From 8ec706219baee5aa374e5f11141696a28617858d Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Tue, 7 Dec 2021 13:55:05 +0100 Subject: [PATCH 1/2] .github/wf: add mirror scripts from stash Signed-off-by: Mathieu Tortuyaux --- .../.github/workflows/mirror-calico.sh | 22 ++++++++++++++ .../.github/workflows/mirror-to-ghcr.sh | 30 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100755 sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.sh create mode 100755 sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-to-ghcr.sh diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.sh new file mode 100755 index 0000000000..33de9255f1 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# This script will mirror the list of Calico images +# from Docker Hub to GHCR. + +# tag will hold the version of calico images we +# previously fetched +tag=$1 + +# list of images to mirror from Docker Hub +images=( + calico/typha + calico/pod2daemon-flexvol + calico/cni + calico/node + calico/kube-controllers +) + +# we iterate over the images we want to mirror +for image in "${images[@]}"; do + ./mirror-to-ghcr.sh $image $tag +done diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-to-ghcr.sh b/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-to-ghcr.sh new file mode 100755 index 0000000000..5aa865186a --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-to-ghcr.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# This generic script aims to mirror an image from Docker hub to another registry. +# Authentication to the registry must be done before. + +image=$1 +imagetag=$2 +registry=${3:-kinvolk} + +# we want both arch for running tests +platforms=( amd64 arm64 ) + +# tags will hold the mirrored images +tags=() + +for platform in "${platforms[@]}"; do + # we first fetch the image from Docker Hub + var=$(docker pull $image:$imagetag --platform=linux/$platform -q) + # we prepare the image to be pushed into another registry + tag=ghcr.io/$registry/$image:$imagetag-$platform + # we tag the image to create the mirrored image + docker tag $var $tag + docker push $tag + tags+=( $tag ) +done + +docker manifest create ghcr.io/$registry/$image:$imagetag "${tags[@]}" +# some images have bad arch specs in the individual image manifests :( +docker manifest annotate ghcr.io/$registry/$image:$imagetag ghcr.io/$registry/$image:$imagetag-arm64 --arch arm64 +docker manifest push --purge ghcr.io/$registry/$image:$imagetag From 7e093370a0ee90b9546120b8ef856cbb51a25274 Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Tue, 7 Dec 2021 10:09:59 +0100 Subject: [PATCH 2/2] .github/wf: add mirror-calico action this action will sync our ghcr calico images with upstream docker images. Signed-off-by: Mathieu Tortuyaux --- .../.github/workflows/mirror-calico.yml | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.yml diff --git a/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.yml b/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.yml new file mode 100644 index 0000000000..4d64e09d2a --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/.github/workflows/mirror-calico.yml @@ -0,0 +1,26 @@ +name: Sync GHCR Calico images with Docker Hub +on: + schedule: + # run every 12h + - cron: '0 */12 * * *' + workflow_dispatch: + +jobs: + get-docker-release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Login to GitHub Container Registry (ghcr) + run: echo ${{ secrets.GHCR_PASSWORD }} | docker login ghcr.io -u ${{ secrets.GHCR_USERNAME }} --password-stdin + - name: Fetch latest Calico release + id: fetch-latest-release + run: | + set -ex + + git clone https://github.com/projectcalico/calico calico + # get latest version + version=$(git -C "$_" tag | sort -V | tail -1) + + pushd .github/workflows/ + ./mirror-calico.sh $version + popd