SoFunction
Updated on 2025-04-13

Image deletion method of docker private repository

Image deletion of docker private repository

Get token

1. base64 username password

echo -n <Your username>:<Your password> | base64
# The resulting string is: dXNlcm5tYWU6cGFzc3dvcmQ=

2. First request the interface to be requested

For example, I get all the mirror list interfaceshttp://127.0.0.1:5000/v2/_catalog

curl -i -X GET 'http://127.0.0.1:5000/v2/_catalog'

The returned header has

Www-Authenticate: Bearer realm="https://127.0.0.1:4000/auth",service="Registry",scope="registry:catalog:*"
  • realm: You need to get token in this interface
  • service, scope is query parameters

3. Request interface auth

The above Www-Authenticate information is an example

# url is best to wrap in quotescurl -i -H'Authorization: Basic dXNlcm5tYWU6cGFzc3dvcmQ=' -X GET 'http://127.0.0.1:4000/auth?service=Registry&scope=registry:catalog:*'
# The returned data is as follows{"access_token": "", "token": ""}
# access_token and token The values ​​in the field are the same

4. Hold the token and request the interface

curl  -i -H"Authorization: Bearer "  'http://127.0.0.1:5000/v2/_catalog'

# Return result{"registry": ["aaa/bbbb"]}

Request tag list interface

aaa/bbbb is a mirror

1. Go to request token

# Pay attention to the scope in the query parameterscurl -i -H'Authorization: Basic dXNlcm5tYWU6cGFzc3dvcmQ=' -X GET 'http://127.0.0.1:4000/auth?service=Registry&scope=registry:aaa/bbbb:pull'

The scope of the interface is different every time you request the token interface.

2. Take the token to request the mirror tag list

curl -i  -H "Authorization:  Bearer " 'http://127.0.0.1:5000/v2/aaa/bbbb/tags/list'

{"name":"aaa/bbbb","tags":["v1.0.2","v1.0.3"]}

Delete the mirror

1. Get the sha256 of the mirror tag first

curl -i  -H "Authorization: Bearer " -H'Accept: application/.v2+json'  'http://127.0.0.1:5000/v2/aaa/bbbb/manifests/v1.0.2'
# Return valueHTTP/1.1 200 OK
Content-Length: 529
Content-Type: application/.v2+json
Docker-Content-Digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
Docker-Distribution-Api-Version: registry/2.0
Etag: "sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc"
  • Note that header headers are required, all must be added
  • The sha256 in the header needs to be deleted

2. Delete the mirror

curl -i -XDELETE -H "Authorization:  Bearer "   'http://127.0.0.1:5000/v2/aaa/bbbb/manifests/sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc'
# return 202 Status code,It means it was successful
  • mistake:

{"errors":[{"code":"MANIFEST_UNKNOWN","message":"OCI index found, but accept header does not support OCI indexes"}]}

  • Solution:

Add header header when curl requests:

-H "Accept: application/.v1+json" 
-H "Accept: application/.v1+json"

Summarize

The above is personal experience. I hope you can give you a reference and I hope you can support me more.