201 lines
6.7 KiB
Bash
Executable File
201 lines
6.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Base Image Pre-Pull Script for Bakery-IA
|
|
# This script pre-pulls all required base images to reduce Docker Hub usage
|
|
# Run this script before building services to cache base images locally
|
|
|
|
set -e
|
|
|
|
echo "=========================================="
|
|
echo "Bakery-IA Base Image Pre-Pull Script"
|
|
echo "=========================================="
|
|
echo ""
|
|
|
|
# Docker Hub credentials (use the same as in your Kubernetes setup)
|
|
DOCKER_USERNAME="uals"
|
|
DOCKER_PASSWORD="dckr_pat_zzEY5Q58x1S0puraIoKEtbpue3A"
|
|
|
|
# Authenticate with Docker Hub
|
|
echo "Authenticating with Docker Hub..."
|
|
docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
|
|
echo "✓ Authentication successful"
|
|
echo ""
|
|
|
|
# Define all base images used in the project
|
|
# All images are cached in local registry for dev environment
|
|
BASE_IMAGES=(
|
|
# Service base images
|
|
"python:3.11-slim"
|
|
# Database images
|
|
"postgres:17-alpine"
|
|
"redis:7.4-alpine"
|
|
"rabbitmq:4.1-management-alpine"
|
|
# Utility images
|
|
"busybox:1.36"
|
|
"curlimages/curl:latest"
|
|
"bitnami/kubectl:latest"
|
|
# Alpine variants
|
|
"alpine:3.18"
|
|
"alpine:3.19"
|
|
"alpine/git:2.43.0"
|
|
# CI/CD images
|
|
"gcr.io/kaniko-project/executor:v1.23.0"
|
|
"gcr.io/go-containerregistry/crane:latest"
|
|
"registry.k8s.io/kustomize/kustomize:v5.3.0"
|
|
# Storage images
|
|
"minio/minio:RELEASE.2024-11-07T00-52-20Z"
|
|
"minio/mc:RELEASE.2024-11-17T19-35-25Z"
|
|
# Geocoding
|
|
"mediagis/nominatim:4.4"
|
|
# Mail server (Mailu - from GHCR)
|
|
"ghcr.io/mailu/nginx:2024.06"
|
|
"ghcr.io/mailu/admin:2024.06"
|
|
"ghcr.io/mailu/postfix:2024.06"
|
|
"ghcr.io/mailu/dovecot:2024.06"
|
|
"ghcr.io/mailu/rspamd:2024.06"
|
|
)
|
|
|
|
# Registry configuration
|
|
# Read from environment variables (set by Tiltfile or manually)
|
|
# USE_LOCAL_REGISTRY=true to push images to local registry after pulling
|
|
# USE_GITEA_REGISTRY=true to push images to Gitea registry after pulling
|
|
USE_LOCAL_REGISTRY="${USE_LOCAL_REGISTRY:-true}"
|
|
USE_GITEA_REGISTRY="${USE_GITEA_REGISTRY:-false}"
|
|
|
|
echo "Registry configuration:"
|
|
echo " USE_LOCAL_REGISTRY=$USE_LOCAL_REGISTRY"
|
|
echo " USE_GITEA_REGISTRY=$USE_GITEA_REGISTRY"
|
|
echo ""
|
|
|
|
# Check if Gitea registry should be used instead
|
|
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
# Gitea registry is accessed via HTTPS on the registry subdomain (TLS terminated at ingress)
|
|
# Docker push/pull should use: registry.bakery-ia.local
|
|
# The registry serves on port 443 (HTTPS via ingress) but Docker defaults to 443 for HTTPS
|
|
REGISTRY="registry.bakery-ia.local"
|
|
echo "Testing Gitea registry accessibility at $REGISTRY..."
|
|
|
|
# Test if Gitea registry is accessible (try HTTPS first, then HTTP)
|
|
if curl -sk https://$REGISTRY/v2/ >/dev/null 2>&1; then
|
|
echo "✓ Gitea registry accessible via HTTPS"
|
|
elif curl -s http://$REGISTRY/v2/ >/dev/null 2>&1; then
|
|
echo "✓ Gitea registry accessible via HTTP"
|
|
else
|
|
echo "Warning: Gitea registry at $REGISTRY is not accessible, falling back to local registry"
|
|
REGISTRY="localhost:5000"
|
|
fi
|
|
else
|
|
REGISTRY="localhost:5000"
|
|
fi
|
|
|
|
echo "Base images to pre-pull:"
|
|
echo "----------------------------------------"
|
|
for image in "${BASE_IMAGES[@]}"; do
|
|
echo " - $image"
|
|
done
|
|
echo ""
|
|
|
|
echo "Starting pre-pull process..."
|
|
echo "----------------------------------------"
|
|
|
|
# Pull each base image
|
|
for image in "${BASE_IMAGES[@]}"; do
|
|
echo "Pulling: $image"
|
|
|
|
# Pull the image
|
|
docker pull "$image"
|
|
|
|
# Tag for registry if enabled
|
|
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
# Convert image name to registry format:
|
|
# - Replace / with _
|
|
# - Replace : with _
|
|
# - Convert to lowercase (Docker requires lowercase repository names)
|
|
# - Add :latest tag for Kustomize compatibility
|
|
# Example: gcr.io/kaniko-project/executor:v1.23.0 -> gcr.io_kaniko-project_executor_v1.23.0:latest
|
|
local_repo="$(echo $image | sed 's|/|_|g' | sed 's|:|_|g' | tr '[:upper:]' '[:lower:]')"
|
|
registry_image="$REGISTRY/${local_repo}:latest"
|
|
docker tag "$image" "$registry_image"
|
|
echo " Tagged as: $registry_image"
|
|
|
|
# Push to registry
|
|
docker push "$registry_image"
|
|
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
echo " Pushed to Gitea registry"
|
|
else
|
|
echo " Pushed to local registry"
|
|
fi
|
|
fi
|
|
|
|
echo " ✓ Successfully pulled $image"
|
|
echo ""
|
|
done
|
|
|
|
echo "=========================================="
|
|
echo "Base Image Pre-Pull Complete!"
|
|
echo "=========================================="
|
|
echo ""
|
|
echo "Summary:"
|
|
echo " - Total images pulled: ${#BASE_IMAGES[@]}"
|
|
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
echo " - Gitea registry enabled: $USE_GITEA_REGISTRY"
|
|
echo " - Registry URL: $REGISTRY"
|
|
else
|
|
echo " - Local registry enabled: $USE_LOCAL_REGISTRY"
|
|
echo " - Registry URL: $REGISTRY"
|
|
fi
|
|
echo ""
|
|
|
|
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
echo "Gitea registry contents:"
|
|
# Note: Gitea registry API might be different, using the standard registry API for now
|
|
# If Gitea registry is not accessible, this might fail
|
|
curl -s http://$REGISTRY/v2/_catalog | jq . 2>/dev/null || echo "Could not access registry contents (Gitea registry may not support this endpoint)"
|
|
else
|
|
echo "Local registry contents:"
|
|
curl -s http://$REGISTRY/v2/_catalog | jq . 2>/dev/null || echo "Could not access registry contents"
|
|
fi
|
|
echo ""
|
|
fi
|
|
|
|
echo "Next steps:"
|
|
echo " 1. Run your service builds - they will use cached images"
|
|
echo " 2. For Kubernetes: Consider setting up a pull-through cache"
|
|
echo " 3. For CI/CD: Run this script before your build pipeline"
|
|
echo ""
|
|
|
|
echo "To use registry in your builds:"
|
|
if [ "$USE_GITEA_REGISTRY" = true ]; then
|
|
echo " - Update Dockerfiles to use: $REGISTRY/..."
|
|
echo " - Gitea registry URL: $REGISTRY"
|
|
else
|
|
echo " - Update Dockerfiles to use: $REGISTRY/..."
|
|
echo " - Local registry URL: $REGISTRY"
|
|
fi
|
|
echo " - Or configure Docker daemon to use registry as mirror"
|
|
echo ""
|
|
|
|
# Optional: Configure Docker daemon to use registry as mirror
|
|
if [ "$USE_LOCAL_REGISTRY" = "true" ] || [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
if [ "$USE_GITEA_REGISTRY" = "true" ]; then
|
|
echo "To configure Docker daemon to use Gitea registry as mirror:"
|
|
echo ""
|
|
cat << EOF
|
|
{
|
|
"registry-mirrors": ["https://registry.bakery-ia.local"],
|
|
"insecure-registries": ["registry.bakery-ia.local"]
|
|
}
|
|
EOF
|
|
else
|
|
echo "To configure Docker daemon to use local registry as mirror:"
|
|
echo ""
|
|
cat << 'EOF'
|
|
{
|
|
"registry-mirrors": ["http://localhost:5000"]
|
|
}
|
|
EOF
|
|
fi
|
|
echo ""
|
|
echo "Add this to /etc/docker/daemon.json and restart Docker"
|
|
fi |