Container Registry service (1.2.1)

Download OpenAPI specification:Download

Overview

Container Registry service enables IONOS clients to manage docker and OCI compliant registries for use by their managed Kubernetes clusters. Use a Container Registry to ensure you have a privately accessed registry to efficiently support image pulls.

Changelog

1.1.0

  • Added new endpoints for Repositories
  • Added new endpoints for Artifacts
  • Added new endpoints for Vulnerabilities
  • Added registry vulnerabilityScanning feature

    1.2.0

  • Added registry apiSubnetAllowList

    1.2.1

  • Amended apiSubnetAllowList Regex

Locations

The physical locations where new container registries can be provisioned

This tag groups all operations for locations.

Get container registry locations

Authorizations:
basicAuthtokenAuth

Responses

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "string",
  • "items": [
    ],
  • "type": "string"
}

Names

Name availability checks for new registries

This tag groups all operations for names.

Get container registry name availability

Validate that the name is suitable to use for a new registry:

  • it uses only the characters "a-z", "0-9", or "-"
  • and starts with a letter and ends with a letter or number
  • and is between 3 to 63 characters in length
  • and is available
Authorizations:
basicAuthtokenAuth
path Parameters
name
required
string^[a-z][-a-z0-9]{1,61}[a-z0-9]$

The desired registry name

Responses

Response samples

Content type
application/json
{
  • "httpStatus": 400,
  • "messages": [
    ]
}

Registries

Manage container registries for storage of docker images and OCI compliant artifacts. This operation is restricted to contract owner, admin, and users with 'accessAndManageRegistries' and Share/Edit access permissions for the data center hosting the registry.

This tag groups all operations for registries.

List all container registries

List all managed container registries for your account

Authorizations:
basicAuthtokenAuth
query Parameters
filter.name
string
Example: filter.name=my-registry

The registry name to search for

limit
string
Default: "100"

The maximum number of elements to return (used together with pagination.token for pagination)

pagination.token
string
Example: pagination.token=eyJ2IjoibWV0YS5rOHMuaW8vdjEiLCJydiI6MTYzMjQ0OTk2ODAsInN0YXJ0IjoiM2RmYTc3YjctZGIwNS00MjMwLThmMjAtOGU3NjJlOTUxOTUzXHUwMDAwIn0

An opaque token used to iterate the set of results (used together with limit for pagination)

Responses

Response samples

Content type
application/json
{
  • "_links": {
    },
  • "href": "string",
  • "id": "string",
  • "items": [
    ],
  • "pagination": {
    },
  • "type": "string"
}

Create container registry

Create a registry to hold container images or OCI compliant artifacts

  • "name" must have passed validation
  • "location" must be one of the available location IDs
  • "garbageCollectionSchedule" time and days of the week for runs
  • "features": "vulnerabilityScanning" default is enabled
Authorizations:
basicAuthtokenAuth
Request Body schema: application/json
required
object (PostRegistryProperties)

Responses

Request samples

Content type
application/json
{
  • "properties": {
    }
}

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Delete registry

Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

Responses

Response samples

Content type
application/json
{
  • "httpStatus": 400,
  • "messages": [
    ]
}

Get a registry

Get all information for a specific container registry

Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

Responses

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Update the properties of a registry

Update the properties of a registry

  • "garbageCollectionSchedule" time and days of the week for runs
Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

Request Body schema: application/json
object or null (WeeklySchedule)
object (RegistryFeatures)

Optional registry features. Note: some may incur additional charges - see individual feature descriptions for details

apiSubnetAllowList
Array of strings or null (APISubnetAllowList) [ 0 .. 25 ] items

Subnets and IPs that are allowed to access the registry API, supports IPv4 and IPv6. Maximum of 25 items may be specified. If no CIDR is given /32 and /128 are assumed for IPv4 and IPv6 respectively. 0.0.0.0/0 can be used to deny all traffic. Note: If this list is empty or not set, there are no restrictions.

Responses

Request samples

Content type
application/json
{
  • "garbageCollectionSchedule": {
    },
  • "features": {
    },
  • "apiSubnetAllowList": [
    ]
}

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Create or replace a container registry

Create/replace a registry to hold container images or OCI compliant artifacts On create

  • "name" must have passed validation
  • "location" must be one of the available location IDs On update
  • "name" cannot be changed
  • "location" cannot be changed On create or update
  • "garbageCollectionSchedule": time and days of the week for runs
Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

Request Body schema: application/json
required
object (PostRegistryProperties)

Responses

Request samples

Content type
application/json
{
  • "properties": {
    }
}

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Tokens

Define access permissions to registry resources

This tag groups all operations for tokens.

List all tokens for the container registry

Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

query Parameters
offset
string
Default: "0"

The first element (from the complete list of the elements) to include in the response (used together with limit for pagination)

limit
string
Default: "100"

The maximum number of elements to return (used together with offset for pagination)

Responses

Response samples

Content type
application/json
{
  • "_links": {
    },
  • "count": 0,
  • "href": "string",
  • "id": "string",
  • "items": [
    ],
  • "limit": 0,
  • "offset": 0,
  • "total": 0,
  • "type": "string"
}

Create token

Create a token

  • password is only available once in the POST response
Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

Request Body schema: application/json
required
object (PostTokenProperties)

Responses

Request samples

Content type
application/json
{
  • "properties": {
    }
}

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Delete token

Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

tokenId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the token

Responses

Response samples

Content type
application/json
{
  • "httpStatus": 400,
  • "messages": [
    ]
}

Get token information

Gets all information for a specific token used to access a container registry

Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

tokenId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the token

Responses

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Update token

Update token properties, for example:

  • change status to 'enabled' or 'disabled'
  • change expiry date
Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

tokenId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the token

Request Body schema: application/json
expiryDate
string or null <date-time>
Array of objects or null (Scope)
status
string
Enum: "enabled" "disabled"

Responses

Request samples

Content type
application/json
{
  • "expiryDate": "2019-08-24T14:15:22Z",
  • "scopes": [
    ],
  • "status": "enabled"
}

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Create or replace token

Create/replace a token

  • password is only available once in the create response
  • "name" cannot be changed
Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

tokenId
required
string^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the token

Request Body schema: application/json
required
object (PostTokenProperties)

Responses

Request samples

Content type
application/json
{
  • "properties": {
    }
}

Response samples

Content type
application/json
{
  • "href": "string",
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "metadata": {
    },
  • "properties": {
    },
  • "type": "string"
}

Repositories

Repositories contain container images and other artifacts

This tag groups all operations for repositories.

Retrieve all Repositories

This endpoint enables retrieving all Repositories using pagination and optional filters.

Authorizations:
tokenAuth
path Parameters
registryId
required
string <uuid>
Example: 1e41a73c-59d0-5507-86dd-fa2fc2501cfd

The ID (UUID) of the Registry.

query Parameters
offset
integer <int32> >= 0
Default: 0

The first element (of the total list of elements) to include in the response. Use together with limit for pagination.

limit
integer <int32> [ 1 .. 1000 ]
Default: 100
Example: limit=100

The maximum number of elements to return. Use together with offset for pagination.

filter.name
string

Filter resources by name.

filter.vulnerabilitySeverity
string (VulnerabilitySeverity)
Example: filter.vulnerabilitySeverity=high

Filter resources by vulnerability severity.

orderBy
string
Default: "-lastPush"
Enum: "-lastPush" "-lastPull" "-artifactCount" "-pullCount" "-pushCount" "name" "lastPush" "lastPull" "artifactCount" "pullCount" "pushCount"

The field to order the results by. If not provided, the results will be ordered by the default field.

Responses

Response samples

Content type
application/json
{}

Retrieve Repository

Returns the Repository by Name.

Authorizations:
tokenAuth
path Parameters
registryId
required
string <uuid>
Example: 1e41a73c-59d0-5507-86dd-fa2fc2501cfd

The ID (UUID) of the Registry.

repositoryName
required
string <= 256 characters
Example: my-service

The Name of the Repository.

Responses

Response samples

Content type
application/json
{
  • "id": "my-service",
  • "type": "repository",
  • "metadata": {
    },
  • "properties": {
    }
}

Delete repository

Delete all repository contents

    The registry V2 API allows manifests and blobs to be deleted individually but it is not possible to remove an entire repository.
    This operation is provided for convenience
Authorizations:
basicAuthtokenAuth
path Parameters
registryId
required
string <uuid> ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-...

The unique ID of the registry

repositoryName
required
string^[a-z0-9]+(?:[._-][a-z0-9]+)*$
Example: my-service

The name of the repository

Responses

Artifacts

Artifacts are the individual files stored in a repository

This tag groups all operations for artifacts.

Retrieve all Artifacts by Registry

This endpoint enables retrieving all Artifacts using pagination and optional filters.

Authorizations:
tokenAuth
path Parameters
registryId
required
string <uuid>
Example: 1e41a73c-59d0-5507-86dd-fa2fc2501cfd

The ID (UUID) of the Registry.

query Parameters
offset
integer <int32> >= 0
Default: 0

The first element (of the total list of elements) to include in the response. Use together with limit for pagination.

limit
integer <int32> [ 1 .. 1000 ]
Default: 100
Example: limit=100

The maximum number of elements to return. Use together with offset for pagination.

filter.vulnerabilityId
string

Filter resources by vulnerabilityId.

orderBy
string
Default: "-pullCount"
Enum: "-pullCount" "-pushCount" "-lastPush" "-lastPull" "-lastScan" "-vulnTotalCount" "-vulnFixableCount" "pullCount" "pushCount" "lastPush" "lastPull" "lastScan" "vulnTotalCount" "vulnFixableCount"

The field to order the results by. If not provided, the results will be ordered by the default field.

Responses

Response samples

Content type
application/json
{}

Retrieve all Artifacts by Repository

This endpoint enables retrieving all Artifacts using pagination and optional filters.

Authorizations:
tokenAuth
path Parameters
registryId
required
string <uuid>
Example: 1e41a73c-59d0-5507-86dd-fa2fc2501cfd

The ID (UUID) of the Registry.

repositoryName
required
string <= 256 characters
Example: my-service

The Name of the Repository.

query Parameters
offset
integer <int32> >= 0
Default: 0

The first element (of the total list of elements) to include in the response. Use together with limit for pagination.

limit
integer <int32> [ 1 .. 1000 ]
Default: 100
Example: limit=100

The maximum number of elements to return. Use together with offset for pagination.

orderBy
string
Default: "-lastPush"
Enum: "-lastPush" "-lastPull" "-lastScan" "-pullCount" "-pushCount" "-vulnMaxSeverity" "-vulnTotalScore" "-vulnTotalCount" "-vulnFixableCount" "lastPush" "lastPull" "lastScan" "pullCount" "pushCount" "vulnMaxSeverity" "vulnTotalScore" "vulnTotalCount" "vulnFixableCount"

The field to order the results by. If not provided, the results will be ordered by the default field.

Responses

Response samples

Content type
application/json
{}

Retrieve Artifact

Returns the Artifact by Digest.

Authorizations:
tokenAuth
path Parameters
registryId
required
string <uuid>
Example: 1e41a73c-59d0-5507-86dd-fa2fc2501cfd

The ID (UUID) of the Registry.

repositoryName
required
string <= 256 characters
Example: my-service

The Name of the Repository.

digest
required
string <= 128 characters
Example: sha256:12345678901234567890123456789012

The Digest of the Artifact.

Responses

Response samples

Content type
application/json
{
  • "id": "sha256:12345678901234567890123456789012",
  • "type": "artifact",
  • "metadata": {
    },
  • "properties": {
    }
}

Retrieve all Vulnerabilities

This endpoint enables retrieving all Vulnerabilities using pagination and optional filters.

Authorizations:
tokenAuth
path Parameters
registryId
required
string <uuid>
Example: 1e41a73c-59d0-5507-86dd-fa2fc2501cfd

The ID (UUID) of the Registry.

repositoryName
required
string <= 256 characters
Example: my-service

The Name of the Repository.

digest
required
string <= 128 characters
Example: sha256:12345678901234567890123456789012

The Digest of the Artifact.

query Parameters
offset
integer <int32> >= 0
Default: 0

The first element (of the total list of elements) to include in the response. Use together with limit for pagination.

limit
integer <int32> [ 1 .. 1000 ]
Default: 100
Example: limit=100

The maximum number of elements to return. Use together with offset for pagination.

filter.severity
string (VulnerabilitySeverity)
Example: filter.severity=high

Filter resources by vulnerability severity.

filter.fixable
boolean

Filter resources by fixable (i.e. remediation action is available)

orderBy
string
Default: "-score"
Enum: "-score" "-severity" "-publishedAt" "-updatedAt" "-fixable" "score" "severity" "publishedAt" "updatedAt" "fixable"

The field to order the results by. If not provided, the results will be ordered by the default field.

Responses

Response samples

Content type
application/json
{}

Vulnerabilities

Vulnerability detail

This tag groups all operations for vulnerabilities.

Retrieve Vulnerability

Returns the Vulnerability by ID.

Authorizations:
tokenAuth
path Parameters
vulnerabilityId
required
string <= 64 characters
Example: CVE-2019-1234

The ID of the Vulnerability.

Responses

Response samples

Content type
application/json
{
  • "id": "CVE-2019-1234",
  • "type": "vulnerability",
  • "metadata": {
    },
  • "properties": {
    }
}