The Project Quay application programming interface (API) provides a comprehensive, RESTful interface for managing and automating tasks within Project Quay. Designed around the OAuth 2.0 protocol, this API enables secure, fine-grained access to Project Quay resources, and allows administrators and users to perform such actions as creating repositories, managing images, setting permissions, and more.
Project Quay follows Semantic Versioning (SemVer) principles, ensuring predictable API stability across releases, such as:
-
Major releases: Introduce new capabilities. Might include breaking changes to API compatibility. For example, the API of Project Quay 2.0 differs from Project Quay 3.0.
-
Minor releases: Add new functionality in a backward-compatible manner. For example, a 3.y release adds functionality to the version 3. release.
-
Patch releases: Deliver bug fixes and improvements while preserving backward compatibility with minor releases, such as 3.y.z.
The following guide describes the Project Quay API in more detail, and provides details on the following topics:
-
OAuth 2 access tokens and how they compare to traditional API tokens and Project Quay’s robot tokens
-
Generating an OAuth 2 access token
-
Best practices for token management
-
OAuth 2 access token capabilities
-
Using the Project Quay API
-
Project Quay API configuration examples
This guide is accompanied with a second guide, . . ., that provides information about all api/v1
endpoints and how to access those endpoints with example commands.
Using the Project Quay API
Project Quay provides a full OAuth 2, RESTful API. [OAuth 2] RESTful API provides the following benefits:
-
It is available from endpoint
/api/v1
endpoint of your Project Quay host. For example,https://<quay-server.example.com>/api/v1
. -
It allows users to connect to endpoints through their browser to
GET
,POST
,DELETE
, andPUT
Project Quay settings by enabling the Swagger UI. -
It can be accessed by applications that make API calls and use OAuth tokens.
-
It sends and receives data as JSON.
The following section describes how to access the Project Quay API so that it can be used with your deployment.
Accessing the Quay API from Quay.io
If you don’t have your own Project Quay cluster running yet, you can explore the Project Quay API available from Quay.io from your web browser:
https://docs.quay.io/api/swagger/
The API Explorer that appears shows Quay.io API endpoints. You will not see superuser API endpoints or endpoints for Project Quay features that are not enabled on Quay.io (such as Repository Mirroring).
From API Explorer, you can get, and sometimes change, information on:
-
Billing, subscriptions, and plans
-
Repository builds and build triggers
-
Error messages and global messages
-
Repository images, manifests, permissions, notifications, vulnerabilities, and image signing
-
Usage logs
-
Organizations, members and OAuth applications
-
User and robot accounts
-
and more…
Select to open an endpoint to view the Model Schema for each part
of the endpoint. Open an endpoint, enter any required parameters
(such as a repository name or image), then select the Try it out!
button to query or change settings associated with a Quay.io endpoint.
Creating a v1 OAuth access token
OAuth access tokens are credentials that allow you to access protected resources in a secure manner. With Project Quay, you must create an OAuth access token before you can access the API endpoints of your organization.
Use the following procedure to create an OAuth access token.
-
You have logged in to Project Quay as an administrator.
-
On the main page, select an Organization.
-
In the navigation pane, select Applications.
-
Click Create New Application and provide a new application name, then press Enter.
-
On the OAuth Applications page, select the name of your application.
-
Optional. Enter the following information:
-
Application Name
-
Homepage URL
-
Description
-
Avatar E-mail
-
Redirect/Callback URL prefix
-
-
In the navigation pane, select Generate Token.
-
Check the boxes for the following options:
-
Administer Organization
-
Administer Repositories
-
Create Repositories
-
View all visible repositories
-
Read/Write to any accessible repositories
-
Super User Access
-
Administer User
-
Read User Information
-
-
Click Generate Access Token. You are redirected to a new page.
-
Review the permissions that you are allowing, then click Authorize Application. Confirm your decision by clicking Authorize Application.
-
You are redirected to the Access Token page. Copy and save the access token.
ImportantThis is the only opportunity to copy and save the access token. It cannot be reobtained after leaving this page.
Creating an OCI referrers OAuth access token
In some cases, you might want to create an OCI referrers OAuth access token. This token is used to list OCI referrers of a manifest under a repository.
-
Update your
config.yaml
file to include theFEATURE_REFERRERS_API: true
field. For example:# ... FEATURE_REFERRERS_API: true # ...
-
Enter the following command to Base64 encode your credentials:
$ echo -n '<username>:<password>' | base64
Example outputabcdeWFkbWluOjE5ODlraWROZXQxIQ==
-
Enter the following command to use the base64 encoded string and modify the URL endpoint to your Project Quay server:
$ curl --location '<quay-server.example.com>/v2/auth?service=<quay-server.example.com>&scope=repository:quay/listocireferrs:pull,push' --header 'Authorization: Basic <base64_username:password_encode_token>' -k | jq
Example output{ "token": "<example_secret> }
Reassigning an OAuth access token
Organization administrators can assign OAuth API tokens to be created by other user’s with specific permissions. This allows the audit logs to be reflected accurately when the token is used by a user that has no organization administrative permissions to create an OAuth API token.
Note
|
The following procedure only works on the current Project Quay UI. It is not currently implemented in the Project Quay v2 UI. |
-
You are logged in as a user with organization administrative privileges, which allows you to assign an OAuth API token.
NoteOAuth API tokens are used for authentication and not authorization. For example, the user that you are assigning the OAuth token to must have the
Admin
team role to use administrative API endpoints. For more information, see Managing access to repositories.
-
Optional. If not already, update your Project Quay
config.yaml
file to include theFEATURE_ASSIGN_OAUTH_TOKEN: true
field:# ... FEATURE_ASSIGN_OAUTH_TOKEN: true # ...
-
Optional. Restart your Project Quay registry.
-
Log in to your Project Quay registry as an organization administrator.
-
Click the name of the organization in which you created the OAuth token for.
-
In the navigation pane, click Applications.
-
Click the proper application name.
-
In the navigation pane, click Generate Token.
-
Click Assign another user and enter the name of the user that will take over the OAuth token.
-
Check the boxes for the desired permissions that you want the new user to have. For example, if you only want the new user to be able to create repositories, click Create Repositories.
ImportantPermission control is defined by the team role within an organization and must be configured regardless of the options selected here. For example, the user that you are assigning the OAuth token to must have the
Admin
team role to use administrative API endpoints.Solely checking the Super User Access box does not actually grant the user this permission. Superusers must be configured via the
config.yaml
file and the box must be checked here. -
Click Assign token. A popup box appears that confirms authorization with the following message and shows you the approved permissions:
This will prompt user <username> to generate a token with the following permissions: repo:create
-
Click Assign token in the popup box. You are redirected to a new page that displays the following message:
Token assigned successfully
-
After reassigning an OAuth token, the assigned user must accept the token to receive the bearer token, which is required to use API endpoints. Request that the assigned user logs into the Project Quay registry.
-
After they have logged in, they must click their username under Users and Organizations.
-
In the navigation pane, they must click External Logins And Applications.
-
Under Authorized Applications, they must confirm the application by clicking Authorize Application. They are directed to a new page where they must reconfirm by clicking Authorize Application.
-
They are redirected to a new page that reveals their bearer token. They must save this bearer token, as it cannot be viewed again.
Accessing your Quay API from a web browser
By enabling Swagger, you can access the API for your own Project Quay instance through a web browser. This URL exposes the Project Quay API explorer via the Swagger UI and this URL:
https://<yourquayhost>/api/v1/discovery.
That way of accessing the API does not include superuser endpoints that are available on Project Quay installations. Here is an example of accessing a Project Quay API interface running on the local system by running the swagger-ui container image:
# export SERVER_HOSTNAME=<yourhostname>
# sudo podman run -p 8888:8080 -e API_URL=https://$SERVER_HOSTNAME:8443/api/v1/discovery docker.io/swaggerapi/swagger-ui
With the swagger-ui container running, open your web browser to localhost port 8888 to view API endpoints via the swagger-ui container.
To avoid errors in the log such as "API calls must be invoked with an X-Requested-With header if called from a browser,"
add the following line to the config.yaml
on all nodes in the cluster and restart Project Quay:
BROWSER_API_CALLS_XHR_ONLY: false
Accessing the Project Quay API from the command line
You can use the curl
command to GET, PUT, POST, or DELETE settings via the API
for your Project Quay cluster. Replace <token>
with the OAuth access token you
created earlier to get or change settings in the following examples.
Project Quay Application Programming Interface (API)
This API allows you to perform many of the operations required to work with Project Quay repositories, users, and organizations.
Authorization
oauth2_implicit
Scopes
The following scopes are used to control access to the API endpoints:
Scope | Description |
---|---|
repo:read |
This application will be able to view and pull all repositories visible to the granting user or robot account |
repo:write |
This application will be able to view, push and pull to all repositories to which the granting user or robot account has write access |
repo:admin |
This application will have administrator access to all repositories to which the granting user or robot account has access |
repo:create |
This application will be able to create repositories in to any namespaces that the granting user or robot account is allowed to create repositories |
user:read |
This application will be able to read user information such as username and email address. |
org:admin |
This application will be able to administer your organizations including creating robots, creating teams, adjusting team membership, and changing billing settings. You should have absolute trust in the requesting application before granting this permission. |
super:user |
This application will be able to administer your installation including managing users, managing organizations and other features found in the superuser panel. You should have absolute trust in the requesting application before granting this permission. |
user:admin |
This application will be able to administer your account including creating robots and granting them permissions to your repositories. You should have absolute trust in the requesting application before granting this permission. |
appspecifictokens
Manages app specific tokens for the current user.
createAppToken
Create a new app specific token for user.
POST /api/v1/user/apptoken
Authorizations: oauth2_implicit (user:admin)
Request body schema (application/json)
Description of a new token.
Name | Description | Schema |
---|---|---|
title |
Friendly name to help identify the token |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listAppTokens
Lists the app specific tokens for the user.
GET /api/v1/user/apptoken
Authorizations: oauth2_implicit (user:admin)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
expiring |
If true, only returns those tokens expiring soon |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getAppToken
Returns a specific app token for the user.
GET /api/v1/user/apptoken/{token_uuid}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
token_uuid |
The uuid of the app specific token |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
revokeAppToken
Revokes a specific app token for the user.
DELETE /api/v1/user/apptoken/{token_uuid}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
token_uuid |
The uuid of the app specific token |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
build
Create, list, cancel and get status/logs of repository builds.
getRepoBuildStatus
Return the status for the builds specified by the build uuids.
GET /api/v1/repository/{repository}/build/{build_uuid}/status
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoBuildLogs
Return the build logs for the build specified by the build uuid.
GET /api/v1/repository/{repository}/build/{build_uuid}/logs
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoBuild
Returns information about a build.
GET /api/v1/repository/{repository}/build/{build_uuid}
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
cancelRepoBuild
Cancels a repository build.
DELETE /api/v1/repository/{repository}/build/{build_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
requestRepoBuild
Request that a repository be built and pushed from the specified input.
POST /api/v1/repository/{repository}/build/
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Description of a new repository build.
Name | Description | Schema |
---|---|---|
file_id |
The file id that was generated when the build spec was uploaded |
string |
archive_url |
The URL of the .tar.gz to build. Must start with "http" or "https". |
string |
subdirectory |
Subdirectory in which the Dockerfile can be found. You can only specify this or dockerfile_path |
string |
dockerfile_path |
Path to a dockerfile. You can only specify this or subdirectory. |
string |
context |
Pass in the context for the dockerfile. This is optional. |
string |
pull_robot |
Username of a Quay robot account to use as pull credentials |
string |
tags |
The tags to which the built images will be pushed. If none specified, "latest" is used. |
array of string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoBuilds
Get the list of repository builds.
GET /api/v1/repository/{repository}/build/
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
since |
Returns all builds since the given unix timecode |
integer |
query |
limit |
The maximum number of builds to return |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
discovery
API discovery information.
discovery
List all of the API endpoints available in the swagger API format.
GET /api/v1/discovery
Authorizations:
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
internal |
Whether to include internal APIs. |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
error
Error details API.
getErrorDescription
Get a detailed description of the error.
GET /api/v1/error/{error_type}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
error_type |
The error code identifying the type of error. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
globalmessages
Messages API.
createGlobalMessage
Create a message.
POST /api/v1/messages
Authorizations: oauth2_implicit (super:user)
Request body schema (application/json)
Create a new message
Name | Description | Schema |
---|---|---|
message |
A single message |
object |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getGlobalMessages
Return a super users messages.
GET /api/v1/messages
Authorizations:
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteGlobalMessage
Delete a message.
DELETE /api/v1/message/{uuid}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
uuid |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
logs
Access usage logs for organizations or repositories.
getAggregateUserLogs
Returns the aggregated logs for the current user.
GET /api/v1/user/aggregatelogs
Authorizations: oauth2_implicit (user:admin)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
performer |
Username for which to filter logs. |
string |
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
"<quay-server.example.com>/api/v1/user/aggregatelogs?performer=<username>&starttime=<MM/DD/YYYY>&endtime=<MM/DD/YYYY>"
exportUserLogs
Returns the aggregated logs for the current user.
POST /api/v1/user/exportlogs
Authorizations: oauth2_implicit (user:admin)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Request body schema (application/json)
Configuration for an export logs operation
Name | Description | Schema |
---|---|---|
callback_url |
The callback URL to invoke with a link to the exported logs |
string |
callback_email |
The e-mail address at which to e-mail a link to the exported logs |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"starttime": "<MM/DD/YYYY>",
"endtime": "<MM/DD/YYYY>",
"callback_email": "your.email@example.com"
}' \
"http://<quay-server.example.com>/api/v1/user/exportlogs"
listUserLogs
List the logs for the current user.
GET /api/v1/user/logs
Authorizations: oauth2_implicit (user:admin)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
query |
performer |
Username for which to filter logs. |
string |
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET -H "Authorization: Bearer <bearer_token>" -H "Accept: application/json" "<quay-server.example.com>/api/v1/user/logs"
getAggregateOrgLogs
Gets the aggregated logs for the specified organization.
GET /api/v1/organization/{orgname}/aggregatelogs
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
performer |
Username for which to filter logs. |
string |
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
"<quay-server.example.com>/api/v1/organization/{orgname}/aggregatelogs"
exportOrgLogs
Exports the logs for the specified organization.
POST /api/v1/organization/{orgname}/exportlogs
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Request body schema (application/json)
Configuration for an export logs operation
Name | Description | Schema |
---|---|---|
callback_url |
The callback URL to invoke with a link to the exported logs |
string |
callback_email |
The e-mail address at which to e-mail a link to the exported logs |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"starttime": "<MM/DD/YYYY>",
"endtime": "<MM/DD/YYYY>",
"callback_email": "org.logs@example.com"
}' \
"http://<quay-server.example.com>/api/v1/organization/{orgname}/exportlogs"
listOrgLogs
List the logs for the specified organization.
GET /api/v1/organization/{orgname}/logs
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
query |
performer |
Username for which to filter logs. |
string |
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
"http://<quay-server.example.com>/api/v1/organization/{orgname}/logs"
getAggregateRepoLogs
Returns the aggregated logs for the specified repository.
GET /api/v1/repository/{repository}/aggregatelogs
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
"<quay-server.example.com>/api/v1/repository/<repository_name>/<namespace>/aggregatelogs?starttime=2024-01-01&endtime=2024-06-18""
exportRepoLogs
Queues an export of the logs for the specified repository.
POST /api/v1/repository/{repository}/exportlogs
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Request body schema (application/json)
Configuration for an export logs operation
Name | Description | Schema |
---|---|---|
callback_url |
The callback URL to invoke with a link to the exported logs |
string |
callback_email |
The e-mail address at which to e-mail a link to the exported logs |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-d '{
"starttime": "2024-01-01",
"endtime": "2024-06-18",
"callback_url": "http://your-callback-url.example.com"
}' \
"http://<quay-server.example.com>/api/v1/repository/{repository}/exportlogs"
listRepoLogs
List the logs for the specified repository.
GET /api/v1/repository/{repository}/logs
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
query |
endtime |
Latest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
query |
starttime |
Earliest time for logs. Format: "%m/%d/%Y" in UTC. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
"http://<quay-server.example.com>/api/v1/repository/{repository}/logs"
manifest
Manage the manifests of a repository.
getManifestLabel
Retrieves the label with the specific ID under the manifest.
GET /api/v1/repository/{repository}/manifest/{manifestref}/labels/{labelid}
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
manifestref |
The digest of the manifest |
string |
path |
labelid |
The ID of the label |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/repository/<repository>/manifest/<manifestref>/labels/<label_id>
deleteManifestLabel
Deletes an existing label from a manifest.
DELETE /api/v1/repository/{repository}/manifest/{manifestref}/labels/{labelid}
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
manifestref |
The digest of the manifest |
string |
path |
labelid |
The ID of the label |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE \
-H "Authorization: Bearer <bearer_token>" \
https://<quay-server.example.com>/api/v1/repository/<repository>/manifest/<manifestref>/labels/<labelid>
addManifestLabel
Adds a new label into the tag manifest.
POST /api/v1/repository/{repository}/manifest/{manifestref}/labels
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
manifestref |
The digest of the manifest |
string |
Request body schema (application/json)
Adds a label to a manifest
Name | Description | Schema |
---|---|---|
key |
The key for the label |
string |
value |
The value for the label |
string |
media_type |
The media type for this label |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
--data '{
"key": "<key>",
"value": "<value>",
"media_type": "<media_type>"
}' \
https://<quay-server.example.com>/api/v1/repository/<repository>/manifest/<manifestref>/labels
listManifestLabels
GET /api/v1/repository/{repository}/manifest/{manifestref}/labels
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
manifestref |
The digest of the manifest |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
filter |
If specified, only labels matching the given prefix will be returned |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/repository/<repository>/manifest/<manifestref>/labels
getRepoManifest
GET /api/v1/repository/{repository}/manifest/{manifestref}
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
manifestref |
The digest of the manifest |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/repository/<repository>/manifest/<manifestref>
mirror
syncCancel
Update the sync_status for a given Repository’s mirroring configuration.
POST /api/v1/repository/{repository}/mirror/sync-cancel
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
syncNow
Update the sync_status for a given Repository’s mirroring configuration.
POST /api/v1/repository/{repository}/mirror/sync-now
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoMirrorConfig
Return the Mirror configuration for a given Repository.
GET /api/v1/repository/{repository}/mirror
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeRepoMirrorConfig
Allow users to modifying the repository’s mirroring configuration.
PUT /api/v1/repository/{repository}/mirror
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Update the repository mirroring configuration.
Name | Description | Schema |
---|---|---|
is_enabled |
Used to enable or disable synchronizations. |
boolean |
external_reference |
Location of the external repository. |
string |
external_registry_username |
Username used to authenticate with external registry. |
|
external_registry_password |
Password used to authenticate with external registry. |
|
sync_start_date |
Determines the next time this repository is ready for synchronization. |
string |
sync_interval |
Number of seconds after next_start_date to begin synchronizing. |
integer |
robot_username |
Username of robot which will be used for image pushes. |
string |
root_rule |
A list of glob-patterns used to determine which tags should be synchronized. |
object |
external_registry_config |
object |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createRepoMirrorConfig
Create a RepoMirrorConfig for a given Repository.
POST /api/v1/repository/{repository}/mirror
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Create the repository mirroring configuration.
Name | Description | Schema |
---|---|---|
is_enabled |
Used to enable or disable synchronizations. |
boolean |
external_reference |
Location of the external repository. |
string |
external_registry_username |
Username used to authenticate with external registry. |
|
external_registry_password |
Password used to authenticate with external registry. |
|
sync_start_date |
Determines the next time this repository is ready for synchronization. |
string |
sync_interval |
Number of seconds after next_start_date to begin synchronizing. |
integer |
robot_username |
Username of robot which will be used for image pushes. |
string |
root_rule |
A list of glob-patterns used to determine which tags should be synchronized. |
object |
external_registry_config |
object |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
namespacequota
listUserQuota
GET /api/v1/user/quota
Authorizations: oauth2_implicit (user:admin)
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationQuotaLimit
GET /api/v1/organization/{orgname}/quota/{quota_id}/limit/{limit_id}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
limit_id |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeOrganizationQuotaLimit
PUT /api/v1/organization/{orgname}/quota/{quota_id}/limit/{limit_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
limit_id |
string |
|
path |
orgname |
string |
Request body schema (application/json)
Description of changing organization quota limit
Name | Description | Schema |
---|---|---|
type |
Type of quota limit: "Warning" or "Reject" |
string |
threshold_percent |
Quota threshold, in percent of quota |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteOrganizationQuotaLimit
DELETE /api/v1/organization/{orgname}/quota/{quota_id}/limit/{limit_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
limit_id |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createOrganizationQuotaLimit
POST /api/v1/organization/{orgname}/quota/{quota_id}/limit
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
orgname |
string |
Request body schema (application/json)
Description of a new organization quota limit
Name | Description | Schema |
---|---|---|
type |
Type of quota limit: "Warning" or "Reject" |
string |
threshold_percent |
Quota threshold, in percent of quota |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listOrganizationQuotaLimit
GET /api/v1/organization/{orgname}/quota/{quota_id}/limit
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getUserQuotaLimit
GET /api/v1/user/quota/{quota_id}/limit/{limit_id}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
limit_id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listUserQuotaLimit
GET /api/v1/user/quota/{quota_id}/limit
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationQuota
GET /api/v1/organization/{orgname}/quota/{quota_id}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeOrganizationQuota
PUT /api/v1/organization/{orgname}/quota/{quota_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
orgname |
string |
Request body schema (application/json)
Description of a new organization quota
Name | Description | Schema |
---|---|---|
limit_bytes |
Number of bytes the organization is allowed |
integer |
limits |
Human readable storage capacity of the organization. Accepts SI units like Mi, Gi, or Ti, as well as non-standard units like GB or MB. Must be mutually exclusive with |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteOrganizationQuota
DELETE /api/v1/organization/{orgname}/quota/{quota_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createOrganizationQuota
Create a new organization quota.
POST /api/v1/organization/{orgname}/quota
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
string |
Request body schema (application/json)
Description of a new organization quota
Name | Description | Schema |
---|---|---|
limit_bytes |
Number of bytes the organization is allowed |
integer |
limits |
Human readable storage capacity of the organization. Accepts SI units like Mi, Gi, or Ti, as well as non-standard units like GB or MB. Must be mutually exclusive with |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listOrganizationQuota
GET /api/v1/organization/{orgname}/quota
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getUserQuota
GET /api/v1/user/quota/{quota_id}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
quota_id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
organization
Manage organizations, members and OAuth applications.
createOrganization
Create a new organization.
POST /api/v1/organization/
Authorizations: oauth2_implicit (user:admin)
Request body schema (application/json)
Description of a new organization.
Name | Description | Schema |
---|---|---|
name |
Organization username |
string |
email |
Organization contact email |
string |
recaptcha_response |
The (may be disabled) recaptcha response code for verification |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST -H "Authorization: Bearer <bearer_token>" -H "Content-Type: application/json" -d '{
"name": "<new_organization_name>"
}' "https://<quay-server.example.com>/api/v1/organization/"
validateProxyCacheConfig
POST /api/v1/organization/{orgname}/validateproxycache
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
string |
Request body schema (application/json)
Proxy cache configuration for an organization
Name | Description | Schema |
---|---|---|
upstream_registry |
Name of the upstream registry that is to be cached |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
202 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationCollaborators
List outside collaborators of the specified organization.
GET /api/v1/organization/{orgname}/collaborators
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationApplication
Retrieves the application with the specified client_id under the specified organization.
GET /api/v1/organization/{orgname}/applications/{client_id}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
client_id |
The OAuth client ID |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateOrganizationApplication
Updates an application under this organization.
PUT /api/v1/organization/{orgname}/applications/{client_id}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
client_id |
The OAuth client ID |
string |
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Description of an updated application.
Name | Description | Schema |
---|---|---|
name |
The name of the application |
string |
redirect_uri |
The URI for the application’s OAuth redirect |
string |
application_uri |
The URI for the application’s homepage |
string |
description |
The human-readable description for the application |
string |
avatar_email |
The e-mail address of the avatar to use for the application |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteOrganizationApplication
Deletes the application under this organization.
DELETE /api/v1/organization/{orgname}/applications/{client_id}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
client_id |
The OAuth client ID |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createOrganizationApplication
Creates a new application under this organization.
POST /api/v1/organization/{orgname}/applications
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Description of a new organization application.
Name | Description | Schema |
---|---|---|
name |
The name of the application |
string |
redirect_uri |
The URI for the application’s OAuth redirect |
string |
application_uri |
The URI for the application’s homepage |
string |
description |
The human-readable description for the application |
string |
avatar_email |
The e-mail address of the avatar to use for the application |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationApplications
List the applications for the specified organization.
GET /api/v1/organization/{orgname}/applications
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getProxyCacheConfig
Retrieves the proxy cache configuration of the organization.
GET /api/v1/organization/{orgname}/proxycache
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteProxyCacheConfig
Delete proxy cache configuration for the organization.
DELETE /api/v1/organization/{orgname}/proxycache
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createProxyCacheConfig
Creates proxy cache configuration for the organization.
POST /api/v1/organization/{orgname}/proxycache
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Proxy cache configuration for an organization
Name | Description | Schema |
---|---|---|
upstream_registry |
Name of the upstream registry that is to be cached |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationMember
Retrieves the details of a member of the organization.
GET /api/v1/organization/{orgname}/members/{membername}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
membername |
The username of the organization member |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
removeOrganizationMember
Removes a member from an organization, revoking all its repository priviledges and removing it from all teams in the organization.
DELETE /api/v1/organization/{orgname}/members/{membername}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
membername |
The username of the organization member |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationMembers
List the human members of the specified organization.
GET /api/v1/organization/{orgname}/members
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganization
Get the details for the specified organization.
GET /api/v1/organization/{orgname}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>"
changeOrganizationDetails
Change the details for the specified organization.
PUT /api/v1/organization/{orgname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Description of updates for an existing organization
Name | Description | Schema |
---|---|---|
email |
Organization contact email |
string |
invoice_email |
Whether the organization desires to receive emails for invoices |
boolean |
invoice_email_address |
The email address at which to receive invoices |
|
tag_expiration_s |
The number of seconds for tag expiration |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteAdminedOrganization
Deletes the specified organization.
DELETE /api/v1/organization/{orgname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>"
getApplicationInformation
Get information on the specified application.
GET /api/v1/app/{client_id}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
client_id |
The OAuth client ID |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
permission
Manage repository permissions.
getUserTransitivePermission
Get the fetch the permission for the specified user.
GET /api/v1/repository/{repository}/permissions/user/{username}/transitive
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
username |
The username of the user to which the permissions apply |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getUserPermissions
Get the permission for the specified user.
GET /api/v1/repository/{repository}/permissions/user/{username}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
username |
The username of the user to which the permission applies |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeUserPermissions
Update the perimssions for an existing repository.
PUT /api/v1/repository/{repository}/permissions/user/{username}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
username |
The username of the user to which the permission applies |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Description of a user permission.
Name | Description | Schema |
---|---|---|
role |
Role to use for the user |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
-d '{"role": "admin"}' \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository>/permissions/user/<username>
deleteUserPermissions
Delete the permission for the user.
DELETE /api/v1/repository/{repository}/permissions/user/{username}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
username |
The username of the user to which the permission applies |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository>/permissions/user/<username>
getTeamPermissions
Fetch the permission for the specified team.
GET /api/v1/repository/{repository}/permissions/team/{teamname}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
teamname |
The name of the team to which the permission applies |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeTeamPermissions
Update the existing team permission.
PUT /api/v1/repository/{repository}/permissions/team/{teamname}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
teamname |
The name of the team to which the permission applies |
string |
Request body schema (application/json)
Description of a team permission.
Name | Description | Schema |
---|---|---|
role |
Role to use for the team |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteTeamPermissions
Delete the permission for the specified team.
DELETE /api/v1/repository/{repository}/permissions/team/{teamname}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
teamname |
The name of the team to which the permission applies |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listRepoTeamPermissions
List all team permission.
GET /api/v1/repository/{repository}/permissions/team/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listRepoUserPermissions
List all user permissions.
GET /api/v1/repository/{repository}/permissions/user/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository>/permissions/user/<username>/
policy
createOrganizationAutoPrunePolicy
Creates an auto-prune policy for the organization
POST /api/v1/organization/{orgname}/autoprunepolicy/
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
The policy configuration that is to be applied to the user namespace
Name | Description | Schema |
---|---|---|
method |
The method to use for pruning tags (number_of_tags, creation_date) |
string |
value |
The value to use for the pruning method (number of tags e.g. 10, time delta e.g. 7d (7 days)) |
|
tagPattern |
Tags only matching this pattern will be pruned |
string |
tagPatternMatches |
Determine whether pruned tags should or should not match the tagPattern |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listOrganizationAutoPrunePolicies
Lists the auto-prune policies for the organization
GET /api/v1/organization/{orgname}/autoprunepolicy/
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrganizationAutoPrunePolicy
Fetches the auto-prune policy for the organization
GET /api/v1/organization/{orgname}/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteOrganizationAutoPrunePolicy
Deletes the auto-prune policy for the organization
DELETE /api/v1/organization/{orgname}/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateOrganizationAutoPrunePolicy
Updates the auto-prune policy for the organization
PUT /api/v1/organization/{orgname}/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
The policy configuration that is to be applied to the user namespace
Name | Description | Schema |
---|---|---|
method |
The method to use for pruning tags (number_of_tags, creation_date) |
string |
value |
The value to use for the pruning method (number of tags e.g. 10, time delta e.g. 7d (7 days)) |
|
tagPattern |
Tags only matching this pattern will be pruned |
string |
tagPatternMatches |
Determine whether pruned tags should or should not match the tagPattern |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createRepositoryAutoPrunePolicy
Creates an auto-prune policy for the repository
POST /api/v1/repository/{repository}/autoprunepolicy/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
The policy configuration that is to be applied to the user namespace
Name | Description | Schema |
---|---|---|
method |
The method to use for pruning tags (number_of_tags, creation_date) |
string |
value |
The value to use for the pruning method (number of tags e.g. 10, time delta e.g. 7d (7 days)) |
|
tagPattern |
Tags only matching this pattern will be pruned |
string |
tagPatternMatches |
Determine whether pruned tags should or should not match the tagPattern |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listRepositoryAutoPrunePolicies
Lists the auto-prune policies for the repository
GET /api/v1/repository/{repository}/autoprunepolicy/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepositoryAutoPrunePolicy
Fetches the auto-prune policy for the repository
GET /api/v1/repository/{repository}/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteRepositoryAutoPrunePolicy
Deletes the auto-prune policy for the repository
DELETE /api/v1/repository/{repository}/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateRepositoryAutoPrunePolicy
Updates the auto-prune policy for the repository
PUT /api/v1/repository/{repository}/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
The policy configuration that is to be applied to the user namespace
Name | Description | Schema |
---|---|---|
method |
The method to use for pruning tags (number_of_tags, creation_date) |
string |
value |
The value to use for the pruning method (number of tags e.g. 10, time delta e.g. 7d (7 days)) |
|
tagPattern |
Tags only matching this pattern will be pruned |
string |
tagPatternMatches |
Determine whether pruned tags should or should not match the tagPattern |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createUserAutoPrunePolicy
Creates the auto-prune policy for the currently logged in user
POST /api/v1/user/autoprunepolicy/
Authorizations: oauth2_implicit (user:admin)
Request body schema (application/json)
The policy configuration that is to be applied to the user namespace
Name | Description | Schema |
---|---|---|
method |
The method to use for pruning tags (number_of_tags, creation_date) |
string |
value |
The value to use for the pruning method (number of tags e.g. 10, time delta e.g. 7d (7 days)) |
|
tagPattern |
Tags only matching this pattern will be pruned |
string |
tagPatternMatches |
Determine whether pruned tags should or should not match the tagPattern |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listUserAutoPrunePolicies
Lists the auto-prune policies for the currently logged in user
GET /api/v1/user/autoprunepolicy/
Authorizations: oauth2_implicit (user:admin)
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getUserAutoPrunePolicy
Fetches the auto-prune policy for the currently logged in user
GET /api/v1/user/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteUserAutoPrunePolicy
Deletes the auto-prune policy for the currently logged in user
DELETE /api/v1/user/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateUserAutoPrunePolicy
Updates the auto-prune policy for the currently logged in user
PUT /api/v1/user/autoprunepolicy/{policy_uuid}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
policy_uuid |
The unique ID of the policy |
string |
Request body schema (application/json)
The policy configuration that is to be applied to the user namespace
Name | Description | Schema |
---|---|---|
method |
The method to use for pruning tags (number_of_tags, creation_date) |
string |
value |
The value to use for the pruning method (number of tags e.g. 10, time delta e.g. 7d (7 days)) |
|
tagPattern |
Tags only matching this pattern will be pruned |
string |
tagPatternMatches |
Determine whether pruned tags should or should not match the tagPattern |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
prototype
Manage default permissions added to repositories.
updateOrganizationPrototypePermission
Update the role of an existing permission prototype.
PUT /api/v1/organization/{orgname}/prototypes/{prototypeid}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
prototypeid |
The ID of the prototype |
string |
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Description of a the new prototype role
Name | Description | Schema |
---|---|---|
role |
Role that should be applied to the permission |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
--data '{
"role": "write"
}' \
https://<quay-server.example.com>/api/v1/organization/<organization_name>/prototypes/<prototypeid>
deleteOrganizationPrototypePermission
Delete an existing permission prototype.
DELETE /api/v1/organization/{orgname}/prototypes/{prototypeid}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
prototypeid |
The ID of the prototype |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
curl -X DELETE \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/organization/<organization_name>/prototypes/<prototype_id>
createOrganizationPrototypePermission
Create a new permission prototype.
POST /api/v1/organization/{orgname}/prototypes
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Description of a new prototype
Name | Description | Schema |
---|---|---|
role |
Role that should be applied to the delegate |
string |
activating_user |
Repository creating user to whom the rule should apply |
object |
delegate |
Information about the user or team to which the rule grants access |
object |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST -H "Authorization: Bearer <bearer_token>" -H "Content-Type: application/json" --data '{
"role": "<admin_read_or_write>",
"delegate": {
"name": "<username>",
"kind": "user"
},
"activating_user": {
"name": "<robot_name>"
}
}' https://<quay-server.example.com>/api/v1/organization/<organization_name>/prototypes
getOrganizationPrototypePermissions
List the existing prototypes for this organization.
GET /api/v1/organization/{orgname}/prototypes
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/organization/<organization_name>/prototypes
referrers
List v2 API referrers
getReferrers
List v2 API referrers of an image digest.
GET /v2/{organization_name}/{repository_name}/referrers/{digest}
Request body schema (application/json)
Referrers of an image digest.
Type |
Name |
Description |
Schema |
path |
orgname |
The name of the organization |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
referrers |
Looks up the OCI referrers of a manifest under a repository. |
string |
repository
List, create and manage repositories.
createRepo
Create a new repository.
POST /api/v1/repository
Authorizations: oauth2_implicit (repo:create)
Request body schema (application/json)
Description of a new repository
Name | Description | Schema |
---|---|---|
repository |
Repository name |
string |
visibility |
Visibility which the repository will start with |
string |
namespace |
Namespace in which the repository should be created. If omitted, the username of the caller is used |
string |
description |
Markdown encoded description for the repository |
string |
repo_kind |
The kind of repository |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
-d '{
"repository": "<new_repository_name>",
"visibility": "<public>",
"description": "<This is a description of the new repository>."
}' \
"https://quay-server.example.com/api/v1/repository"
listRepos
Fetch the list of repositories visible to the current user under a variety of situations.
GET /api/v1/repository
Authorizations: oauth2_implicit (repo:read)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
query |
repo_kind |
The kind of repositories to return |
string |
query |
popularity |
Whether to include the repository’s popularity metric. |
boolean |
query |
last_modified |
Whether to include when the repository was last modified. |
boolean |
query |
public |
Adds any repositories visible to the user by virtue of being public |
boolean |
query |
starred |
Filters the repositories returned to those starred by the user |
boolean |
query |
namespace |
Filters the repositories returned to this namespace |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeRepoVisibility
Change the visibility of a repository.
POST /api/v1/repository/{repository}/changevisibility
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Change the visibility for the repository.
Name | Description | Schema |
---|---|---|
visibility |
Visibility which the repository will start with |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeRepoState
Change the state of a repository.
PUT /api/v1/repository/{repository}/changestate
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Change the state of the repository.
Name | Description | Schema |
---|---|---|
state |
Determines whether pushes are allowed. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepo
Fetch the specified repository.
GET /api/v1/repository/{repository}
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
includeTags |
Whether to include repository tags |
boolean |
query |
includeStats |
Whether to include action statistics |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET -H "Authorization: Bearer <bearer_token>" "<quay-server.example.com>/api/v1/repository/<namespace>/<repository_name>"
updateRepo
Update the description in the specified repository.
PUT /api/v1/repository/{repository}
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Fields which can be updated in a repository.
Name | Description | Schema |
---|---|---|
description |
Markdown encoded description for the repository |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteRepository
Delete a repository.
DELETE /api/v1/repository/{repository}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE -H "Authorization: Bearer <bearer_token>" "<quay-server.example.com>/api/v1/repository/<namespace>/<repository_name>"
repositorynotification
List, create and manage repository events/notifications.
testRepoNotification
Queues a test notification for this repository.
POST /api/v1/repository/{repository}/notification/{uuid}/test
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
uuid |
The UUID of the notification |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
https://<quay-server.example.com>/api/v1/repository/<repository>/notification/<uuid>/test
getRepoNotification
Get information for the specified notification.
GET /api/v1/repository/{repository}/notification/{uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
uuid |
The UUID of the notification |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
https://<quay-server.example.com>/api/v1/repository/<repository>/notification/<uuid>
deleteRepoNotification
Deletes the specified notification.
DELETE /api/v1/repository/{repository}/notification/{uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
uuid |
The UUID of the notification |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE \
-H "Authorization: Bearer <bearer_token>" \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository_name>/notification/<uuid>
resetRepositoryNotificationFailures
Resets repository notification to 0 failures.
POST /api/v1/repository/{repository}/notification/{uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
uuid |
The UUID of the notification |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createRepoNotification
POST /api/v1/repository/{repository}/notification/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Information for creating a notification on a repository
Name | Description | Schema |
---|---|---|
event |
The event on which the notification will respond |
string |
method |
The method of notification (such as email or web callback) |
string |
config |
JSON config information for the specific method of notification |
object |
eventConfig |
JSON config information for the specific event of notification |
object |
title |
The human-readable title of the notification |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
--data '{
"event": "<event>",
"method": "<method>",
"config": {
"<config_key>": "<config_value>"
},
"eventConfig": {
"<eventConfig_key>": "<eventConfig_value>"
}
}' \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository_name>/notification/
listRepoNotifications
List the notifications for the specified repository.
GET /api/v1/repository/{repository}/notification/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
robot
Manage user and organization robot accounts.
getUserRobots
List the available robots for the user.
GET /api/v1/user/robots
Authorizations: oauth2_implicit (user:admin)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
limit |
If specified, the number of robots to return. |
integer |
query |
token |
If false, the robot’s token is not returned. |
boolean |
query |
permissions |
Whether to include repositories and teams in which the robots have permission. |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getOrgRobotPermissions
Returns the list of repository permissions for the org’s robot.
GET /api/v1/organization/{orgname}/robots/{robot_shortname}/permissions
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
regenerateOrgRobotToken
Regenerates the token for an organization robot.
POST /api/v1/organization/{orgname}/robots/{robot_shortname}/regenerate
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/organization/<orgname>/robots/<robot_shortname>/regenerate"
getUserRobotPermissions
Returns the list of repository permissions for the user’s robot.
GET /api/v1/user/robots/{robot_shortname}/permissions
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
regenerateUserRobotToken
Regenerates the token for a user’s robot.
POST /api/v1/user/robots/{robot_shortname}/regenerate
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/user/robots/<robot_shortname>/regenerate"
getOrgRobot
Returns the organization’s robot with the specified name.
GET /api/v1/organization/{orgname}/robots/{robot_shortname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createOrgRobot
Create a new robot in the organization.
PUT /api/v1/organization/{orgname}/robots/{robot_shortname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Optional data for creating a robot
Name | Description | Schema |
---|---|---|
description |
Optional text description for the robot |
string |
unstructured_metadata |
Optional unstructured metadata for the robot |
object |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT -H "Authorization: Bearer <bearer_token>" "https://<quay-server.example.com>/api/v1/organization/<organization_name>/robots/<robot_name>"
deleteOrgRobot
Delete an existing organization robot.
DELETE /api/v1/organization/{orgname}/robots/{robot_shortname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
curl -X DELETE \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/robots/<robot_shortname>"
getOrgRobots
List the organization’s robots.
GET /api/v1/organization/{orgname}/robots
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname |
The name of the organization |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
limit |
If specified, the number of robots to return. |
integer |
query |
token |
If false, the robot’s token is not returned. |
boolean |
query |
permissions |
Whether to include repositories and teams in which the robots have permission. |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET -H "Authorization: Bearer <bearer_token>" "https://<quay-server.example.com>/api/v1/organization/<organization_name>/robots"
getUserRobot
Returns the user’s robot with the specified name.
GET /api/v1/user/robots/{robot_shortname}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/user/robots/<robot_shortname>"
createUserRobot
Create a new user robot with the specified name.
PUT /api/v1/user/robots/{robot_shortname}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
Request body schema (application/json)
Optional data for creating a robot
Name | Description | Schema |
---|---|---|
description |
Optional text description for the robot |
string |
unstructured_metadata |
Optional unstructured metadata for the robot |
object |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT -H "Authorization: Bearer <bearer_token>" "https://<quay-server.example.com>/api/v1/user/robots/<robot_name>"
deleteUserRobot
Delete an existing robot.
DELETE /api/v1/user/robots/{robot_shortname}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
robot_shortname |
The short name for the robot, without any user or organization prefix |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE \
-H "Authorization: Bearer <bearer_token>" \
"<quay-server.example.com>/api/v1/user/robots/<robot_shortname>"
Auth Federated Robot Token
Return an expiring robot token using the robot identity federation mechanism.
GET oauth2/federation/robot/token
Authorizations: oauth2_implicit (robot:auth)
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful authentication and token generation |
{ "token": "string" } |
401 |
Unauthorized: missing or invalid authentication |
{ "error": "string" } |
Request Body
Type | Name | Description | Schema |
---|---|---|---|
body |
auth_result |
The result of the authentication process, containing information about the robot identity. |
{ "missing": "boolean", "error_message": "string", "context": { "robot": "RobotObject" } } |
createOrgRobotFederation
Create a federation configuration for the specified organization robot.
POST /api/v1/organization/{orgname}/robots/{robot_shortname}/federation
Retrieve the federation configuration for the specified organization robot.
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
orgname + robot_shortname required |
The name of the organization and the short name for the robot, without any user or organization prefix |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
search
Conduct searches against all registry context.
conductRepoSearch
Get a list of apps and repositories that match the specified query.
GET /api/v1/find/repositories
Authorizations:
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
includeUsage |
Whether to include usage metadata |
boolean |
query |
page |
The page. |
integer |
query |
query |
The search query. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
conductSearch
Get a list of entities and resources that match the specified query.
GET /api/v1/find/all
Authorizations: oauth2_implicit (repo:read)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
query |
The search query. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getMatchingEntities
Get a list of entities that match the specified prefix.
GET /api/v1/entities/{prefix}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
prefix |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
includeOrgs |
Whether to include orgs names. |
boolean |
query |
includeTeams |
Whether to include team names. |
boolean |
query |
namespace |
Namespace to use when querying for org entities. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
secscan
List and manage repository vulnerabilities and other security information.
getRepoManifestSecurity
GET /api/v1/repository/{repository}/manifest/{manifestref}/security
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
manifestref |
The digest of the manifest |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
vulnerabilities |
Include vulnerabilities informations |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
"https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/manifest/<manifest_digest>/security?vulnerabilities=<true_or_false>"
superuser
Superuser API.
createInstallUser
Creates a new user.
POST /api/v1/superuser/users/
Authorizations: oauth2_implicit (super:user)
Request body schema (application/json)
Data for creating a user
Name | Description | Schema |
---|---|---|
username |
The username of the user being created |
string |
email |
The email address of the user being created |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST -H "Authorization: Bearer <bearer_token>" -H "Content-Type: application/json" -d '{
"username": "newuser",
"email": "newuser@example.com"
}' "https://<quay-server.example.com>/api/v1/superuser/users/"
deleteInstallUser
Deletes a user.
DELETE /api/v1/superuser/users/{username}
Authorizations: oauth2_implicit (super:user)
Request body schema (application/json)
Data for deleting a user
Name | Description | Schema |
---|---|---|
username |
The username of the user being deleted |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE -H "Authorization: Bearer <bearer_token>" "https://<quay-server.example.com>/api/v1/superuser/users/{username}"
listAllUsers
Returns a list of all users in the system.
GET /api/v1/superuser/users/
Authorizations: oauth2_implicit (super:user)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
query |
limit |
Limit to the number of results to return per page. Max 100. |
integer |
query |
disabled |
If false, only enabled users will be returned. |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET -H "Authorization: Bearer <bearer_token>" "https://<quay-server.example.com>/api/v1/superuser/users/"
listAllLogs
List the usage logs for the current system.
GET /api/v1/superuser/logs
Authorizations: oauth2_implicit (super:user)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
query |
page |
The page number for the logs |
integer |
query |
endtime |
Latest time to which to get logs (%m/%d/%Y %Z) |
string |
query |
starttime |
Earliest time from which to get logs (%m/%d/%Y %Z) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listAllOrganizations
List the organizations for the current system.
GET /api/v1/superuser/organizations
Authorizations: oauth2_implicit (super:user)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
name |
The name of the organization being managed |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET -H "Authorization: Bearer <bearer_token>" "https://<quay-server.example.com>/api/v1/superuser/organizations/"
createServiceKey
POST /api/v1/superuser/keys
Authorizations: oauth2_implicit (super:user)
Request body schema (application/json)
Description of creation of a service key
Name | Description | Schema |
---|---|---|
service |
The service authenticating with this key |
string |
name |
The friendly name of a service key |
string |
metadata |
The key/value pairs of this key’s metadata |
object |
notes |
If specified, the extra notes for the key |
string |
expiration |
The expiration date as a unix timestamp |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listServiceKeys
GET /api/v1/superuser/keys
Authorizations: oauth2_implicit (super:user)
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeUserQuotaSuperUser
PUT /api/v1/superuser/organization/{namespace}/quota/{quota_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
|
path |
quota_id |
string |
Request body schema (application/json)
Description of a new organization quota
Name | Description | Schema |
---|---|---|
limit_bytes |
Number of bytes the organization is allowed |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteUserQuotaSuperUser
DELETE /api/v1/superuser/organization/{namespace}/quota/{quota_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
|
path |
quota_id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createUserQuotaSuperUser
POST /api/v1/superuser/organization/{namespace}/quota
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
Request body schema (application/json)
Description of a new organization quota
Name | Description | Schema |
---|---|---|
limit_bytes |
Number of bytes the organization is allowed |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listUserQuotaSuperUser
GET /api/v1/superuser/organization/{namespace}/quota
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeOrganizationQuotaSuperUser
PUT /api/v1/superuser/users/{namespace}/quota/{quota_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
|
path |
quota_id |
string |
Request body schema (application/json)
Description of a new organization quota
Name | Description | Schema |
---|---|---|
limit_bytes |
Number of bytes the organization is allowed |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteOrganizationQuotaSuperUser
DELETE /api/v1/superuser/users/{namespace}/quota/{quota_id}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
|
path |
quota_id |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
createOrganizationQuotaSuperUser
POST /api/v1/superuser/users/{namespace}/quota
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
Request body schema (application/json)
Description of a new organization quota
Name | Description | Schema |
---|---|---|
limit_bytes |
Number of bytes the organization is allowed |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listOrganizationQuotaSuperUser
GET /api/v1/superuser/users/{namespace}/quota
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
changeOrganization
Updates information about the specified user.
PUT /api/v1/superuser/organizations/{name}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
name |
The name of the organizaton being managed |
string |
Request body schema (application/json)
Description of updates for an existing organization
Name | Description | Schema |
---|---|---|
email |
Organization contact email |
string |
invoice_email |
Whether the organization desires to receive emails for invoices |
boolean |
invoice_email_address |
The email address at which to receive invoices |
|
tag_expiration_s |
The number of seconds for tag expiration |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteOrganization
Deletes the specified organization.
DELETE /api/v1/superuser/organizations/{name}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
name |
The name of the organizaton being managed |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
approveServiceKey
POST /api/v1/superuser/approvedkeys/{kid}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
kid |
The unique identifier for a service key |
string |
Request body schema (application/json)
Information for approving service keys
Name | Description | Schema |
---|---|---|
notes |
Optional approval notes |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteServiceKey
DELETE /api/v1/superuser/keys/{kid}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
kid |
The unique identifier for a service key |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateServiceKey
PUT /api/v1/superuser/keys/{kid}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
kid |
The unique identifier for a service key |
string |
Request body schema (application/json)
Description of updates for a service key
Name | Description | Schema |
---|---|---|
name |
The friendly name of a service key |
string |
metadata |
The key/value pairs of this key’s metadata |
object |
expiration |
The expiration date as a unix timestamp |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getServiceKey
GET /api/v1/superuser/keys/{kid}
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
kid |
The unique identifier for a service key |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoBuildStatusSuperUser
Return the status for the builds specified by the build uuids.
GET /api/v1/superuser/{build_uuid}/status
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoBuildSuperUser
Returns information about a build.
GET /api/v1/superuser/{build_uuid}/build
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRepoBuildLogsSuperUser
Return the build logs for the build specified by the build uuid.
GET /api/v1/superuser/{build_uuid}/logs
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
build_uuid |
The UUID of the build |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getRegistrySize
GET /api/v1/superuser/registrysize/
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
Description of a image registry size
Name | Description | Schema |
---|---|---|
size_bytes* |
Number of bytes the organization is allowed |
integer |
last_ran |
integer |
|
queued |
boolean |
|
running |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
CREATED |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
postRegistrySize
POST /api/v1/superuser/registrysize/
Authorizations: oauth2_implicit (super:user)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
namespace |
string |
Request body schema (application/json)
Description of a image registry size
Name | Description | Schema |
---|---|---|
last_ran |
integer |
|
queued |
boolean |
|
running |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
CREATED |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
tag
Manage the tags of a repository.
restoreTag
Restores a repository tag back to a previous image in the repository.
POST /api/v1/repository/{repository}/tag/{tag}/restore
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
tag |
The name of the tag |
string |
Request body schema (application/json)
Restores a tag to a specific image
Name | Description | Schema |
---|---|---|
manifest_digest |
If specified, the manifest digest that should be used |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X POST \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
--data '{
"manifest_digest": <manifest_digest>
}' \
quay-server.example.com/api/v1/repository/quayadmin/busybox/tag/test/restore
changeTag
Change which image a tag points to or create a new tag.
PUT /api/v1/repository/{repository}/tag/{tag}
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
tag |
The name of the tag |
string |
Request body schema (application/json)
Makes changes to a specific tag
Name | Description | Schema |
---|---|---|
manifest_digest |
(If specified) The manifest digest to which the tag should point |
|
expiration |
(If specified) The expiration for the image |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT \
-H "Authorization: Bearer <bearer_token>" \
-H "Content-Type: application/json" \
--data '{
"manifest_digest": "<manifest_digest>"
}' \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository_name>/tag/<tag>
deleteFullTag
Delete the specified repository tag.
DELETE /api/v1/repository/{repository}/tag/{tag}
Authorizations: oauth2_implicit (repo:write)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
path |
tag |
The name of the tag |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listRepoTags
GET /api/v1/repository/{repository}/tag/
Authorizations: oauth2_implicit (repo:read)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
onlyActiveTags |
Filter to only active tags. |
boolean |
query |
page |
Page index for the results. Default 1. |
integer |
query |
limit |
Limit to the number of results to return per page. Max 100. |
integer |
query |
filter_tag_name |
Syntax: <op>:<name> Filters the tag names based on the operation.<op> can be 'like' or 'eq'. |
string |
query |
specificTag |
Filters the tags to the specific tag. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <bearer_token>" \
-H "Accept: application/json" \
https://<quay-server.example.com>/api/v1/repository/<namespace>/<repository_name>/tag/
team
Create, list and manage an organization’s teams.
getOrganizationTeamPermissions
Returns the list of repository permissions for the org’s team.
GET /api/v1/organization/{orgname}/team/{teamname}/permissions
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
teamname |
The name of the team |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateOrganizationTeamMember
Adds or invites a member to an existing team.
PUT /api/v1/organization/{orgname}/team/{teamname}/members/{membername}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
teamname |
The name of the team |
string |
path |
membername |
The username of the team member |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT \
-H "Authorization: Bearer <your_access_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>/members/<member_name>"
deleteOrganizationTeamMember
Delete a member of a team.
If the user is merely invited to join the team, then the invite is removed instead.
DELETE /api/v1/organization/{orgname}/team/{teamname}/members/{membername}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
teamname |
The name of the team |
string |
path |
membername |
The username of the team member |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE \
-H "Authorization: Bearer <your_access_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>/members/<member_name>"
getOrganizationTeamMembers
Retrieve the list of members for the specified team.
GET /api/v1/organization/{orgname}/team/{teamname}/members
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
teamname |
The name of the team |
string |
path |
orgname |
The name of the organization |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
includePending |
Whether to include pending members |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X GET \
-H "Authorization: Bearer <your_access_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>/members"
inviteTeamMemberEmail
Invites an email address to an existing team.
PUT /api/v1/organization/{orgname}/team/{teamname}/invite/{email}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
email |
string |
|
path |
teamname |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X PUT \
-H "Authorization: Bearer <your_access_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>/invite/<email>"
deleteTeamMemberEmailInvite
Delete an invite of an email address to join a team.
DELETE /api/v1/organization/{orgname}/team/{teamname}/invite/{email}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
email |
string |
|
path |
teamname |
string |
|
path |
orgname |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
+
$ curl -X DELETE \
-H "Authorization: Bearer <your_access_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>/invite/<email>"
updateOrganizationTeam
Update the org-wide permission for the specified team.
Note
|
This API is also used to create a team. |
PUT /api/v1/organization/{orgname}/team/{teamname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
teamname |
The name of the team |
string |
path |
orgname |
The name of the organization |
string |
Request body schema (application/json)
Description of a team
Name | Description | Schema |
---|---|---|
role |
Org wide permissions that should apply to the team |
string |
description |
Markdown description for the team |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -k -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' -H "Authorization: Bearer <bearer_token>" --data '{"role": "creator"}' https://<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>
deleteOrganizationTeam
Delete the specified team.
DELETE /api/v1/organization/{orgname}/team/{teamname}
Authorizations: oauth2_implicit (org:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
teamname |
The name of the team |
string |
path |
orgname |
The name of the organization |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Example command
$ curl -X DELETE \
-H "Authorization: Bearer <your_access_token>" \
"<quay-server.example.com>/api/v1/organization/<organization_name>/team/<team_name>"
trigger
Create, list and manage build triggers.
activateBuildTrigger
Activate the specified build trigger.
POST /api/v1/repository/{repository}/trigger/{trigger_uuid}/activate
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
trigger_uuid |
The UUID of the build trigger |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Name | Description | Schema |
---|---|---|
config |
Arbitrary json. |
object |
pull_robot |
The name of the robot that will be used to pull images. |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listTriggerRecentBuilds
List the builds started by the specified trigger.
GET /api/v1/repository/{repository}/trigger/{trigger_uuid}/builds
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
trigger_uuid |
The UUID of the build trigger |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
limit |
The maximum number of builds to return |
integer |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
manuallyStartBuildTrigger
Manually start a build from the specified trigger.
POST /api/v1/repository/{repository}/trigger/{trigger_uuid}/start
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
trigger_uuid |
The UUID of the build trigger |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Optional run parameters for activating the build trigger
Name | Description | Schema |
---|---|---|
branch_name |
(SCM only) If specified, the name of the branch to build. |
string |
commit_sha |
(Custom Only) If specified, the ref/SHA1 used to checkout a git repository. |
string |
refs |
(SCM Only) If specified, the ref to build. |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getBuildTrigger
Get information for the specified build trigger.
GET /api/v1/repository/{repository}/trigger/{trigger_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
trigger_uuid |
The UUID of the build trigger |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
updateBuildTrigger
Updates the specified build trigger.
PUT /api/v1/repository/{repository}/trigger/{trigger_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
trigger_uuid |
The UUID of the build trigger |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Request body schema (application/json)
Options for updating a build trigger
Name | Description | Schema |
---|---|---|
enabled |
Whether the build trigger is enabled |
boolean |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteBuildTrigger
Delete the specified build trigger.
DELETE /api/v1/repository/{repository}/trigger/{trigger_uuid}
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
trigger_uuid |
The UUID of the build trigger |
string |
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listBuildTriggers
List the triggers for the specified repository.
GET /api/v1/repository/{repository}/trigger/
Authorizations: oauth2_implicit (repo:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
user
Manage the current user.
createStar
Star a repository.
POST /api/v1/user/starred
Authorizations: oauth2_implicit (repo:read)
Request body schema (application/json)
Name | Description | Schema |
---|---|---|
namespace |
Namespace in which the repository belongs |
string |
repository |
Repository name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Successful creation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
listStarredRepos
List all starred repositories.
GET /api/v1/user/starred
Authorizations: oauth2_implicit (user:admin)
Query parameters
Type | Name | Description | Schema |
---|---|---|---|
query |
next_page |
The page token for the next page |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getLoggedInUser
Get user information for the authenticated user.
GET /api/v1/user/
Authorizations: oauth2_implicit (user:read)
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
deleteStar
Removes a star from a repository.
DELETE /api/v1/user/starred/{repository}
Authorizations: oauth2_implicit (user:admin)
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
repository |
The full path of the repository. e.g. namespace/name |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 |
Deleted |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
getUserInformation
Get user information for the specified user.
GET /api/v1/users/{username}
Authorizations:
Path parameters
Type | Name | Description | Schema |
---|---|---|---|
path |
username |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
Successful invocation |
|
400 |
Bad Request |
|
401 |
Session required |
|
403 |
Unauthorized access |
|
404 |
Not found |
Definitions
ApiError
Name | Description | Schema |
---|---|---|
status |
Status code of the response. |
integer |
type |
Reference to the type of the error. |
string |
detail |
Details about the specific instance of the error. |
string |
title |
Unique error code to identify the type of error. |
string |
error_message |
Deprecated; alias for detail |
string |
error_type |
Deprecated; alias for detail |
string |
UserView
Name | Description | Schema |
---|---|---|
verified |
Whether the user’s email address has been verified |
boolean |
anonymous |
true if this user data represents a guest user |
boolean |
email |
The user’s email address |
string |
avatar |
Avatar data representing the user’s icon |
object |
organizations |
Information about the organizations in which the user is a member |
array of object |
logins |
The list of external login providers against which the user has authenticated |
array of object |
can_create_repo |
Whether the user has permission to create repositories |
boolean |
preferred_namespace |
If true, the user’s namespace is the preferred namespace to display |
boolean |
ViewMirrorConfig
Name | Description | Schema |
---|---|---|
is_enabled |
Used to enable or disable synchronizations. |
boolean |
external_reference |
Location of the external repository. |
string |
external_registry_username |
Username used to authenticate with external registry. |
|
external_registry_password |
Password used to authenticate with external registry. |
|
sync_start_date |
Determines the next time this repository is ready for synchronization. |
string |
sync_interval |
Number of seconds after next_start_date to begin synchronizing. |
integer |
robot_username |
Username of robot which will be used for image pushes. |
string |
root_rule |
A list of glob-patterns used to determine which tags should be synchronized. |
object |
external_registry_config |
object |
ApiErrorDescription
Name | Description | Schema |
---|---|---|
type |
A reference to the error type resource |
string |
title |
The title of the error. Can be used to uniquely identify the kind of error. |
string |
description |
A more detailed description of the error that may include help for fixing the issue. |
string |
API configuration examples
external_registry_config object reference
{
"is_enabled": True,
"external_reference": "quay.io/redhat/quay",
"sync_interval": 5000,
"sync_start_date": datetime(2020, 0o1, 0o2, 6, 30, 0),
"external_registry_username": "fakeUsername",
"external_registry_password": "fakePassword",
"external_registry_config": {
"verify_tls": True,
"unsigned_images": False,
"proxy": {
"http_proxy": "http://insecure.proxy.corp",
"https_proxy": "https://secure.proxy.corp",
"no_proxy": "mylocalhost",
},
},
}
rule_rule object reference
{
"root_rule": {"rule_kind": "tag_glob_csv", "rule_value": ["latest", "foo", "bar"]},
}