mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
cb2af94b0b
* feat: add support for docker images Issue #724 A new config section under "HTTP" called "Compat" is added which currently takes a list of possible compatible legacy media-types. https://github.com/opencontainers/image-spec/blob/main/media-types.md#compatibility-matrix Only "docker2s2" (Docker Manifest V2 Schema V2) is currently supported. Garbage collection also needs to be made aware of non-OCI compatible layer types. feat: add cve support for non-OCI compatible layer types Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> * Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> * test: add more docker compat tests Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> * feat: add additional validation checks for non-OCI images Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> * ci: make "full" images docker-compatible Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> --------- Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
40 lines
1.2 KiB
Docker
40 lines
1.2 KiB
Docker
# ---
|
|
# Stage 1: Install certs, build binary, create default config file
|
|
# ---
|
|
FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.22 AS builder
|
|
|
|
ARG TARGETOS
|
|
ARG TARGETARCH
|
|
ARG COMMIT
|
|
|
|
RUN mkdir -p /go/src/github.com/project-zot/zot
|
|
WORKDIR /go/src/github.com/project-zot/zot
|
|
COPY . .
|
|
RUN make COMMIT=$COMMIT OS=$TARGETOS ARCH=$TARGETARCH clean binary
|
|
RUN echo '{\n\
|
|
"storage": {\n\
|
|
"rootDirectory": "/var/lib/registry"\n\
|
|
},\n\
|
|
"http": {\n\
|
|
"address": "0.0.0.0",\n\
|
|
"port": "5000",\n\
|
|
"compat": ["docker2s2"]\n\
|
|
},\n\
|
|
"log": {\n\
|
|
"level": "debug"\n\
|
|
}\n\
|
|
}\n' > config.json && cat config.json
|
|
|
|
# ---
|
|
# Stage 2: Final image with nothing but certs, binary, and default config file
|
|
# ---
|
|
FROM gcr.io/distroless/base-debian12 AS final
|
|
ARG TARGETOS
|
|
ARG TARGETARCH
|
|
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
|
|
COPY --from=builder /go/src/github.com/project-zot/zot/bin/zot-$TARGETOS-$TARGETARCH /usr/bin/zot
|
|
COPY --from=builder /go/src/github.com/project-zot/zot/config.json /etc/zot/config.json
|
|
ENTRYPOINT ["/usr/bin/zot"]
|
|
EXPOSE 5000
|
|
VOLUME ["/var/lib/registry"]
|
|
CMD ["serve", "/etc/zot/config.json"]
|