How can I list all tags for a Docker image on a remote registry?

Question

How can I list all tags of a Docker image on a remote Docker registry using the CLI (preferred) or curl?

Preferably without pulling all versions from the remote regi

Answer 1

I've managed to get it working using curl:

curl -u <username>:<password> https://myrepo.example/v1/repositories/<username>/<image_name>/tags

Note that image_name should not contain user details etc. For example if you're pushing image named myrepo.example/username/x then image_name should be x.

Answer 2

Get all tags from Docker Hub: this command uses the command-line JSON processor jq to select the tag names from the JSON returned by the Docker Hub Registry (the quotes are removed with tr). Replace library with the Docker Hub user name, debian with the image name:

curl -s 'https://registry.hub.docker.com/v2/repositories/library/debian/tags/' | jq -r '."results"[]["name"]'

Answer 3

If you want to use the docker registry v2 API, it lists tags by pages. To list all the tags of an image, you may would like to add a large page_size parameter to the url, e.g.

curl -L -s 'https://registry.hub.docker.com/v2/repositories/library/centos/tags?page_size=1024'|jq '."results"[]["name"]'

Answer 4

The Docker V2 API requires an OAuth bearer token with the appropriate claims. In my opinion, the official documentation is rather vague on the topic. So that others don't go through the same pain I did, I offer the below docker-tags function.

The most recent version of docker-tags can be found in my GitHubGist : "List Docker Image Tags using bash".

The docker-tags function has a dependency on jq. If you're playing with JSON, you likely already have it.

#!/usr/bin/env bash
docker-tags() {
    arr=("$@")

    for item in "${arr[@]}";
    do
        tokenUri="https://auth.docker.io/token"
        data=("service=registry.docker.io" "scope=repository:$item:pull")
        token="$(curl --silent --get --data-urlencode ${data[0]} --data-urlencode ${data[1]} $tokenUri | jq --raw-output '.token')"
        listUri="https://registry-1.docker.io/v2/$item/tags/list"
        authz="Authorization: Bearer $token"
        result="$(curl --silent --get -H "Accept: application/json" -H "Authorization: Bearer $token" $listUri | jq --raw-output '.')"
        echo $result
    done
}

Example

docker-tags "microsoft/nanoserver" "microsoft/dotnet" "library/mongo" "library/redis"

Admittedly, docker-tags makes several assumptions. Specifically, the OAuth request parameters are mostly hard coded. A more ambitious implementation would make an unauthenticated request to the registry and derive the OAuth parameters from the unauthenticated response.

Answer 5

curl -u <username>:<password> https://$your_registry/v2/$image_name/tags/list -s -o - | \
    tr -d '{' | tr -d '}' | sed -e 's/[][]//g' -e 's/"//g' -e 's/ //g' | \
    awk -F: '{print $3}' | sed -e 's/,/\n/g'

You can use it if your env has no 'jq', = )

Answer 6

In powershell 5.1, I have a simple list_docker_image_tags.ps1 script like this:

[CmdletBinding()]
param (
    [Parameter(Mandatory = $true)]
    [string]
    $image
)

$url = "https://registry.hub.docker.com/v1/repositories/{0}/tags" -f $image 
Invoke-WebRequest $url  | ConvertFrom-Json | Write-Output

Then I can grep for 4.7 tags like this:

./list_docker_image_tags.ps1 microsoft/dotnet-framework | ?{ $_.name -match "4.7" }