This project is licensed under the MIT License - see the LICENSE file for details.
- Latest release image available at
docker.io/mymzbe/k8s-sync-registries:latest
For GCR, ensure JSON key is provided and access to registry is properly configured.
-
Ensure gpgme library install
a. apt-get install libgpgme-dev
b. dnf install gpgme-devel -
Update modules
go mod tidy -
To run the directly, execute
go run main.go -
To build the binary, execute
go build -o sync_registries
-
Ensure registries.yaml properly populated with source and destination as well as repo to sync.
-
If the registry required authenticaion, update secret.yaml with its authentication details.
-
Run
sync_registriesto begin sync.
-
Execute
podman build -t <registry/repo/image:v1.0.0> .NOTE: Ensure your build environment has internet connection. -
To push to registry
podman push <registry/repo/image:v1.0.0>, follow your registry authentication method if pushing to protected registry.
-
Source and target registries also image are defined here.
-
The structure of the registries.yaml
registries:
- source_registry: "quay.io" # Source registry
source_repository: "argoproj/argocd" # Source repo
dest_registry: "europe-west3-docker.pkg.dev" # Target registry
dest_repository: "$gcp_project/argocd/argocd" # Target repo
tag_limit: 3 # how many newest tag(s) to include and discard the rest
insecure_tls: true # Enable insecure TLS
exclude_patterns: # a regex expression or list to exclude tags with specific tag identifiers.
- "alpha"
- "beta"
- "rc"
version_filters: # list of major.version to fetch.
- major: 1
minor: 11
get_latest: false
- major: 1
minor: 10
get_latest: false- Once we have populated registries.yaml, if the registry required authentication, it must be set in secrets.yaml
secrets:
- source_registry: "docker.io" # for source registry authentication
source_type: "dockerhub" # Registry type against auth, support dockerhub, acr and gcr. Typicall username and password login should use "dockerhub" as type.
username: "docker_user" # username for the registry
password: "docker_pass" # password for the registry
insecure_tls: true # enable insecure TLS
- dest_registry: "myregistry.azurecr.io"
username: "acr_token_user" # Azure ACR, acr token user from ACR Token
password: "acr_token_pass" # Azure ACR, acr token pass from ACR Token
type: "acr" # Authenticate against ACR
- dest_registry: "europe-west3-docker.pkg.dev"
service_account_key: "/root/git/k8s-sync-registries/gcr.json" # GCP service account JSON key with proper GCR permission associated to it
type: "gcr" # GCR need special oauth JWT token, code will authenticate to Google and obtain JWT.