Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some features improvement #11

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Some features improvement #11

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
bc790f8
:memo: Add token/basic auth
x-lhan Oct 25, 2017
c897017
:memo: fix a bug that will delete unnecssry tag when have the same di…
x-lhan Oct 25, 2017
a94d8cd
:memo: Add dockerize doc
x-lhan Oct 25, 2017
306b5d1
:memo: fix some typo in the previous commit
x-lhan Oct 25, 2017
00ec833
add repo regexp match back
x-lhan Oct 27, 2017
b57358a
:memo: make dockerize more easy
x-lhan Nov 1, 2017
c0fa90c
:memo: revert doc to avoid conflict
x-lhan Nov 1, 2017
98546e7
:bug: Fix a outOfBound error of latest tags
x-lhan Nov 2, 2017
bb8899f
:memo: Added Parameter for user to enter password
x-lhan Nov 9, 2017
770ba4a
Move dockerize doc from readme to wiki
x-lhan Nov 9, 2017
e352cb7
Improve debug log output for error
x-lhan Mar 1, 2019
33d0bab
1. Added support for schema1 manifest
x-lhan Mar 2, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 3 additions & 27 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ We run our own private registry on a server with limited storage and it was only
username for docker login
-password string
password for docker login
-promote
promote user to enter docker login password; If specified will ignore `-password`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd leave this out and see if any value is given after -password or not. If not, prompt user.

-insecure
ignore https verification error
-repos
Expand Down Expand Up @@ -78,30 +80,4 @@ $GOPATH/bin/deckschrubber -latest 3

```
$GOPATH/bin/deckschrubber -tag_regexp ^.*-SNAPSHOT$
```

## Dockerize

In order to have a minimum image footprint(~7+MB), the dockerize process had avoid to use the offical [golang image](https://hub.docker.com/_/golang/).
But to compile golang app alone and build the image from a minimum image that only contains a standard CA certificate [centurylink/ca-certs](https://hub.docker.com/r/centurylink/ca-certs/).
Please follow these steps to have a working image built and pushed:


* **Compile golang app with the following command**

```
CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o main .
```

* **Build and push the image with proper tag**

```
docker build -t your.registry.com:5000/someproject/deckschrubber:20171025-3-SNAPSHOT .
docker push your.registry.com:5000/someproject/deckschrubber:20171025-3-SNAPSHOT
```

* **Run deckschrubber as image**

```
docker run --rm --name registry-retention-runner your.registry.com:5000/someproject/deckschrubber -registry http://your.registry.com:5000 -repos developer/myapp,developer/deckschrubber -username someone -password urpwd -insecure
```
```
10 changes: 10 additions & 0 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ var (
ver *bool
// If true, https connection will ignore verification error
insecure *bool
// If ture, promote user to enter registry password
enterPwd *bool
)

const (
Expand All @@ -63,6 +65,8 @@ func init() {
username = flag.String("username", "", "registry username to login")
// registry password (default = "")
password = flag.String("password", "", "registry password to login")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not fond of Plaintext passwords as args, we should do this in an extra step (just as mysql -u root -p does)

// Promote to enter password
enterPwd = flag.Bool("promote", false, "promote to enter password")
// Maximum age of iamges to consider for deletion in days (default = 0)
day = flag.Int("day", 0, "max age in days")
// Maximum age of months to consider for deletion in days (default = 0)
Expand Down Expand Up @@ -100,6 +104,12 @@ func main() {
if *debug {
log.SetLevel(log.DebugLevel)
}

if *enterPwd {
fmt.Println("Enter registry login password:")
fmt.Scanln(password)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not the proper way to read passwords in terminal. See here

}

// Empty context for all requests in sequel
ctx := context.Background()
transport := http.DefaultTransport
Expand Down