISTRY-AUTH for tagging and pushing images.
  2. Credentials helpers. AWS and other platforms have different methods for doing docker authentication that are a little more complex than just the docker username and password. It seems like the preferred method for accomplishing this is described here. The gist of it is that you have a section in your ~/.docker/config.json which specifies a binary to run to get registry creds. The API that I'm thinking of for accessing these would let the user specify how to do auth in DockerClientOpts:
data DockerAuthStrategy = NoAuthStrategy
                        | ExplicitStrategy RegistryConfig
                        | DiscoverStrategy

NoAuthStrategy obviously uses no authentication. ExplicitStrategy let's you explicitly pass in a RegistryConfig mapping. DiscoverStrategy will look for a credsStore field in the ~/.docker/config.json file and use the binary it points to to automatically retrieve the auth parameters for each request. The DiscoverStrategy is inspired by amazonka

Let me know what you think!

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions