FEATURE: Add option to abstract the repository when using skopeo sync #1845
Comments
|
Thanks for reaching out. There’s a fair bit of previous work and conversation in earlier pull requests, https://github.com/containers/skopeo/pulls?q=is%3Apr+is%3Aopen . I think the very basic summary is:
#1531 (comment) is one very rough sketch of what that might look like, and #1792 a start of an implementation effort. I’m afraid this is not something I can promise to spend a lot of time on short-term. |
|
A friendly reminder that this issue had no activity for 30 days. |
|
@mtrmac I understand that you're trying to find a universal solution and some rewrite schemes might be very complex. But the basic usage might be:
Would it be ok to add simple flag to support this? I guess the hardest part is to think of good naming, e.g. When you're running you're expecting it to preserve directory structure and not to copy child directories into parent dir. |
I would first like to say that I am new to the open source community. I would like to see if I can help tackle this if it seems like a project you're willing to add as it sounds like a fun project to get more familiar with Go and making contributions. Please let me know if there is already a fix for this or an option I may be missing in the documentation.
My team has recently started using Skopeo. It works great for pulling large numbers of images and staging them for "airgapped" image registries. We use the
scopedoption when syncing images to local device or proxy registry for scanning images, but the output seems like it's missing an option to abstract the registry from the directory structure. Adding an option to abstract the repository from the output could offer more capabilities in regards to Skopeo being used in various automation frameworks to pull images from public registries and push to private registries.UNSCOPED:
When the
--scopedflag is NOT set: (skopeo sync --src yaml --dest dir), the following directory structure is created:. └── image:tag └── image:tag └── image:tagThis is not ideal when pushing images to a private registry as they are no longer separated into projects and the default image in the resource manifests will need to be changed.
SCOPED:
When the
--scopedflag is added to sync images: (skopeo sync --scoped --src yaml --dest dir), the following directory structure is built:. ├── docker.io │ ├── project1 │ │ └── image:tag │ └── project2 │ └── image:tag └── quay.io └── project3 └── image:tagThe problem with this is that now I need to move into the registry directories and run a sync from each in order to push all projects to the private registry.
Staying in the current directory and running a sync will result in the following push to the private registry:
When I would like it to be:
This process unecessarily complicates pipelines which stage images to be moved to an airgapped environment to be moved to storage used by the automation tools or a private registry.
FIX/FEATURE REQUEST
What I would like to see is an option to use the
--scopedoption with an additional flag--abstract-registrywith an output like this:This would also introduce a capability to sync from a source
yamland push directly to a private registry destinationdockerwith a single command:skopeo sync --scoped --abstract-repo --src yaml --dest docker sync.yaml https://private.ioThis is a problem I see fairly often in on-prem kubernetes clusters using their own private registries. There seems to be a similar issue relating to this in issue 854 opened in 2020, but it appears there was some confusion on what the intent might be for this option. The issue says it was fixed in issue 870 but I don't see any changes for what I previously described implemented. Please correct me if I'm wrong.
EXAMPLE USE CASE:
EXAMPLE
sync.yamlThe text was updated successfully, but these errors were encountered: