镜像接口
更新时间:2022-08-05
使用前提
查询镜像仓库Tag列表
接口描述
查询目标镜像仓库Tag列表。
请求结构
GET /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags?tagName={tagName}&pageNo={pageNo}&pageSize={pageSize} HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 否 | Query参数 | Tag名称,可用于模糊查询 |
| pageNo | Integer | 否 | Query参数 | 当前页,默认为1 |
| pageSize | Integer | 否 | Query参数 | 每页记录数,默认为10 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| total | Integer | 镜像仓库Tag总数 |
| pageNo | Integer | 当前页 |
| pageSize | Integer | 每页记录数 |
| Items | List<Tag> | Tag结果列表 |
请求示例
GET /v1/instances/instances-test/projects/ns-test/repositories/ubuntu/tags?tagName=18.051&pageNo=1&pageSize=10 HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T08:26:41Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 08:26:41 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: 6cee2df3-0505-4044-9f12-65db07ebbcd7
{
"total": 1,
"pageNo": 1,
"pageSize": 10,
"items": [
{
"tagName": "18.051",
"digest": "sha256:ed8e0d11fdf57ec2d2c7bef1bb38b117c1e757a0b5e853f67047c1c0bd8f0e5b",
"projectId": 8,
"pullTime": "0001-01-01T00:00:00.000Z",
"pushTime": "2022-08-01T02:51:42.007Z",
"repositoryId": 4,
"architecture": "amd64",
"os": "linux",
"author": "",
"type": "IMAGE",
"size": 36001590,
"scanOverview": {
"scanStatus": "None",
"startTime": "",
"endTime": "",
"reportId": "",
"severity": "None"
}
}
]
}查询镜像Tag详情
接口描述
查询单个镜像Tag详细信息。
请求结构
GET /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName} HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 是 | Path参数 | Tag名称 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| architecture | String | 镜像仓库(repository)架构 |
| author | String | 发布者 |
| digest | String | 制品hash值 |
| os | String | 操作系统类型 |
| projectId | Integer | 制品所属的命名空间ID |
| pullTime | String | Tag最新的拉取时间,格式为date-time |
| pushTime | String | Tag推送时间,格式为date-time |
| repositoryId | Integer | 制品所属的镜像仓库ID |
| scanOverview | Tag.ScanOverview | 漏洞扫描信息 |
| size | Integer | 制品大小 |
| tagName | String | Tag名称 |
| type | String | 制品类别,例如:image,chart |
请求示例
GET /v1/instances/ccr-4k74gw7d/projects/ns-test/repositories/ubuntu/tags/18.051 HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T13:07:36Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 13:07:37 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: d8bb93db-9e4e-436e-b67c-91847b161c43
{
"tagName": "18.051",
"digest": "sha256:ed8e0d11fdf57ec2d2c7bef1bb38b117c1e757a0b5e853f67047c1c0bd8f0e5b",
"projectId": 8,
"pullTime": "0001-01-01T00:00:00.000Z",
"pushTime": "2022-08-01T02:51:42.007Z",
"repositoryId": 4,
"architecture": "",
"os": "",
"author": "",
"type": "IMAGE",
"size": 36001590,
"scanOverview": {
"scanStatus": "None",
"startTime": "",
"endTime": "",
"reportId": "",
"severity": "None"
}
}批量删除镜像Tag
接口描述
批量删除镜像Tag。
请求结构
DELETE /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string
{
"items": {items}
}请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| items | List<String> | 是 | Body参数 | Tag名称数组 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
如果请求成功无响应参数。如果请求失败则返回标准错误结构。
请求示例
DELETE /v1/instances/instances-test/projects/ns-test/repositories/ubuntu/tags HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T08:26:41Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6
{
"items": [
"18.053",
"18.054"
]
}响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 12:30:44 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: fed4cbbf-fc67-46ed-a3f5-2dcdc30a08ed删除单个镜像Tag
接口描述
删除单个镜像Tag。
请求结构
DELETE /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName} HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 是 | Path参数 | Tag名称 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
如果请求成功无响应参数。如果请求失败则返回标准错误结构。
请求示例
DELETE /v1/instances/instances-test/projects/ns-test/repositories/ubuntu/tags/18.051 HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T08:26:41Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 12:30:44 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: fed4cbbf-fc67-46ed-a3f5-2dcdc30a08ed查询构建历史
接口描述
查询构建历史。
请求结构
GET /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName}/buildhistory HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 是 | Path参数 | Tag名称 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| items | List<BuildHistory> | 目标Tag构建历史集合 |
请求示例
GET /v1/instances/ccr-4k74gw7d/projects/ns-test/repositories/ubuntu/tags/18.051/buildhistory HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T13:07:36Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 13:59:42 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: 330eb4d3-1ad9-4a3d-ac12-e5c6f447f4a1
{
"items": [
{
"created": "2020-07-24T14:38:19.482Z",
"comment": "",
"createdBy": "/bin/sh -c #(nop) ADD file:7d9bbf45a5b2510d44d3206a028cf6502757884d49e46d3d2e6356c3a92c4309 in / ",
"emptyLayer": false
},
{
"created": "2020-07-24T14:38:20.335Z",
"comment": "",
"createdBy": "/bin/sh -c [ -z \"$(apt-get indextargets)\" ]",
"emptyLayer": false
}
]
}镜像扫描
接口描述
对目标Tag进行镜像扫描。
请求结构
POST /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName}/scan HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 是 | Path参数 | Tag名称 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
如果请求成功无响应参数。如果请求失败则返回标准错误结构。
请求示例
POST /v1/instances/ccr-4k74gw7d/projects/ns-test/repositories/ubuntu/tags/18.051/scan HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T13:07:36Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 14:15:13 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: 3eff2bc8-2310-4f95-874c-e65ed3a68a7b镜像扫描日志
接口描述
镜像扫描日志。
请求结构
GET /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName}/scan/{reportId}/log HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 是 | Path参数 | Tag名称 |
| reportId | String | 是 | Path参数 | 扫描日志ID |
响应头域
除公共头域外,无其它特殊头域。
响应参数
如果请求成功无响应参数。如果请求失败则返回标准错误结构。
请求示例
GET /v1/instances/ccr-4k74gw7d/projects/ns-test/repositories/ubuntu/tags/18.051/scan/9217baed-cf5a-45f6-b14c-b9a0e76cb664/log HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T13:07:36Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 14:15:13 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: 3eff2bc8-2310-4f95-874c-e65ed3a68a7b查询镜像漏洞
接口描述
查询镜像漏洞。
请求结构
GET /v1/instances/{instanceId}/projects/{projectName}/repositories/{repositoryName}/tags/{tagName}/scanoverview?pageNo={pageNo}&pageSize={pageSize} HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| instanceId | String | 是 | Path参数 | CCR实例ID |
| projectName | String | 是 | Path参数 | 命名空间名称 |
| repositoryName | String | 是 | Path参数 | 镜像仓库名称 |
| tagName | String | 是 | Path参数 | Tag名称 |
| pageNo | Integer | 否 | Query参数 | 当前页 |
| pageSize | Integer | 否 | Query参数 | 每页记录数 |
响应头域
除公共头域外,无其它特殊头域。
响应参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| items | List<Artifact.ScanOverview> | 漏洞扫描结果列表 |
| lastScanTime | String | 最近一次扫描时间 |
| pageNo | Integer | 当前页,默认为1 |
| pageSize | Integer | 每页记录数,默认为10 |
| summary | Object | 不同严重程度的漏洞数量 |
| total | Integer | 漏洞总数 |
请求示例
GET /v1/instances/ccr-4k74gw7d/projects/ns-test/repositories/ubuntu/tags/18.051/scanoverview HTTP/1.1
Host: ccr.bd.baidubce.com
Authorization: bce-auth-v1/123456/2022-08-01T13:07:36Z/1800/host/0a859ce949951fe15a4eb6874a9765f9e8a6f7147f206cf47e270c34c862b8c6响应示例
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Date: Mon, 01 Aug 2022 13:07:37 GMT
X-Bce-Gateway-Region: BJ
X-Bce-Request-Id: 0dba647a-57ae-496d-b409-b9a25e2613c2
{
"total": 209,
"pageNo": 1,
"pageSize": 10,
"summary": {
"High": 8,
"Low": 103,
"Medium": 98
},
"items": [
{
"id": "CVE-2019-17567",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "",
"severity": "Medium",
"description": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"links": [
"https://avd.aquasec.com/nvd/cve-2019-17567"
]
},
{
"id": "CVE-2020-11993",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.14",
"severity": "Medium",
"description": "Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above \"info\" will mitigate this vulnerability for unpatched servers.",
"links": [
"https://avd.aquasec.com/nvd/cve-2020-11993"
]
},
{
"id": "CVE-2020-9490",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.14",
"severity": "Medium",
"description": "Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via \"H2Push off\" will mitigate this vulnerability for unpatched servers.",
"links": [
"https://avd.aquasec.com/nvd/cve-2020-9490"
]
},
{
"id": "CVE-2021-26690",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.16",
"severity": "Medium",
"description": "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-26690"
]
},
{
"id": "CVE-2021-26691",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.16",
"severity": "Medium",
"description": "In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-26691"
]
},
{
"id": "CVE-2021-30641",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.16",
"severity": "Medium",
"description": "Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-30641"
]
},
{
"id": "CVE-2021-33193",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.17",
"severity": "Medium",
"description": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-33193"
]
},
{
"id": "CVE-2021-34798",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.17",
"severity": "Medium",
"description": "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-34798"
]
},
{
"id": "CVE-2021-39275",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.17",
"severity": "Medium",
"description": "ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-39275"
]
},
{
"id": "CVE-2021-40438",
"package": "apache2-utils",
"version": "2.4.29-1ubuntu4.13",
"fixVersion": "2.4.29-1ubuntu4.18",
"severity": "Medium",
"description": "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.",
"links": [
"https://avd.aquasec.com/nvd/cve-2021-40438"
]
}
],
"lastScanTime": "2022-08-01T14:15:17.329Z"
}