bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add new infra architecture 8

Browse Source
This commit is contained in:
Urtzi Alfaro
2026-01-19 22:28:53 +01:00
parent 012aca0d6a
commit 52b8abdc0e
18 changed files with 810 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
scripts/prepull-base-images.sh
View File

@@ -55,10 +55,38 @@ BASE_IMAGES=(
"ghcr.io/mailu/rspamd:2024.06"
)
# Local registry configuration
# Set USE_LOCAL_REGISTRY=true to push images to local registry after pulling
USE_LOCAL_REGISTRY=true
LOCAL_REGISTRY="localhost:5000"
# Registry configuration
# Read from environment variables (set by Tiltfile or manually)
# USE_LOCAL_REGISTRY=true to push images to local registry after pulling
# USE_GITEA_REGISTRY=true to push images to Gitea registry after pulling
USE_LOCAL_REGISTRY="${USE_LOCAL_REGISTRY:-true}"
USE_GITEA_REGISTRY="${USE_GITEA_REGISTRY:-false}"
echo "Registry configuration:"
echo " USE_LOCAL_REGISTRY=$USE_LOCAL_REGISTRY"
echo " USE_GITEA_REGISTRY=$USE_GITEA_REGISTRY"
echo ""
# Check if Gitea registry should be used instead
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
# Gitea registry is accessed via HTTPS on the registry subdomain (TLS terminated at ingress)
# Docker push/pull should use: registry.bakery-ia.local
# The registry serves on port 443 (HTTPS via ingress) but Docker defaults to 443 for HTTPS
REGISTRY="registry.bakery-ia.local"
echo "Testing Gitea registry accessibility at $REGISTRY..."
# Test if Gitea registry is accessible (try HTTPS first, then HTTP)
if curl -sk https://$REGISTRY/v2/ >/dev/null 2>&1; then
echo "✓ Gitea registry accessible via HTTPS"
elif curl -s http://$REGISTRY/v2/ >/dev/null 2>&1; then
echo "✓ Gitea registry accessible via HTTP"
else
echo "Warning: Gitea registry at $REGISTRY is not accessible, falling back to local registry"
REGISTRY="localhost:5000"
fi
else
REGISTRY="localhost:5000"
fi
echo "Base images to pre-pull:"
echo "----------------------------------------"
@@ -77,22 +105,26 @@ for image in "${BASE_IMAGES[@]}"; do
# Pull the image
docker pull "$image"
# Tag for local registry if enabled
if [ "$USE_LOCAL_REGISTRY" = true ]; then
# Convert image name to local registry format:
# Tag for registry if enabled
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
# Convert image name to registry format:
# - Replace / with _
# - Replace : with _
# - Convert to lowercase (Docker requires lowercase repository names)
# - Add :latest tag for Kustomize compatibility
# Example: gcr.io/kaniko-project/executor:v1.23.0 -> gcr.io_kaniko-project_executor_v1.23.0:latest
local_repo="$(echo $image | sed 's|/|_|g' | sed 's|:|_|g' | tr '[:upper:]' '[:lower:]')"
local_image="$LOCAL_REGISTRY/${local_repo}:latest"
docker tag "$image" "$local_image"
echo " Tagged as: $local_image"
registry_image="$REGISTRY/${local_repo}:latest"
docker tag "$image" "$registry_image"
echo " Tagged as: $registry_image"
# Push to local registry
docker push "$local_image"
echo " Pushed to local registry"
# Push to registry
docker push "$registry_image"
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo " Pushed to Gitea registry"
else
echo " Pushed to local registry"
fi
fi
echo " ✓ Successfully pulled $image"
@@ -105,12 +137,25 @@ echo "=========================================="
echo ""
echo "Summary:"
echo " - Total images pulled: ${#BASE_IMAGES[@]}"
echo " - Local registry enabled: $USE_LOCAL_REGISTRY"
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo " - Gitea registry enabled: $USE_GITEA_REGISTRY"
echo " - Registry URL: $REGISTRY"
else
echo " - Local registry enabled: $USE_LOCAL_REGISTRY"
echo " - Registry URL: $REGISTRY"
fi
echo ""
if [ "$USE_LOCAL_REGISTRY" = true ]; then
echo "Local registry contents:"
curl -s http://$LOCAL_REGISTRY/v2/_catalog | jq .
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo "Gitea registry contents:"
# Note: Gitea registry API might be different, using the standard registry API for now
# If Gitea registry is not accessible, this might fail
curl -s http://$REGISTRY/v2/_catalog | jq . 2>/dev/null || echo "Could not access registry contents (Gitea registry may not support this endpoint)"
else
echo "Local registry contents:"
curl -s http://$REGISTRY/v2/_catalog | jq . 2>/dev/null || echo "Could not access registry contents"
fi
echo ""
fi
@@ -120,20 +165,37 @@ echo " 2. For Kubernetes: Consider setting up a pull-through cache"
echo " 3. For CI/CD: Run this script before your build pipeline"
echo ""
echo "To use local registry in your builds:"
echo " - Update Dockerfiles to use: $LOCAL_REGISTRY/..."
echo " - Or configure Docker daemon to use local registry as mirror"
echo "To use registry in your builds:"
if [ "$USE_GITEA_REGISTRY" = true ]; then
echo " - Update Dockerfiles to use: $REGISTRY/..."
echo " - Gitea registry URL: $REGISTRY"
else
echo " - Update Dockerfiles to use: $REGISTRY/..."
echo " - Local registry URL: $REGISTRY"
fi
echo " - Or configure Docker daemon to use registry as mirror"
echo ""
# Optional: Configure Docker daemon to use local registry as mirror
if [ "$USE_LOCAL_REGISTRY" = true ]; then
echo "To configure Docker daemon to use local registry as mirror:"
echo ""
cat << 'EOF'
# Optional: Configure Docker daemon to use registry as mirror
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
echo "To configure Docker daemon to use Gitea registry as mirror:"
echo ""
cat << EOF
{
"registry-mirrors": ["https://registry.bakery-ia.local"],
"insecure-registries": ["registry.bakery-ia.local"]
}
EOF
else
echo "To configure Docker daemon to use local registry as mirror:"
echo ""
cat << 'EOF'
{
"registry-mirrors": ["http://localhost:5000"]
}
EOF
fi
echo ""
echo "Add this to /etc/docker/daemon.json and restart Docker"
fi