Add cog pull (#2386)
* Add API package
* Create a client for interacting with the API
* Add pull command
* Potential fix for code scanning alert no. 25: Arbitrary file write extracting an archive containing symbolic links
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Will Sackfield <will.sackfield@gmail.com>
* Only look for cfg if image isn’t present
* Fetch version number if required
* Extract the tar within the source function
* Allow automatic deferment of close on response
* Fix sec warnings
* Security warnings have been accounted for by
resolving the path and making sure it is within
the project directory.
* Add tests for pulling source
* Update pkg/api/client.go
Co-authored-by: Aron Carroll <aron@replicate.com>
Signed-off-by: Will Sackfield <will.sackfield@gmail.com>
* Remove looking into cfg for image name
* Add message for docker pull
* Pull to a folder with model name
* Add r8.im into image name if missing
* Add explicit error handling for not found
---------
Signed-off-by: Will Sackfield <will.sackfield@gmail.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Aron Carroll <aron@replicate.com>