diff --git a/.gitignore b/.gitignore index ccb6b823..1a214e55 100644 --- a/.gitignore +++ b/.gitignore @@ -19,4 +19,4 @@ test/data/ .idea/ coverage.html tags -vendor/ +vendor/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 1ca38a47..6f1a6ae9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,27 @@ -FROM golang:1.12.8 - -RUN go version -ENV GO111MODULE on -RUN go get -u github.com/swaggo/swag/cmd/swag +# --- +# Stage 1: Install certs, build binary, create default config file +# --- +FROM docker.io/golang:1.13.6-alpine3.11 AS builder +RUN apk --update add git make ca-certificates +RUN mkdir -p /go/src/github.com/anuvu/zot WORKDIR /go/src/github.com/anuvu/zot -RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.17.1 +COPY . . +RUN CGO_ENABLED=0 make clean binary +RUN echo -e '# Default config file for zot server\n\ +http:\n\ + address: 0.0.0.0\n\ + port: 5000\n\ +storage:\n\ + rootDirectory: /var/lib/registry' > config.yml && cat config.yml + +# --- +# Stage 2: Final image with nothing but certs, binary, and default config file +# --- +FROM scratch AS final +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt +COPY --from=builder /go/src/github.com/anuvu/zot/bin/zot /zot +COPY --from=builder /go/src/github.com/anuvu/zot/config.yml /etc/zot/config.yml +ENTRYPOINT ["/zot"] +EXPOSE 5000 +VOLUME ["/var/lib/registry"] +CMD ["serve", "/etc/zot/config.yml"] diff --git a/Dockerfile.build b/Dockerfile.build new file mode 100644 index 00000000..1ca38a47 --- /dev/null +++ b/Dockerfile.build @@ -0,0 +1,7 @@ +FROM golang:1.12.8 + +RUN go version +ENV GO111MODULE on +RUN go get -u github.com/swaggo/swag/cmd/swag +WORKDIR /go/src/github.com/anuvu/zot +RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.17.1 diff --git a/Makefile b/Makefile index c0a5ea9d..4457a316 100644 --- a/Makefile +++ b/Makefile @@ -47,10 +47,14 @@ run: binary test .PHONY: binary-container binary-container: - ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f Dockerfile -t zot:latest . + ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f Dockerfile.build -t zot-build:latest . ${CONTAINER_RUNTIME} run --rm --security-opt label=disable -v $$(pwd):/go/src/github.com/anuvu/zot \ - zot:latest make + zot-build:latest make .PHONY: binary-stacker binary-stacker: stacker build --substitute PWD=$$PWD --no-cache + +.PHONY: image +image: + ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f Dockerfile -t zot:latest . diff --git a/README.md b/README.md index 124a6b35..12cbf3da 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,54 @@ make binary-stacker ``` make - ``` Build artifacts are in bin/ # Serving + ``` bin/zot serve _config-file_ ``` Examples of config files are available in [examples/](examples/) dir. +# Container Image + +The [Dockerfile](./Dockerfile) in this repo can be used to build a container image +that runs _zot_. + +To build the image with ref `zot:latest`: + +``` +make image +``` + +Then run the image with your preferred container runtime: + +``` +# with podman +podman run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest + +# with docker +docker run --rm -it -p 5000:5000 -v $(pwd)/registry:/var/lib/registry zot:latest +``` + +This will run a registry at http://localhost:5000, storing content at `./registry` +(bind mounted to `/var/lib/registry` in the container). By default, auth is disabled. + +If you wish use custom configuration settings, you can override +the YAML config file located at `/etc/zot/config.yml`: + +``` +# Example: using a local file "custom-config.yml" that +# listens on port 8080 and uses /tmp/zot for storage root +podman run --rm -p 8080:8080 \ + -v $(pwd)/custom-config.yml:/etc/zot/config.yml \ + -v $(pwd)/registry:/tmp/zot \ + zot:latest +``` + # Ecosystem Since we couldn't find clients or client libraries that are stictly compliant to