bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new infra architecture 11

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-20 22:05:10 +01:00
parent 0217ad83be
commit 2512de4173
42 changed files with 1056 additions and 874 deletions
Download Patch File Download Diff File Expand all files Collapse all files

246
scripts/prepull-base-images.sh
View File

@@ -6,6 +6,36 @@
set -e
# Function to check if required tools are available
check_required_tools() {
local missing_tools=()
# Check for required tools
for tool in docker curl jq; do
if ! command -v "$tool" &> /dev/null; then
missing_tools+=("$tool")
fi
done
if [ ${#missing_tools[@]} -gt 0 ]; then
echo "Error: Missing required tools: ${missing_tools[*]}"
echo "Please install them before running this script."
echo ""
echo "On macOS (with Homebrew):"
echo " brew install docker curl jq"
echo ""
echo "On Ubuntu/Debian:"
echo " sudo apt-get install docker.io curl jq"
echo ""
echo "On CentOS/RHEL:"
echo " sudo yum install docker curl jq"
exit 1
fi
}
# Check for required tools
check_required_tools
echo "=========================================="
echo "Bakery-IA Base Image Pre-Pull Script"
echo "=========================================="
@@ -17,7 +47,7 @@ DOCKER_PASSWORD="dckr_pat_zzEY5Q58x1S0puraIoKEtbpue3A"
# Authenticate with Docker Hub
echo "Authenticating with Docker Hub..."
docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
echo "✓ Authentication successful"
echo ""
@@ -58,91 +88,28 @@ BASE_IMAGES=(
# Registry configuration
# Read from environment variables (set by Tiltfile or manually)
# USE_LOCAL_REGISTRY=true to push images to local registry after pulling
# USE_GITEA_REGISTRY=true to push images to Gitea registry after pulling
USE_LOCAL_REGISTRY="${USE_LOCAL_REGISTRY:-false}"
USE_GITEA_REGISTRY="${USE_GITEA_REGISTRY:-true}"
USE_LOCAL_REGISTRY="${USE_LOCAL_REGISTRY:-true}"
echo "Registry configuration:"
echo " USE_LOCAL_REGISTRY=$USE_LOCAL_REGISTRY"
echo " USE_GITEA_REGISTRY=$USE_GITEA_REGISTRY"
echo ""
# Check if Gitea registry should be used instead
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
# Gitea registry is accessed via HTTPS on the registry subdomain (TLS terminated at ingress)
# Docker push/pull should use: registry.bakery-ia.local
# The registry serves on port 443 (HTTPS via ingress) but Docker defaults to 443 for HTTPS
REGISTRY="registry.bakery-ia.local"
echo "Testing Gitea registry accessibility at $REGISTRY..."
# Use local registry (kind registry)
REGISTRY="localhost:5000"
# Test if Gitea registry is accessible (try HTTPS first, then HTTP)
# Note: Gitea registry might return 401 Unauthorized when not authenticated, which is expected
# We're just checking if the service is reachable
if curl -sk -o /dev/null -w "%{http_code}" https://$REGISTRY/v2/ | grep -q "^[234]"; then
echo "✓ Gitea registry accessible via HTTPS"
# Authenticate with Gitea registry if accessible
echo "Authenticating with Gitea registry..."
echo "Note: For self-signed certificates, you may need to configure Docker to trust the registry:"
echo " 1. Add to /etc/docker/daemon.json:"
echo " {\"insecure-registries\": [\"$REGISTRY\"]}"
echo " 2. Restart Docker: sudo systemctl restart docker"
echo " 3. Or use: docker --insecure-registry $REGISTRY login $REGISTRY"
# Try to authenticate (this may fail due to certificate issues)
if ! docker login $REGISTRY; then
echo "Warning: Failed to authenticate with Gitea registry"
echo "This could be due to:"
echo " - Self-signed certificate issues (see above)"
echo " - Incorrect credentials"
echo " - Registry not properly configured"
echo "You may need to run: docker login $REGISTRY"
echo "Falling back to local registry"
REGISTRY="localhost:5000"
USE_GITEA_REGISTRY="false"
USE_LOCAL_REGISTRY="true"
else
echo "✓ Gitea registry authentication successful"
fi
elif curl -s -o /dev/null -w "%{http_code}" http://$REGISTRY/v2/ | grep -q "^[234]"; then
echo "✓ Gitea registry accessible via HTTP"
# Authenticate with Gitea registry if accessible
echo "Authenticating with Gitea registry..."
echo "Note: For self-signed certificates, you may need to configure Docker to trust the registry:"
echo " 1. Add to /etc/docker/daemon.json:"
echo " {\"insecure-registries\": [\"$REGISTRY\"]}"
echo " 2. Restart Docker: sudo systemctl restart docker"
echo " 3. Or use: docker --insecure-registry $REGISTRY login $REGISTRY"
# Try to authenticate (this may fail due to certificate issues)
if ! docker login $REGISTRY; then
echo "Warning: Failed to authenticate with Gitea registry"
echo "This could be due to:"
echo " - Self-signed certificate issues (see above)"
echo " - Incorrect credentials"
echo " - Registry not properly configured"
echo "You may need to run: docker login $REGISTRY"
echo "Falling back to local registry"
REGISTRY="localhost:5000"
USE_GITEA_REGISTRY="false"
USE_LOCAL_REGISTRY="true"
else
echo "✓ Gitea registry authentication successful"
fi
# If using local registry, verify it's running
if [ "$USE_LOCAL_REGISTRY" = "true" ]; then
echo "Checking local registry at $REGISTRY..."
if curl -s http://$REGISTRY/v2/ >/dev/null 2>&1; then
echo "✓ Local registry is accessible"
else
echo "Warning: Gitea registry at $REGISTRY is not accessible, falling back to local registry"
echo "This could be because:"
echo " 1. Gitea is not running or not properly configured"
echo " 2. The ingress is not properly routing to Gitea"
echo " 3. The registry service is not exposed"
REGISTRY="localhost:5000"
USE_GITEA_REGISTRY="false"
echo "⚠ Local registry is not accessible at $REGISTRY"
echo "Will only pull images locally (no registry push)"
USE_LOCAL_REGISTRY="false"
fi
else
REGISTRY="localhost:5000"
fi
echo ""
echo "Base images to pre-pull:"
echo "----------------------------------------"
for image in "${BASE_IMAGES[@]}"; do
@@ -153,48 +120,40 @@ echo ""
echo "Starting pre-pull process..."
echo "----------------------------------------"
# Track success/failure
FAILED_IMAGES=()
SUCCESS_COUNT=0
# Pull each base image
for image in "${BASE_IMAGES[@]}"; do
echo "Pulling: $image"
# Pull the image
docker pull "$image"
if ! docker pull "$image"; then
echo " ⚠ Failed to pull $image"
FAILED_IMAGES+=("$image")
continue
fi
# Tag for registry if enabled
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
# Gitea registry requires format: registry/owner/package:tag
# Convert image name to package name:
# - Replace / with - (e.g., gcr.io/kaniko-project/executor -> gcr.io-kaniko-project-executor)
# - Keep the tag if present, otherwise use original tag
# Example: gcr.io/kaniko-project/executor:v1.23.0 -> bakery-admin/gcr.io-kaniko-project-executor:v1.23.0
image_name="${image%%:*}" # Remove tag
image_tag="${image#*:}" # Get tag
if [ "$image_name" = "$image_tag" ]; then
image_tag="latest" # No tag in original, use latest
fi
# Convert image name: replace / with - and lowercase
package_name="$(echo $image_name | sed 's|/|-|g' | tr '[:upper:]' '[:lower:]')"
registry_image="$REGISTRY/bakery-admin/${package_name}:${image_tag}"
else
# Local registry format: replace / and : with _
local_repo="$(echo $image | sed 's|/|_|g' | sed 's|:|_|g' | tr '[:upper:]' '[:lower:]')"
registry_image="$REGISTRY/${local_repo}:latest"
fi
if [ "$USE_LOCAL_REGISTRY" = "true" ]; then
# Local registry format: replace /, :, -, and . with _
local_repo="$(echo $image | sed 's|/|_|g' | sed 's|:|_|g' | sed 's|-|_|g' | sed 's|\.|_|g' | tr '[:upper:]' '[:lower:]')"
registry_image="$REGISTRY/${local_repo}:latest"
docker tag "$image" "$registry_image"
echo " Tagged as: $registry_image"
# Push to registry
docker push "$registry_image"
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo " Pushed to Gitea registry"
if docker push "$registry_image"; then
echo " ✓ Pushed to local registry"
else
echo " Pushed to local registry"
echo " ⚠ Failed to push to registry (image still available locally)"
fi
fi
echo " ✓ Successfully pulled $image"
SUCCESS_COUNT=$((SUCCESS_COUNT + 1))
echo ""
done
@@ -203,73 +162,24 @@ echo "Base Image Pre-Pull Complete!"
echo "=========================================="
echo ""
echo "Summary:"
echo " - Total images pulled: ${#BASE_IMAGES[@]}"
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo " - Gitea registry enabled: $USE_GITEA_REGISTRY"
echo " - Registry URL: $REGISTRY"
echo " - Total images: ${#BASE_IMAGES[@]}"
echo " - Successfully pulled: $SUCCESS_COUNT"
if [ ${#FAILED_IMAGES[@]} -gt 0 ]; then
echo " - Failed: ${#FAILED_IMAGES[@]}"
echo " - Failed images: ${FAILED_IMAGES[*]}"
fi
if [ "$USE_LOCAL_REGISTRY" = "true" ]; then
echo " - Registry: Local ($REGISTRY)"
else
echo " - Local registry enabled: $USE_LOCAL_REGISTRY"
echo " - Registry URL: $REGISTRY"
echo " - Registry: None (local Docker only)"
fi
echo ""
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo "Gitea registry contents:"
# Note: Gitea registry API might be different, using the standard registry API for now
# If Gitea registry is not accessible, this might fail
curl -s http://$REGISTRY/v2/_catalog | jq . 2>/dev/null || echo "Could not access registry contents (Gitea registry may not support this endpoint)"
else
echo "Local registry contents:"
curl -s http://$REGISTRY/v2/_catalog | jq . 2>/dev/null || echo "Could not access registry contents"
fi
echo ""
# Exit with error if any images failed
if [ ${#FAILED_IMAGES[@]} -gt 0 ]; then
echo "⚠ Some images failed to pull. This may be due to Docker Hub rate limits."
echo "Please try again later or configure Docker Hub credentials."
exit 1
fi
echo "Next steps:"
echo " 1. Run your service builds - they will use cached images"
echo " 2. For Kubernetes: Consider setting up a pull-through cache"
echo " 3. For CI/CD: Run this script before your build pipeline"
echo ""
echo "To use registry in your builds:"
if [ "$USE_GITEA_REGISTRY" = true ]; then
echo " - Update Dockerfiles to use: $REGISTRY/..."
echo " - Gitea registry URL: $REGISTRY"
else
echo " - Update Dockerfiles to use: $REGISTRY/..."
echo " - Local registry URL: $REGISTRY"
fi
echo " - Or configure Docker daemon to use registry as mirror"
echo ""
# Optional: Configure Docker daemon to use registry as mirror
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo "To configure Docker daemon to use Gitea registry as mirror:"
echo ""
cat << EOF
{
"registry-mirrors": ["https://registry.bakery-ia.local"],
"insecure-registries": ["registry.bakery-ia.local"]
}
EOF
echo ""
echo "IMPORTANT: For Gitea registry to work properly:"
echo " 1. Gitea must be running and accessible at gitea.bakery-ia.local"
echo " 2. The registry subdomain must be properly configured in your ingress"
echo " 3. You may need to authenticate with Docker:"
echo " docker login registry.bakery-ia.local"
echo " 4. Check that the Gitea registry service is exposed on port 3000"
else
echo "To configure Docker daemon to use local registry as mirror:"
echo ""
cat << 'EOF'
{
"registry-mirrors": ["http://localhost:5000"]
}
EOF
fi
echo ""
echo "Add this to /etc/docker/daemon.json and restart Docker"
fi
echo "✓ All images pulled successfully!"