Help Center/ SoftWare Repository for Container/ API Reference (Enterprise Edition)/ API/ Image Tag Immutability/ Listing Image Tag Immutability Policies

Updated on 2025-09-26 GMT+08:00

Online Debugging

CLI Examples

View PDF

Listing Image Tag Immutability Policies

Function

This API is used to list the image tag immutability policies.

Constraints

None.

Calling Method

For details, see Calling APIs.

URI

GET /v2/{project_id}/instances/{instance_id}/immutabletagrules

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID.
instance_id	Yes	String	ID of an SWR Enterprise Edition instance.

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
namespace_id	No	Integer	Namespace ID.
offset	No	Integer	Start index. The default value is 0. Note: The offset and limit parameters must be used together. The offset value must be 0 or a multiple of the limit value.
limit	No	Integer	Number of returned records. The default value is 10, and the maximum value is 100. Note: The offset and limit parameters must be used together. The offset value must be 0 or a multiple of the limit value.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
immutable_rules	Array of ImmutableRule objects	Policy list.
total	Integer	Total number of policies.

**Table 5** ImmutableRule
Parameter	Type	Description
id	Integer	ID of an image tag immutability policy.
namespace_id	Integer	Namespace ID.
namespace_name	String	Namespace name.
priority	Integer	Priority. This is a reserved field.
disabled	Boolean	Whether an image tag immutability policy is applied.
action	String	Reserved field. The value can be set to immutable.
template	String	Reserved field. The value can be set to immutable_template.
tag_selectors	Array of RuleSelector objects	Artifact tag selector. Currently, the value length must be 1.
scope_selectors	Map<String,Array<RuleSelector>>	Artifact repository selector. Currently, only repository is supported, and the value length must be 1.

**Table 6** RuleSelector
Parameter	Type	Description
kind	String	Matching type. Currently, doublestar is the only value.
decoration	String	Selector matching type. The value can be repoMatches.
pattern	String	Selector matching pattern. The maximum length is 512 characters. The regular expression can be nginx-* or {repo1, repo2}. : matches any field that does not contain a slash (/). *: matches any field that contains a slash (/). ?: matches any single character except a slash (/). {option 1, option 2, ...}: matches any of the options.
extras	String	Reserved field.

Status code: 400

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
encoded_authorization_message	String	Detailed rejection reason after encryption. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 401

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
encoded_authorization_message	String	Detailed rejection reason after encryption. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 403

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
encoded_authorization_message	String	Detailed rejection reason after encryption. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 404

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
encoded_authorization_message	String	Detailed rejection reason after encryption. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 500

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
encoded_authorization_message	String	Detailed rejection reason after encryption. You can call the API decode-authorization-message of STS to decrypt the reason.

Example Requests

GET https://{endpoint}/v2/{project_id}/namespaces/{namespace_name}/immutabletagrules

Example Responses

Status code: 200

Successful query.

{
  "total" : 1,
  "immutable_rules" : [ {
    "id" : 1,
    "namespace_id" : 1,
    "namespace_name" : "test",
    "priority" : "0",
    "disabled" : false,
    "action" : "immutable",
    "template" : "immutable_template",
    "tag_selectors" : [ {
      "kind" : "doublestar",
      "decoration" : "matches",
      "pattern" : "**",
      "extras" : ""
    } ],
    "scope_selectors" : {
      "repository" : [ {
        "kind" : "doublestar",
        "decoration" : "repoMatches",
        "pattern" : "**",
        "extras" : ""
      } ]
    }
  } ]
}

SDK Sample Code

The SDK sample code is as follows.

Java

    
     
       
       
         package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.swr.v2.region.SwrRegion;
import com.huaweicloud.sdk.swr.v2.*;
import com.huaweicloud.sdk.swr.v2.model.*;


public class ListImmutableRulesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        SwrClient client = SwrClient.newBuilder()
                .withCredential(auth)
                .withRegion(SwrRegion.valueOf("<YOUR REGION>"))
                .build();
        ListImmutableRulesRequest request = new ListImmutableRulesRequest();
        request.withInstanceId("{instance_id}");
        try {
            ListImmutableRulesResponse response = client.listImmutableRules(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

        

      

    
   

Python

    
     
       
       
         # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkswr.v2.region.swr_region import SwrRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkswr.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = SwrClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(SwrRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListImmutableRulesRequest()
        request.instance_id = "{instance_id}"
        response = client.list_immutable_rules(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

        

      

    
   

Go

    
     
       
       
         package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    swr "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/swr/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/swr/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/swr/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := swr.NewSwrClient(
        swr.SwrClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListImmutableRulesRequest{}
	request.InstanceId = "{instance_id}"
	response, err := client.ListImmutableRules(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

        

      

    
   

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code	Description
200	Successful query.
400	Request error.
401	Authentication failed.
403	Access denied.
404	Resource not found.
500	Internal error.

Error Codes

See Error Codes.

Parent topic: Image Tag Immutability

Previous topic: Creating an Image Tag Immutability Policy

Next topic: Modifying an Image Tag Immutability Policy

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot