From a variety of sources on the web, I have discovered that there is an internal API in GitLab to obtain information about:
- the Docker image registries for a given username and project
- the Docker images for a given username, project and registry
These endpoints are, respectively:
GET https://gitlab.com/<username>/<project>/container_registry.json GET https://gitlab.com/<username>/<project>/registry/repository/<registryid>/tags?format=json&per_page=10&page=1
These are employed directly in the web app, using the GitLab session identifier. The documentation also refers to them, and I have discovered that personal access tokens also work here as well.
Accordingly, I have written an API to access this data, which I have integrated into a CI process (I check if an image hash has been pushed already, and if it has, don’t tag or push it again).
My question is, can I rely on these features in the long term?