mirror of
https://github.com/siderolabs/image-factory.git
synced 2025-08-06 22:57:09 +02:00
b8bfc1985c
Add some notes on how to mirror images to run Image Factory in air-gapped mode. Co-authored-by: Utku Ozdemir <utku.ozdemir@siderolabs.com> Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
88 lines
3.1 KiB
Bash
Executable File
88 lines
3.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
### A script to copy Talos artifacts to the internal registry (air-gapped environments).
|
|
### Arguments:
|
|
### $1 - Source registry (e.g., ghcr.io)
|
|
### $2 - Target registry hostname (e.g., registry.example.com)
|
|
### $3 - Talos version (e.g., v1.10.0)
|
|
###
|
|
### This script requires `crane` and `yq` to be installed. If the registry requires authentication,
|
|
### ensure that you have logged in using the docker credential store.
|
|
|
|
set -euo pipefail
|
|
|
|
if [[ $# -ne 3 ]]; then
|
|
echo "Usage: $0 <source-registry> <target-registry> <talos-version>"
|
|
exit 1
|
|
fi
|
|
|
|
TALOS_VERSION="$3"
|
|
SOURCE_REGISTRY="$1"
|
|
TARGET_REGISTRY="$2"
|
|
|
|
# mirror_image copies an image from the source registry to the target registry, including its signature.
|
|
#
|
|
# Arguments: image name (e.g., siderolabs/imager), tag (e.g., v1.11.0).
|
|
function mirror_image() {
|
|
local image="$1"
|
|
local tag="$2"
|
|
local source_image="${SOURCE_REGISTRY}/${image}:${tag}"
|
|
local target_image="${TARGET_REGISTRY}/${image}:${tag}"
|
|
|
|
crane cp "${source_image}" "${target_image}"
|
|
echo "Copied ${source_image} to ${target_image}"
|
|
sig="$(crane digest "${source_image}" | sed 's/:/-/').sig"
|
|
crane cp "${SOURCE_REGISTRY}/${image}:${sig}" "${TARGET_REGISTRY}/${image}:${sig}"
|
|
echo "Copied signature of ${source_image}"
|
|
}
|
|
|
|
## Mirror base images
|
|
#
|
|
# Note: talosctl-all image is available only for Talos v1.11.0 and later (remove for earlier versions).
|
|
# Note: installer-base image is available only for Talos v1.10.0 and later, replace with 'installer' for earlier versions.
|
|
|
|
for image in \
|
|
"siderolabs/imager" \
|
|
"siderolabs/installer-base" \
|
|
"siderolabs/extensions" \
|
|
"siderolabs/overlays" \
|
|
"siderolabs/talosctl-all" \
|
|
; do
|
|
|
|
mirror_image "${image}" "${TALOS_VERSION}"
|
|
done
|
|
|
|
### Mirror extension images
|
|
|
|
catalog="siderolabs/extensions"
|
|
|
|
for image in $(crane export "${SOURCE_REGISTRY}/${catalog}:${TALOS_VERSION}" | tar x -O image-digests); do
|
|
## split the image reference into registry, name and tag (ghcr.io/siderolabs/i915:v1.11.0:sha256:1234567890abcdef)
|
|
image_name=$(echo "${image}" | cut -d: -f1)
|
|
image_tag=$(echo "${image}" | cut -d: -f2-)
|
|
## trim the source registry from the image name
|
|
image_name=$(echo "${image_name}" | sed "s|${SOURCE_REGISTRY}/||")
|
|
|
|
echo "Processing extension image: ${image_name} ${image_tag}"
|
|
|
|
## mirror the image
|
|
mirror_image "${image_name}" "${image_tag}"
|
|
done
|
|
|
|
### Mirror overlay images
|
|
|
|
catalog="siderolabs/overlays"
|
|
|
|
for image in $(crane export "${SOURCE_REGISTRY}/${catalog}:${TALOS_VERSION}" | tar x -O overlays.yaml | yq '.overlays[] | .image + "@" + .digest' | sort -u); do
|
|
## split the image reference into registry, name and tag (ghcr.io/siderolabs/i915:v1.11.0:sha256:1234567890abcdef)
|
|
image_name=$(echo "${image}" | cut -d: -f1)
|
|
image_tag=$(echo "${image}" | cut -d: -f2-)
|
|
## trim the source registry from the image name
|
|
image_name=$(echo "${image_name}" | sed "s|${SOURCE_REGISTRY}/||")
|
|
|
|
echo "Processing overlay image: ${image_name} ${image_tag}"
|
|
|
|
## mirror the image
|
|
mirror_image "${image_name}" "${image_tag}"
|
|
done
|