LinuxCommandLibrary

crane-catalog

List container image repository contents

TLDR

List the repositories in a registry

$ crane catalog [registry_address]
copy

Print the full image reference
$ crane catalog [registry_address] --full-ref
copy

Display help
$ crane catalog [[-h|--help]]
copy

SYNOPSIS

crane catalog [OPTIONS] [REPOSITORY_PREFIX]

PARAMETERS

-k, --insecure
    Allow connections to registries without verifying TLS certificates

--format string
    Format output using Go template (default: {{.Name}}\n)

-A, --auth-file string
    Path to kubeconfig or JSON auth file for credentials

-u, --user string
    Username for basic auth

-p, --password string
    Password for basic auth

--log-level string
    Set logging level (panic, fatal, error, warn, info, debug, trace)

DESCRIPTION

The crane catalog command retrieves and displays a list of repositories under a specified prefix in a container image registry supporting the OCI Distribution Specification. It is part of the crane CLI tool from the Google go-containerregistry project, designed for efficient interaction with remote registries without pulling full images.

By providing a repository prefix (e.g., ghcr.io/myorg), it queries the catalog API endpoint (/v2/_catalog) to enumerate matching repositories. If no prefix is given, it lists top-level repositories. Output can be customized via templates for scripting or parsing. Authentication is handled via standard mechanisms like environment variables (CRANE_AUTH), kubeconfig, or flags.

This command is lightweight, fetching only metadata, making it ideal for discovery, CI/CD pipelines, and inventory management in container ecosystems. It supports both public and private registries, with options for insecure connections during testing.

CAVEATS

Requires registry support for /v2/_catalog API; some registries limit results or require pagination (not natively handled). Use --insecure cautiously. No built-in filtering beyond prefix.

EXAMPLE USAGE

crane catalog ghcr.io/sigstore <-- lists repos under sigstore
crane catalog --format json localhost:5000/ <-- JSON output

AUTH NOTES

Prefers ~/.docker/config.json or CRANE_REGISTRIES_foo_AUTH env vars. Token auth via CRANE_TOKEN.

HISTORY

Introduced in crane v0.7.0 (2020) as part of Google's go-containerregistry project for OCI tools. Evolved with registry spec compliance; widely adopted in Kubernetes/sigstore ecosystems for artifact discovery.

SEE ALSO

crane-ls(1), skopeo(1), regctl(1)

Copied to clipboard