Red Hat Quay API guide
Red Hat Quay API Guide
Abstract
Red Hat Quay API guide
Red Hat Quay API Guide
Abstract
- Preface
- 1. Introduction to Red Hat Quay OAuth 2.0 tokens
- 2. OAuth 2 access tokens
- 3. Robot account tokens
- 4. OCI referrers OAuth access token
- 5. Enabling and using the Red Hat Quay API
- 6. Red Hat Quay API examples
- 6.1. Managing a user application by using the API
- 6.2. Discovering Red Hat Quay API endpoints
- 6.3. Obtaining Red Hat Quay API error details
- 6.4. Global messages
- 6.5. Viewing usage logs by using the API
- 6.6. Exporting logs by using the API
- 6.7. Adding and managing labels by using the API
- 6.8. Using the API to mirror a repository
- 6.9. Establishing quota with the Red Hat Quay API
- 6.10. Establishing quota with the Red Hat Quay API
- 6.10.1. Creating an organization by using the Red Hat Quay API
- 6.10.2. Deleting an organization by using the Red Hat Quay API
- 6.10.3. Retrieving organization member information by using the API
- 6.10.4. Creating an organization application by using the Red Hat Quay API
- 6.10.5. Configuring a proxy cache for an organization by using the Red Hat Quay API
- 6.11. Managing repository permissions by using the Red Hat Quay API
- 7. Red Hat Quay Application Programming Interface (API)
- 7.1. Authorization
- 7.2. appspecifictokens
- 7.3. build
- 7.4. discovery
- 7.5. error
- 7.6. globalmessages
- 7.7. logs
- 7.8. manifest
- 7.9. mirror
- 7.10. namespacequota
- 7.10.1. listUserQuota
- 7.10.2. getOrganizationQuotaLimit
- 7.10.3. changeOrganizationQuotaLimit
- 7.10.4. deleteOrganizationQuotaLimit
- 7.10.5. createOrganizationQuotaLimit
- 7.10.6. listOrganizationQuotaLimit
- 7.10.7. getUserQuotaLimit
- 7.10.8. listUserQuotaLimit
- 7.10.9. getOrganizationQuota
- 7.10.10. changeOrganizationQuota
- 7.10.11. deleteOrganizationQuota
- 7.10.12. createOrganizationQuota
- 7.10.13. listOrganizationQuota
- 7.10.14. getUserQuota
- 7.11. organization
- 7.11.1. createOrganization
- 7.11.2. validateProxyCacheConfig
- 7.11.3. getOrganizationCollaborators
- 7.11.4. getOrganizationApplication
- 7.11.5. updateOrganizationApplication
- 7.11.6. deleteOrganizationApplication
- 7.11.7. createOrganizationApplication
- 7.11.8. getOrganizationApplications
- 7.11.9. getProxyCacheConfig
- 7.11.10. deleteProxyCacheConfig
- 7.11.11. createProxyCacheConfig
- 7.11.12. getOrganizationMember
- 7.11.13. removeOrganizationMember
- 7.11.14. getOrganizationMembers
- 7.11.15. getOrganization
- 7.11.16. changeOrganizationDetails
- 7.11.17. deleteAdminedOrganization
- 7.11.18. getApplicationInformation
- 7.12. permission
- 7.13. policy
- 7.13.1. createOrganizationAutoPrunePolicy
- 7.13.2. listOrganizationAutoPrunePolicies
- 7.13.3. getOrganizationAutoPrunePolicy
- 7.13.4. deleteOrganizationAutoPrunePolicy
- 7.13.5. updateOrganizationAutoPrunePolicy
- 7.13.6. createRepositoryAutoPrunePolicy
- 7.13.7. listRepositoryAutoPrunePolicies
- 7.13.8. getRepositoryAutoPrunePolicy
- 7.13.9. deleteRepositoryAutoPrunePolicy
- 7.13.10. updateRepositoryAutoPrunePolicy
- 7.13.11. createUserAutoPrunePolicy
- 7.13.12. listUserAutoPrunePolicies
- 7.13.13. getUserAutoPrunePolicy
- 7.13.14. deleteUserAutoPrunePolicy
- 7.13.15. updateUserAutoPrunePolicy
- 7.14. prototype
- 7.15. referrers
- 7.16. repository
- 7.17. repositorynotification
- 7.18. robot
- 7.18.1. getUserRobots
- 7.18.2. getOrgRobotPermissions
- 7.18.3. regenerateOrgRobotToken
- 7.18.4. getUserRobotPermissions
- 7.18.5. regenerateUserRobotToken
- 7.18.6. getOrgRobot
- 7.18.7. createOrgRobot
- 7.18.8. deleteOrgRobot
- 7.18.9. getOrgRobots
- 7.18.10. getUserRobot
- 7.18.11. createUserRobot
- 7.18.12. deleteUserRobot
- 7.18.13. Auth Federated Robot Token
- 7.18.14. createOrgRobotFederation
- 7.19. search
- 7.20. secscan
- 7.21. superuser
- 7.21.1. createInstallUser
- 7.21.2. deleteInstallUser
- 7.21.3. listAllUsers
- 7.21.4. listAllLogs
- 7.21.5. listAllOrganizations
- 7.21.6. createServiceKey
- 7.21.7. listServiceKeys
- 7.21.8. changeUserQuotaSuperUser
- 7.21.9. deleteUserQuotaSuperUser
- 7.21.10. createUserQuotaSuperUser
- 7.21.11. listUserQuotaSuperUser
- 7.21.12. changeOrganizationQuotaSuperUser
- 7.21.13. deleteOrganizationQuotaSuperUser
- 7.21.14. createOrganizationQuotaSuperUser
- 7.21.15. listOrganizationQuotaSuperUser
- 7.21.16. changeOrganization
- 7.21.17. deleteOrganization
- 7.21.18. approveServiceKey
- 7.21.19. deleteServiceKey
- 7.21.20. updateServiceKey
- 7.21.21. getServiceKey
- 7.21.22. getRepoBuildStatusSuperUser
- 7.21.23. getRepoBuildSuperUser
- 7.21.24. getRepoBuildLogsSuperUser
- 7.21.25. getRegistrySize
- 7.21.26. postRegistrySize
- 7.22. tag
- 7.23. team
- 7.24. trigger
- 7.25. user
- 7.26. Definitions
- 8. API configuration examples
Preface
+
- Preface
- 1. Introduction to Red Hat Quay OAuth 2.0 tokens
- 2. OAuth 2 access tokens
- 3. Robot account tokens
- 4. OCI referrers OAuth access token
- 5. Enabling and using the Red Hat Quay API
- 6. Red Hat Quay API examples
- 6.1. Managing a user application by using the API
- 6.2. Discovering Red Hat Quay API endpoints
- 6.3. Obtaining Red Hat Quay API error details
- 6.4. Global messages
- 6.5. Viewing usage logs by using the API
- 6.6. Exporting logs by using the API
- 6.7. Adding and managing labels by using the API
- 6.8. Using the API to mirror a repository
- 6.9. Establishing quota with the Red Hat Quay API
- 6.10. Establishing quota with the Red Hat Quay API
- 6.10.1. Creating an organization by using the Red Hat Quay API
- 6.10.2. Deleting an organization by using the Red Hat Quay API
- 6.10.3. Retrieving organization member information by using the API
- 6.10.4. Creating an organization application by using the Red Hat Quay API
- 6.10.5. Configuring a proxy cache for an organization by using the Red Hat Quay API
- 6.11. Managing repository permissions by using the Red Hat Quay API
- 6.12. Managing auto-prune policies by using the Red Hat Quay API
- 6.12.1. Creating an auto-prune policy for a namespace by using the Red Hat Quay API
- 6.12.2. Creating an auto-prune policy for a namespace for the current user by using the API
- 6.12.3. Creating an auto-prune policy for a repository using the Red Hat Quay API
- 6.12.4. Creating an auto-prune policy on a repository for a user with the API
- 6.12.5. Managing team members and repository permissions by using the API
- 7. Red Hat Quay Application Programming Interface (API)
- 7.1. Authorization
- 7.2. appspecifictokens
- 7.3. build
- 7.4. discovery
- 7.5. error
- 7.6. globalmessages
- 7.7. logs
- 7.8. manifest
- 7.9. mirror
- 7.10. namespacequota
- 7.10.1. listUserQuota
- 7.10.2. getOrganizationQuotaLimit
- 7.10.3. changeOrganizationQuotaLimit
- 7.10.4. deleteOrganizationQuotaLimit
- 7.10.5. createOrganizationQuotaLimit
- 7.10.6. listOrganizationQuotaLimit
- 7.10.7. getUserQuotaLimit
- 7.10.8. listUserQuotaLimit
- 7.10.9. getOrganizationQuota
- 7.10.10. changeOrganizationQuota
- 7.10.11. deleteOrganizationQuota
- 7.10.12. createOrganizationQuota
- 7.10.13. listOrganizationQuota
- 7.10.14. getUserQuota
- 7.11. organization
- 7.11.1. createOrganization
- 7.11.2. validateProxyCacheConfig
- 7.11.3. getOrganizationCollaborators
- 7.11.4. getOrganizationApplication
- 7.11.5. updateOrganizationApplication
- 7.11.6. deleteOrganizationApplication
- 7.11.7. createOrganizationApplication
- 7.11.8. getOrganizationApplications
- 7.11.9. getProxyCacheConfig
- 7.11.10. deleteProxyCacheConfig
- 7.11.11. createProxyCacheConfig
- 7.11.12. getOrganizationMember
- 7.11.13. removeOrganizationMember
- 7.11.14. getOrganizationMembers
- 7.11.15. getOrganization
- 7.11.16. changeOrganizationDetails
- 7.11.17. deleteAdminedOrganization
- 7.11.18. getApplicationInformation
- 7.12. permission
- 7.13. policy
- 7.13.1. createOrganizationAutoPrunePolicy
- 7.13.2. listOrganizationAutoPrunePolicies
- 7.13.3. getOrganizationAutoPrunePolicy
- 7.13.4. deleteOrganizationAutoPrunePolicy
- 7.13.5. updateOrganizationAutoPrunePolicy
- 7.13.6. createRepositoryAutoPrunePolicy
- 7.13.7. listRepositoryAutoPrunePolicies
- 7.13.8. getRepositoryAutoPrunePolicy
- 7.13.9. deleteRepositoryAutoPrunePolicy
- 7.13.10. updateRepositoryAutoPrunePolicy
- 7.13.11. createUserAutoPrunePolicy
- 7.13.12. listUserAutoPrunePolicies
- 7.13.13. getUserAutoPrunePolicy
- 7.13.14. deleteUserAutoPrunePolicy
- 7.13.15. updateUserAutoPrunePolicy
- 7.14. prototype
- 7.15. referrers
- 7.16. repository
- 7.17. repositorynotification
- 7.18. robot
- 7.18.1. getUserRobots
- 7.18.2. getOrgRobotPermissions
- 7.18.3. regenerateOrgRobotToken
- 7.18.4. getUserRobotPermissions
- 7.18.5. regenerateUserRobotToken
- 7.18.6. getOrgRobot
- 7.18.7. createOrgRobot
- 7.18.8. deleteOrgRobot
- 7.18.9. getOrgRobots
- 7.18.10. getUserRobot
- 7.18.11. createUserRobot
- 7.18.12. deleteUserRobot
- 7.18.13. Auth Federated Robot Token
- 7.18.14. createOrgRobotFederation
- 7.19. search
- 7.20. secscan
- 7.21. superuser
- 7.21.1. createInstallUser
- 7.21.2. deleteInstallUser
- 7.21.3. listAllUsers
- 7.21.4. listAllLogs
- 7.21.5. listAllOrganizations
- 7.21.6. createServiceKey
- 7.21.7. listServiceKeys
- 7.21.8. changeUserQuotaSuperUser
- 7.21.9. deleteUserQuotaSuperUser
- 7.21.10. createUserQuotaSuperUser
- 7.21.11. listUserQuotaSuperUser
- 7.21.12. changeOrganizationQuotaSuperUser
- 7.21.13. deleteOrganizationQuotaSuperUser
- 7.21.14. createOrganizationQuotaSuperUser
- 7.21.15. listOrganizationQuotaSuperUser
- 7.21.16. changeOrganization
- 7.21.17. deleteOrganization
- 7.21.18. approveServiceKey
- 7.21.19. deleteServiceKey
- 7.21.20. updateServiceKey
- 7.21.21. getServiceKey
- 7.21.22. getRepoBuildStatusSuperUser
- 7.21.23. getRepoBuildSuperUser
- 7.21.24. getRepoBuildLogsSuperUser
- 7.21.25. getRegistrySize
- 7.21.26. postRegistrySize
- 7.22. tag
- 7.23. team
- 7.24. trigger
- 7.25. user
- 7.26. Definitions
- 8. API configuration examples
Preface
The Red Hat Quay application programming interface (API) provides a comprehensive, RESTful interface for managing and automating tasks within Red Hat Quay. Designed around the OAuth 2.0 protocol, this API enables secure, fine-grained access to Red Hat Quay resources, and allows administrators and users to perform such actions as creating repositories, managing images, setting permissions, and more.
Red Hat Quay follows Semantic Versioning (SemVer) principles, ensuring predictable API stability across releases, such as: @@ -489,63 +489,63 @@ You have created an OAuth 2 access token.
Procedure
You can obtain error details of the API by entering the
GET /api/v1/error/{error_type}endpoint. Note that you must include one of the following error codes: -HTTP Code Description Schema + HTTP Code Description Schema 200
-+ Successful invocation
-+ - + 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1107,7 +1107,190 @@ -H "Authorization: Bearer <access_token>" \ "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/team/<teamname>" This command does not return output in the CLI. -
6.11.3. Managing team members and repository permissions by using the API
+
6.12. Managing auto-prune policies by using the Red Hat Quay API
+ Auto-prune policies can be created, retrieved, changed, and delete for organizations, repositories, and users by using the Red Hat Quay API. +
6.12.1. Creating an auto-prune policy for a namespace by using the Red Hat Quay API
+ You can use Red Hat Quay API endpoints to manage auto-pruning policies for an namespace. +
Prerequisites
-
+ You have set
BROWSER_API_CALLS_XHR_ONLY: falsein yourconfig.yamlfile. + - + You have created an OAuth access token. +
- + You have logged into Red Hat Quay. +
Procedure
+ Enter the following
POST /api/v1/organization/{orgname}/autoprunepolicy/command create a new policy that limits the number of tags allowed in an organization: +$ curl -X POST -H "Authorization: Bearer <access_token>" -H "Content-Type: application/json" -d '{"method": "number_of_tags", "value": 10}' http://<quay-server.example.com>/api/v1/organization/<organization_name>/autoprunepolicy/+ Alternatively, you can can set tags to expire for a specified time after their creation date: +
$ curl -X POST -H "Authorization: Bearer <access_token>" -H "Content-Type: application/json" -d '{ +"method": "creation_date", "value": "7d"}' http://<quay-server.example.com>/api/v1/organization/<organization_name>/autoprunepolicy/Example output
+ +
{"uuid": "73d64f05-d587-42d9-af6d-e726a4a80d6e"}++ Optional. You can add an additional policy to an organization and pass in the
tagPatternandtagPatternMatchesfields to prune only tags that match the given regex pattern. For example: +$ curl -X POST \ + -H "Authorization: Bearer <bearer_token>" \ + -H "Content-Type: application/json" \ + -d '{ + "method": "creation_date", + "value": "7d", + "tagPattern": "^v*", + "tagPatternMatches": <true> 1 + }' \ + "https://<quay-server.example.com>/api/v1/organization/<organization_name>/autoprunepolicy/"- 1
- + Setting
tagPatternMatchestotruemakes it so that tags that match the given regex pattern will be pruned. In this example, tags that match^v*are pruned. +
Example output
+ +
{"uuid": "ebf7448b-93c3-4f14-bf2f-25aa6857c7b0"}++ You can update your organization’s auto-prune policy by using the
PUT /api/v1/organization/{orgname}/autoprunepolicy/{policy_uuid}command. For example: +$ curl -X PUT -H "Authorization: Bearer <bearer_token>" -H "Content-Type: application/json" -d '{ + "method": "creation_date", + "value": "4d", + "tagPattern": "^v*", + "tagPatternMatches": true + }' "<quay-server.example.com>/api/v1/organization/<organization_name>/autoprunepolicy/<uuid>"+ This command does not return output. Continue to the next step. +
+ Check your auto-prune policy by entering the following command: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/organization/<organization_name>/autoprunepolicy/
Example output
+ +
{"policies": [{"uuid": "ebf7448b-93c3-4f14-bf2f-25aa6857c7b0", "method": "creation_date", "value": "4d", "tagPattern": "^v*", "tagPatternMatches": true}, {"uuid": "da4d0ad7-3c2d-4be8-af63-9c51f9a501bc", "method": "number_of_tags", "value": 10, "tagPattern": null, "tagPatternMatches": true}, {"uuid": "17b9fd96-1537-4462-a830-7f53b43f94c2", "method": "creation_date", "value": "7d", "tagPattern": "^v*", "tagPatternMatches": true}]}++ You can delete the auto-prune policy for your organization by entering the following command. Note that deleting the policy requires the UUID. +
$ curl -X DELETE -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/organization/<organization_name>/autoprunepolicy/73d64f05-d587-42d9-af6d-e726a4a80d6e
6.12.2. Creating an auto-prune policy for a namespace for the current user by using the API
+ You can use Red Hat Quay API endpoints to manage auto-pruning policies for your account. +
Note+ The use of
/user/in the following commands represents the user that is currently logged into Red Hat Quay. +Prerequisites
-
+ You have set
BROWSER_API_CALLS_XHR_ONLY: falsein yourconfig.yamlfile. + - + You have created an OAuth access token. +
- + You have logged into Red Hat Quay. +
Procedure
+ Enter the following
POSTcommand create a new policy that limits the number of tags for the current user: +$ curl -X POST -H "Authorization: Bearer <access_token>" -H "Content-Type: application/json" -d '{"method": "number_of_tags", "value": 10}' http://<quay-server.example.com>/api/v1/user/autoprunepolicy/Example output
+ +
{"uuid": "8c03f995-ca6f-4928-b98d-d75ed8c14859"}++ Check your auto-prune policy by entering the following command: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/user/autoprunepolicy/
+ Alternatively, you can include the UUID: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/user/autoprunepolicy/8c03f995-ca6f-4928-b98d-d75ed8c14859
Example output
+ +
{"policies": [{"uuid": "8c03f995-ca6f-4928-b98d-d75ed8c14859", "method": "number_of_tags", "value": 10}]}++ You can delete the auto-prune policy by entering the following command. Note that deleting the policy requires the UUID. +
$ curl -X DELETE -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/user/autoprunepolicy/8c03f995-ca6f-4928-b98d-d75ed8c14859
Example output
+ +
{"uuid": "8c03f995-ca6f-4928-b98d-d75ed8c14859"}+
6.12.3. Creating an auto-prune policy for a repository using the Red Hat Quay API
+ You can use Red Hat Quay API endpoints to manage auto-pruning policies for an repository. +
Prerequisites
-
+ You have set
BROWSER_API_CALLS_XHR_ONLY: falsein yourconfig.yamlfile. + - + You have created an OAuth access token. +
- + You have logged into Red Hat Quay. +
Procedure
+ Enter the following
POST /api/v1/repository/{repository}/autoprunepolicy/command create a new policy that limits the number of tags allowed in an organization: +$ curl -X POST -H "Authorization: Bearer <access_token>" -H "Content-Type: application/json" -d '{"method": "number_of_tags","value": 2}' http://<quay-server.example.com>/api/v1/repository/<organization_name>/<repository_name>/autoprunepolicy/+ Alternatively, you can can set tags to expire for a specified time after their creation date: +
$ curl -X POST -H "Authorization: Bearer <access_token>" -H "Content-Type: application/json" -d '{"method": "creation_date", "value": "7d"}' http://<quay-server.example.com>/api/v1/repository/<organization_name>/<repository_name>/autoprunepolicy/Example output
+ +
{"uuid": "ce2bdcc0-ced2-4a1a-ac36-78a9c1bed8c7"}++ Optional. You can add an additional policy and pass in the
tagPatternandtagPatternMatchesfields to prune only tags that match the given regex pattern. For example: +$ curl -X POST \ + -H "Authorization: Bearer <access_token>" \ + -H "Content-Type: application/json" \ + -d '{ + "method": "<creation_date>", + "value": "<7d>", + "tagPattern": "<^test.>*", + "tagPatternMatches": <false> 1 + }' \ + "https://<quay-server.example.com>/api/v1/repository/<organization_name>/<repository_name>/autoprunepolicy/"- 1
- + Setting
tagPatternMatchestofalsemakes it so that tags that all tags that do not match the given regex pattern are pruned. In this example, all tags but^test.are pruned. +
Example output
+ +
{"uuid": "b53d8d3f-2e73-40e7-96ff-736d372cd5ef"}++ You can update your policy for the repository by using the
PUT /api/v1/repository/{repository}/autoprunepolicy/{policy_uuid}command and passing in the UUID. For example: +$ curl -X PUT \ + -H "Authorization: Bearer <bearer_token>" \ + -H "Content-Type: application/json" \ + -d '{ + "method": "number_of_tags", + "value": "5", + "tagPattern": "^test.*", + "tagPatternMatches": true + }' \ + "https://quay-server.example.com/api/v1/repository/<namespace>/<repo_name>/autoprunepolicy/<uuid>"+ This command does not return output. Continue to the next step to check your auto-prune policy. +
+ Check your auto-prune policy by entering the following command: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/repository/<organization_name>/<repository_name>/autoprunepolicy/
+ Alternatively, you can include the UUID: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/repository/<organization_name>/<repository_name>/autoprunepolicy/ce2bdcc0-ced2-4a1a-ac36-78a9c1bed8c7
Example output
+ +
{"policies": [{"uuid": "ce2bdcc0-ced2-4a1a-ac36-78a9c1bed8c7", "method": "number_of_tags", "value": 10}]}++ You can delete the auto-prune policy by entering the following command. Note that deleting the policy requires the UUID. +
$ curl -X DELETE -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/repository/<organization_name>/<repository_name>/autoprunepolicy/ce2bdcc0-ced2-4a1a-ac36-78a9c1bed8c7
Example output
+ +
{"uuid": "ce2bdcc0-ced2-4a1a-ac36-78a9c1bed8c7"}+
6.12.4. Creating an auto-prune policy on a repository for a user with the API
+ You can use Red Hat Quay API endpoints to manage auto-pruning policies on a repository for user accounts that are not your own, so long as you have
adminprivileges on the repository. +Prerequisites
-
+ You have set
BROWSER_API_CALLS_XHR_ONLY: falsein yourconfig.yamlfile. + - + You have created an OAuth access token. +
- + You have logged into Red Hat Quay. +
-
+ You have
adminprivileges on the repository that you are creating the policy for. +
Procedure
+ Enter the following
POST /api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/command create a new policy that limits the number of tags for the user: +$ curl -X POST -H "Authorization: Bearer <access_token>" -H "Content-Type: application/json" -d '{"method": "number_of_tags","value": 2}' https://<quay-server.example.com>/api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/Example output
+ +
{"uuid": "7726f79c-cbc7-490e-98dd-becdc6fefce7"}++ Optional. You can add an additional policy for the current user and pass in the
tagPatternandtagPatternMatchesfields to prune only tags that match the given regex pattern. For example: +$ curl -X POST \ + -H "Authorization: Bearer <bearer_token>" \ + -H "Content-Type: application/json" \ + -d '{ + "method": "creation_date", + "value": "7d", + "tagPattern": "^v*", + "tagPatternMatches": true + }' \ + "http://<quay-server.example.com>/api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/"Example output
+ +
{"uuid": "b3797bcd-de72-4b71-9b1e-726dabc971be"}++ You can update your policy for the current user by using the
PUT /api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/<policy_uuid>command. For example: +$ curl -X PUT -H "Authorization: Bearer <bearer_token>" -H "Content-Type: application/json" -d '{ + "method": "creation_date", + "value": "4d", + "tagPattern": "^test.", + "tagPatternMatches": true + }' "https://<quay-server.example.com>/api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/<policy_uuid>"+ Updating a policy does not return output in the CLI. +
+ Check your auto-prune policy by entering the following command: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/
+ Alternatively, you can include the UUID: +
$ curl -X GET -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/7726f79c-cbc7-490e-98dd-becdc6fefce7
Example output
+ +
{"uuid": "81ee77ec-496a-4a0a-9241-eca49437d15b", "method": "creation_date", "value": "7d", "tagPattern": "^v*", "tagPatternMatches": true}++ You can delete the auto-prune policy by entering the following command. Note that deleting the policy requires the UUID. +
$ curl -X DELETE -H "Authorization: Bearer <access_token>" http://<quay-server.example.com>/api/v1/repository/<user_account>/<user_repository>/autoprunepolicy/<policy_uuid>
Example output
+ +
{"uuid": "7726f79c-cbc7-490e-98dd-becdc6fefce7"}+
6.12.5. Managing team members and repository permissions by using the API
Use the following procedures to add a member to a team (by direct invite or by email), or to remove a member from a team.
Prerequisites
-
You have Created an OAuth access token.
@@ -1145,67 +1328,67 @@
oauth2_implicit
Scopes
The following scopes are used to control access to the API endpoints: -
Scope Description + Scope Description repo:read
-+ This application will be able to view and pull all repositories visible to the granting user or robot account
-+ repo:write
-+ This application will be able to view, push and pull to all repositories to which the granting user or robot account has write access
-+ repo:admin
-+ This application will have administrator access to all repositories to which the granting user or robot account has access
-+ repo:create
-+ This application will be able to create repositories in to any namespaces that the granting user or robot account is allowed to create repositories
-+ user:read
-+ This application will be able to read user information such as username and email address.
-+ org:admin
-+ This application will be able to administer your organizations including creating robots, creating teams, adjusting team membership, and changing billing settings. You should have absolute trust in the requesting application before granting this permission.
-+ super:user
-+ This application will be able to administer your installation including managing users, managing organizations and other features found in the superuser panel. You should have absolute trust in the requesting application before granting this permission.
-+ user:admin
-+ This application will be able to administer your account including creating robots and granting them permissions to your repositories. You should have absolute trust in the requesting application before granting this permission.
@@ -1217,71 +1400,71 @@ Authorizations: oauth2_implicit (user:admin)Request body schema (application/json)
Description of a new token. -
Name Description Schema + Name Description Schema title
-
required+ Friendly name to help identify the token
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 201
-+ Successful creation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1295,75 +1478,75 @@ Lists the app specific tokens for the user. GET /api/v1/user/apptoken
Authorizations: oauth2_implicit (user:admin) -
Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ expiring
-
optional+ If true, only returns those tokens expiring soon
-+ boolean
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1373,75 +1556,75 @@ Returns a specific app token for the user. GET /api/v1/user/apptoken/{token_uuid}
Authorizations: oauth2_implicit (user:admin) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ token_uuid
-
required+ The uuid of the app specific token
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1451,75 +1634,75 @@ Revokes a specific app token for the user. DELETE /api/v1/user/apptoken/{token_uuid}
Authorizations: oauth2_implicit (user:admin) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ token_uuid
-
required+ The uuid of the app specific token
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 204
-+ Deleted
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1531,91 +1714,91 @@ Return the status for the builds specified by the build uuids. GET /api/v1/repository/{repository}/build/{build_uuid}/status
Authorizations: oauth2_implicit (repo:read) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ repository
-
required+ The full path of the repository. e.g. namespace/name
-+ string
-+ path
-+ build_uuid
-
required+ The UUID of the build
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1623,91 +1806,91 @@ Return the build logs for the build specified by the build uuid. GET /api/v1/repository/{repository}/build/{build_uuid}/logs
Authorizations: oauth2_implicit (repo:read) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ repository
-
required+ The full path of the repository. e.g. namespace/name
-+ string
-+ path
-+ build_uuid
-
required+ The UUID of the build
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1715,91 +1898,91 @@ Returns information about a build. GET /api/v1/repository/{repository}/build/{build_uuid}
Authorizations: oauth2_implicit (repo:read) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ repository
-
required+ The full path of the repository. e.g. namespace/name
-+ string
-+ path
-+ build_uuid
-
required+ The UUID of the build
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1807,91 +1990,91 @@ Cancels a repository build. DELETE /api/v1/repository/{repository}/build/{build_uuid}
Authorizations: oauth2_implicit (repo:admin) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ repository
-
required+ The full path of the repository. e.g. namespace/name
-+ string
-+ path
-+ build_uuid
-
required+ The UUID of the build
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 204
-+ Deleted
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -1899,161 +2082,161 @@ Request that a repository be built and pushed from the specified input. POST /api/v1/repository/{repository}/build/
Authorizations: oauth2_implicit (repo:write) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ repository
-
required+ The full path of the repository. e.g. namespace/name
-+ string
Request body schema (application/json)
Description of a new repository build. -
Name Description Schema + Name Description Schema file_id
-
optional+ The file id that was generated when the build spec was uploaded
-+ string
-+ archive_url
-
optional+ The URL of the .tar.gz to build. Must start with "http" or "https".
-+ string
-+ subdirectory
-
optional+ Subdirectory in which the Dockerfile can be found. You can only specify this or dockerfile_path
-+ string
-+ dockerfile_path
-
optional+ Path to a dockerfile. You can only specify this or subdirectory.
-+ string
-+ context
-
optional+ Pass in the context for the dockerfile. This is optional.
-+ string
-+ pull_robot
-
optional+ Username of a Quay robot account to use as pull credentials
-+ string
-+ tags
-
optional+ The tags to which the built images will be pushed. If none specified, "latest" is used.
-+ array of string
-non-emptyuniqueResponses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 201
-+ Successful creation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2061,107 +2244,107 @@ Get the list of repository builds. GET /api/v1/repository/{repository}/build/
Authorizations: oauth2_implicit (repo:read) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ repository
-
required+ The full path of the repository. e.g. namespace/name
-+ string
-Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ since
-
optional+ Returns all builds since the given unix timecode
-+ integer
-+ query
-+ limit
-
optional+ The maximum number of builds to return
-+ integer
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2171,75 +2354,75 @@ List all of the API endpoints available in the swagger API format. GET /api/v1/discovery
Authorizations: -
Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ internal
-
optional+ Whether to include internal APIs.
-+ boolean
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2250,79 +2433,79 @@ Get a detailed description of the error. GET /api/v1/error/{error_type}
Authorizations: -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ error_type
-
required+ The error code identifying the type of error.
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ - + 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2335,71 +2518,71 @@ Authorizations: oauth2_implicit (super:user) Request body schema (application/json)
Create a new message -
Name Description Schema + Name Description Schema message
-
required+ A single message
-+ object
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 201
-+ Successful creation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2416,59 +2599,59 @@ Return a super users messages. GET /api/v1/messages
Authorizations: -
Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2477,71 +2660,71 @@ Delete a message. DELETE /api/v1/message/{uuid}
Authorizations: oauth2_implicit (super:user) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ uuid
-
required+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 204
-+ Deleted
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2552,107 +2735,107 @@ Returns the aggregated logs for the current user. GET /api/v1/user/aggregatelogs
Authorizations: oauth2_implicit (user:admin) -
Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ performer
-
optional+ Username for which to filter logs.
-+ string
-+ query
-+ endtime
-
optional+ Latest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-+ query
-+ starttime
-
optional+ Earliest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2663,117 +2846,117 @@ Returns the aggregated logs for the current user. POST /api/v1/user/exportlogs
Authorizations: oauth2_implicit (user:admin) -
Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ endtime
-
optional+ Latest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-+ query
-+ starttime
-
optional+ Earliest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
Request body schema (application/json)
Configuration for an export logs operation -
Name Description Schema + Name Description Schema callback_url
-
optional+ The callback URL to invoke with a link to the exported logs
-+ string
-+ callback_email
-
optional+ The e-mail address at which to e-mail a link to the exported logs
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 201
-+ Successful creation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2790,123 +2973,123 @@ List the logs for the current user. GET /api/v1/user/logs
Authorizations: oauth2_implicit (user:admin) -
Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ next_page
-
optional+ The page token for the next page
-+ string
-+ query
-+ performer
-
optional+ Username for which to filter logs.
-+ string
-+ query
-+ endtime
-
optional+ Latest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-+ query
-+ starttime
-
optional+ Earliest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -2914,123 +3097,123 @@ Gets the aggregated logs for the specified organization. GET /api/v1/organization/{orgname}/aggregatelogs
Authorizations: oauth2_implicit (org:admin) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ orgname
-
required+ The name of the organization
-+ string
-Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ performer
-
optional+ Username for which to filter logs.
-+ string
-+ query
-+ endtime
-
optional+ Latest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-+ query
-+ starttime
-
optional+ Earliest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 200
-+ Successful invocation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -3041,133 +3224,133 @@ Exports the logs for the specified organization. POST /api/v1/organization/{orgname}/exportlogs
Authorizations: oauth2_implicit (org:admin) -
Path parameters
Type Name Description Schema + Path parameters
Type Name Description Schema path
-+ orgname
-
required+ The name of the organization
-+ string
-Query parameters
Type Name Description Schema + Query parameters
Type Name Description Schema query
-+ endtime
-
optional+ Latest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
-+ query
-+ starttime
-
optional+ Earliest time for logs. Format: "%m/%d/%Y" in UTC.
-+ string
Request body schema (application/json)
Configuration for an export logs operation -
Name Description Schema + Name Description Schema callback_url
-
optional+ The callback URL to invoke with a link to the exported logs
-+ string
-+ callback_email
-
optional+ The e-mail address at which to e-mail a link to the exported logs
-+ string
-Responses
HTTP Code Description Schema + Responses
HTTP Code Description Schema 201
-+ Successful creation
-+ 400
-+ Bad Request
-+ - + 401
-+ Session required
-+ - + 403
-+ Unauthorized access
-+ - + 404
-+ Not found
-+ @@ -3184,139 +3367,139 @@ List the logs for the specified organization. GET /api/v1/organization/{orgname}/logs
Authorizations: oauth2_implicit (org:admin) -
Path parameters
Type Name Description Schema + Path parameters
-
+ You have set