Pull request to add windows container support

[jcorvino]

Added basic support for windows container downloads. Also added support for SSL and NTLM authentication. Fixed bug with download streaming in original code.

[NotGlop]

Here are some points to take into account for supporting other registries than DockerHub (these are normally fixed in https://github.com/NotGlop/docker-drag/commit/ff7b300bad5a918963bcd3cb31fc1a2d5bfde58d)

• Authorization must be handled. Microsoft exposes its registry without authorization so not a problem for this particular case, however, other registries will fail without the authorization bearer from their endpoint.
• Microsoft sometimes uses urls parameter in layers section of the manifest (https://docs.docker.com/registry/spec/manifest-v2-2/#image-manifest-field-descriptions) to download layers, so this must be taken into account.

Regarding this PR:

• we shouldn't consider the support for Microsoft registry only, but rather try to handle all other registries that are not DockerHub
• we should keep a support for running the script with Python2.7 (eventhough its support officially ends in 2 months)
• thanks for the cleaning, I initially wanted to keep it concise, but your ideas are good
• Not sure what needs to be done with Simple/Shared tags: https://github.com/docker-library/faq#whats-the-difference-between-shared-and-simple-tags

[jcorvino]

I'll keep working on supporting other registries. Today I added tox test cases for Python 2.7 and 3.5-3.8.

[NotGlop]

I found a way to check all possible manifests for a given tag which should resolve the limitation for windows images . (through the accept manifest.list.v2 header) thus avoiding the dockerfile hack thing.

We can then bypass the UNKNOWN_MANIFEST by specifying the digest if we identify the right manifest we want to download. This will require to display possible digests and to support the @digest suffix option.

Docker clients actually download images from registries by checking the architecture and os version, that's why some images are only downloadable under certains conditions (and that's why it's causing trouble when using only the API).

As I see multiple files appearing (and test beds), we should consider putting this as a development branch.

[jcorvino]

I'm going to do some more work on this PR today. I'll experiment with the progress bar feature request.

We definitely need a way to get the digest automatically if the user doesn't specify one for windows registry. It's too onerous otherwise. Maybe at a minimum we could add an option to return a list of digests for the specified image.

[NotGlop]

We definitely need a way to get the digest automatically if the user doesn't specify one for windows registry. It's too onerous otherwise. Maybe at a minimum we could add an option to return a list of digests for the specified image.

This should be already implemented in latest version:

> python.exe docker_pull.py mcr.microsoft.com/windows/nanoserver/insider:10.0.19023.1
[-] Cannot fetch manifest for windows/nanoserver/insider [HTTP 404]
{"errors":[{"code":"MANIFEST_UNKNOWN","message":"manifest unknown"}]}

[+] Manifests found for this tag (use the @digest format to pull the corresponding image):
os.version: 10.0.19023.1, os: windows, architecture: amd64, digest: sha256:e225433b893d65d9fb1c5af2c58f560cefd40cfb845f9885086f2eab7eb6e96b
os.version: 10.0.19023.1, os: windows, architecture: arm, digest: sha256:45a7d687fd00dd4b5c92e4d09a4be6041f4d441e3ff88a0415e57994e822dc31

Then you can download the image using:

> python.exe docker_pull.py mcr.microsoft.com/windows/nanoserver/insider@sha256:e225433b893d65d9fb1c5af2c58f560cefd40cfb845f9885086f2eab7eb6e96b
Creating image structure in: tmp_insider_sha256@e225433b893d65d9fb1c5af2c58f560cefd40cfb845f9885086f2eab7eb6e96b
ad0df9e95030: Pull complete [102983605]
Docker image pulled: windows_nanoserver_insider.tar