docker-registry-sync 0.1.4 → 0.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +8 -8
- data/bin/docker-registry-sync +13 -1
- data/lib/docker/registry/sync/cmd.rb +11 -8
- data/lib/docker/registry/sync/configuration.rb +4 -1
- data/lib/docker/registry/sync/s3.rb +22 -15
- data/lib/docker/registry/sync/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
---
|
|
2
2
|
!binary "U0hBMQ==":
|
|
3
3
|
metadata.gz: !binary |-
|
|
4
|
-
|
|
4
|
+
MDJmMGE4YzQyMmNjMmE3ZmEzNzI1MTIyZDgyMTgyMDJhOWQ3OGMxOA==
|
|
5
5
|
data.tar.gz: !binary |-
|
|
6
|
-
|
|
6
|
+
YWVhNDY4ZTYwYTcwMmRlNWEwODU5ZDYyMzg2ZmMzNDg5ZDVhNmExMQ==
|
|
7
7
|
SHA512:
|
|
8
8
|
metadata.gz: !binary |-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
NzFjNDc1MzFiNjM2ZGQ2ZWRlMDE2OGQyZTcyNjFjMGU3ZjAyNTUyZjQzODQx
|
|
10
|
+
YTUxYTQxNmU4NDhjNWFhNmM0NmQ3NDA1YjZjMGQxNDIxMDBkZTYwNDFlNzMw
|
|
11
|
+
NTdmYzBiNzViYWU0NzdjODM1NzZkMzU1ZjE3MTc0YWVjMzAwNzQ=
|
|
12
12
|
data.tar.gz: !binary |-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
13
|
+
NGRlODNhMjljYTI1MGNiYTAwMWE5ZWQ2NDU3MGY1YTZkNTFjZjgzNTMwMjg5
|
|
14
|
+
Yzc0YmY0MGVkYTNkYmI5MDI2NzVmZjE3MjhjNDNhNTk5YmQ4YzA2ODA5Yjdk
|
|
15
|
+
MTIyYjZmNGZhYTI2YmMyNjhhNzczOTZlY2YxZWU2OTU1ZDIyYjU=
|
data/bin/docker-registry-sync
CHANGED
|
@@ -54,6 +54,16 @@ EOC
|
|
|
54
54
|
options[:proxy] = p
|
|
55
55
|
end
|
|
56
56
|
|
|
57
|
+
options[:sse] = false
|
|
58
|
+
opts.on(nil, '--sse', "Copy S3 objects using SSE on the destination using (AES256 only)") do |_e|
|
|
59
|
+
options[:sse] = true
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
options[:source_sse] = false
|
|
63
|
+
opts.on(nil, '--source-sse', "Copy S3 objects when the source is using SSE (AES256 only)") do |_e|
|
|
64
|
+
options[:source_sse] = true
|
|
65
|
+
end
|
|
66
|
+
|
|
57
67
|
options[:unset_proxy] = false
|
|
58
68
|
opts.on(nil, '--unset-proxy', "Use if 'http_proxy' is set in your environment, but you don't want to use it...") do |_u|
|
|
59
69
|
options[:unset_proxy] = true
|
|
@@ -96,7 +106,9 @@ end
|
|
|
96
106
|
CMD.configure(
|
|
97
107
|
options[:source_bucket],
|
|
98
108
|
options[:target_buckets],
|
|
99
|
-
options[:sqs_queue]
|
|
109
|
+
options[:sqs_queue],
|
|
110
|
+
options[:sse],
|
|
111
|
+
options[:source_sse]
|
|
100
112
|
)
|
|
101
113
|
|
|
102
114
|
ec = 1
|
|
@@ -9,7 +9,7 @@ module Docker
|
|
|
9
9
|
include Docker::Registry::Sync
|
|
10
10
|
|
|
11
11
|
class << self
|
|
12
|
-
def configure(source_bucket, target_buckets, sqs_queue)
|
|
12
|
+
def configure(source_bucket, target_buckets, sqs_queue, use_sse, source_uses_sse)
|
|
13
13
|
unless source_bucket.nil?
|
|
14
14
|
source_region, source_bucket = source_bucket.split(':')
|
|
15
15
|
else
|
|
@@ -31,6 +31,8 @@ module Docker
|
|
|
31
31
|
config.source_bucket = source_bucket
|
|
32
32
|
config.source_region = source_region
|
|
33
33
|
config.target_buckets = target_buckets
|
|
34
|
+
config.source_sse = source_uses_sse
|
|
35
|
+
config.sse = use_sse
|
|
34
36
|
config.sqs_region = sqs_region
|
|
35
37
|
config.sqs_url = "https://#{sqs_uri}"
|
|
36
38
|
end
|
|
@@ -52,18 +54,18 @@ module Docker
|
|
|
52
54
|
|
|
53
55
|
def sync(image, tag)
|
|
54
56
|
success = false
|
|
55
|
-
@config.target_buckets.each do |region, bucket|
|
|
57
|
+
@config.target_buckets.each do |region, bucket, sse|
|
|
56
58
|
if image_exists?(image, bucket, region)
|
|
57
|
-
success = sync_tag(image, tag, bucket, region)
|
|
59
|
+
success = sync_tag(image, tag, bucket, region, !sse.nil?)
|
|
58
60
|
else
|
|
59
|
-
success = sync_repo(image, bucket, region)
|
|
61
|
+
success = sync_repo(image, bucket, region, !sse.nil?)
|
|
60
62
|
end
|
|
61
63
|
end
|
|
62
64
|
success ? 0 : 1
|
|
63
65
|
end
|
|
64
66
|
|
|
65
67
|
def queue_sync(image, tag)
|
|
66
|
-
msgs = @config.target_buckets.map do |region, bucket|
|
|
68
|
+
msgs = @config.target_buckets.map do |region, bucket, sse|
|
|
67
69
|
JSON.dump(retries: 0,
|
|
68
70
|
image: image,
|
|
69
71
|
tag: tag,
|
|
@@ -73,7 +75,8 @@ module Docker
|
|
|
73
75
|
},
|
|
74
76
|
target: {
|
|
75
77
|
bucket: bucket,
|
|
76
|
-
region: region
|
|
78
|
+
region: region,
|
|
79
|
+
sse: !sse.nil?
|
|
77
80
|
})
|
|
78
81
|
end
|
|
79
82
|
send_message_batch(msgs) ? 0 : 1
|
|
@@ -99,7 +102,7 @@ module Docker
|
|
|
99
102
|
|
|
100
103
|
if image_exists?(data['image'], data['target']['bucket'], data['target']['region'])
|
|
101
104
|
@config.logger.info("Syncing tag: #{data['image']}:#{data['tag']} to #{data['target']['region']}:#{data['target']['bucket']}")
|
|
102
|
-
if sync_tag(data['image'], data['tag'], data['target']['bucket'], data['target']['region'], data['source']['bucket'], data['source']['region'])
|
|
105
|
+
if sync_tag(data['image'], data['tag'], data['target']['bucket'], data['target']['region'], data['target']['sse'], data['source']['bucket'], data['source']['region'])
|
|
103
106
|
@config.logger.info("Finished syncing tag: #{data['image']}:#{data['tag']} to #{data['target']['region']}:#{data['target']['bucket']}")
|
|
104
107
|
finalize_message(message.receipt_handle)
|
|
105
108
|
else
|
|
@@ -107,7 +110,7 @@ module Docker
|
|
|
107
110
|
end
|
|
108
111
|
else
|
|
109
112
|
@config.logger.info("Syncing image: #{data['image']} to #{data['target']['region']}:#{data['target']['bucket']}")
|
|
110
|
-
if sync_repo(data['image'], data['target']['bucket'], data['target']['region'], data['source']['bucket'], data['source']['region'])
|
|
113
|
+
if sync_repo(data['image'], data['target']['bucket'], data['target']['region'], data['target']['sse'], data['source']['bucket'], data['source']['region'])
|
|
111
114
|
@config.logger.info("Finished syncing image: #{data['image']} to #{data['target']['region']}:#{data['target']['bucket']}")
|
|
112
115
|
finalize_message(message.receipt_handle)
|
|
113
116
|
else
|
|
@@ -53,7 +53,7 @@ module Docker
|
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
class Configuration
|
|
56
|
-
attr_accessor :source_bucket, :source_region, :target_buckets, :sqs_region, :sqs_url, :empty_queue_sleep_time
|
|
56
|
+
attr_accessor :source_bucket, :source_region, :target_buckets, :sqs_region, :sqs_url, :empty_queue_sleep_time, :sse, :source_sse
|
|
57
57
|
attr_accessor :log_level, :logger
|
|
58
58
|
|
|
59
59
|
def initialize
|
|
@@ -65,6 +65,9 @@ module Docker
|
|
|
65
65
|
@sqs_region = nil
|
|
66
66
|
@sqs_url = nil
|
|
67
67
|
|
|
68
|
+
@source_sse = false
|
|
69
|
+
@sse = false
|
|
70
|
+
|
|
68
71
|
@empty_queue_sleep_time = 5
|
|
69
72
|
|
|
70
73
|
@log_level = :debug
|
|
@@ -19,7 +19,7 @@ module Docker
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
|
|
22
|
-
def sync_tag(image, tag, bucket, region, source_bucket = nil, source_region = nil)
|
|
22
|
+
def sync_tag(image, tag, bucket, region, sse, source_bucket = nil, source_region = nil)
|
|
23
23
|
source_region ||= @config.source_region
|
|
24
24
|
source_bucket ||= @config.source_bucket
|
|
25
25
|
|
|
@@ -30,10 +30,10 @@ module Docker
|
|
|
30
30
|
keys = ["tag#{tag}_json", "tag_#{tag}", '_index_images'].map do |key|
|
|
31
31
|
"registry/repositories/#{image}/#{key}"
|
|
32
32
|
end
|
|
33
|
-
sync_keys(s3_target, bucket, keys, source_bucket)
|
|
33
|
+
sync_keys(s3_target, bucket, sse, keys, source_bucket)
|
|
34
34
|
|
|
35
35
|
img_id = s3_source.get_object(bucket: source_bucket, key: "registry/repositories/#{image}/tag_#{tag}").body.read
|
|
36
|
-
sync_image(img_id, bucket, region, source_bucket, source_region)
|
|
36
|
+
sync_image(img_id, bucket, region, sse, source_bucket, source_region)
|
|
37
37
|
rescue Exception => e
|
|
38
38
|
@config.logger.error "An unexpected error occoured while syncing tag #{image}:#{tag}: #{e}"
|
|
39
39
|
false
|
|
@@ -42,7 +42,7 @@ module Docker
|
|
|
42
42
|
end
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
def sync_repo(repo, bucket, region, source_bucket = nil, source_region = nil)
|
|
45
|
+
def sync_repo(repo, bucket, region, sse, source_bucket = nil, source_region = nil)
|
|
46
46
|
source_region ||= @config.source_region
|
|
47
47
|
source_bucket ||= @config.source_bucket
|
|
48
48
|
s3_source = Aws::S3::Client.new(region: source_region)
|
|
@@ -50,11 +50,11 @@ module Docker
|
|
|
50
50
|
|
|
51
51
|
begin
|
|
52
52
|
rep_prefix = "registry/repositories/#{repo}/"
|
|
53
|
-
sync_prefix(s3_source, s3_target, bucket, rep_prefix, source_bucket)
|
|
53
|
+
sync_prefix(s3_source, s3_target, bucket, sse, rep_prefix, source_bucket)
|
|
54
54
|
|
|
55
55
|
img_index_resp = s3_source.get_object(bucket: source_bucket, key: "registry/repositories/#{repo}/_index_images")
|
|
56
56
|
JSON.load(img_index_resp.body.read).each do |image|
|
|
57
|
-
sync_image(image['id'], bucket, region, source_bucket, source_region)
|
|
57
|
+
sync_image(image['id'], bucket, region, sse, source_bucket, source_region)
|
|
58
58
|
end
|
|
59
59
|
rescue Exception => e
|
|
60
60
|
@config.logger.error "An unexpected error occoured while syncing repo #{repo}: #{e}"
|
|
@@ -64,7 +64,7 @@ module Docker
|
|
|
64
64
|
end
|
|
65
65
|
end
|
|
66
66
|
|
|
67
|
-
def sync_image(image_id, bucket, region, source_bucket = nil, source_region = nil)
|
|
67
|
+
def sync_image(image_id, bucket, region, sse, source_bucket = nil, source_region = nil)
|
|
68
68
|
source_region ||= @config.source_region
|
|
69
69
|
source_bucket ||= @config.source_bucket
|
|
70
70
|
s3_source = Aws::S3::Client.new(region: source_region)
|
|
@@ -73,12 +73,12 @@ module Docker
|
|
|
73
73
|
ancestry_resp = s3_source.get_object(bucket: source_bucket, key: "registry/images/#{image_id}/ancestry")
|
|
74
74
|
# Ancestry includes self
|
|
75
75
|
JSON.load(ancestry_resp.body.read).each do |image|
|
|
76
|
-
sync_prefix(s3_source, s3_target, bucket, "registry/images/#{image}/", source_bucket)
|
|
76
|
+
sync_prefix(s3_source, s3_target, bucket, sse, "registry/images/#{image}/", source_bucket)
|
|
77
77
|
end
|
|
78
78
|
end
|
|
79
79
|
|
|
80
80
|
@private
|
|
81
|
-
def sync_prefix(source_client, target_client, target_bucket, prefix, source_bucket)
|
|
81
|
+
def sync_prefix(source_client, target_client, target_bucket, target_sse, prefix, source_bucket)
|
|
82
82
|
keys = []
|
|
83
83
|
img_resp = source_client.list_objects(bucket: source_bucket, prefix: prefix)
|
|
84
84
|
|
|
@@ -92,16 +92,23 @@ module Docker
|
|
|
92
92
|
img_resp.next_page
|
|
93
93
|
end
|
|
94
94
|
end
|
|
95
|
-
sync_keys(target_client, target_bucket, keys, source_bucket)
|
|
95
|
+
sync_keys(target_client, target_bucket, target_sse, keys, source_bucket)
|
|
96
96
|
end
|
|
97
97
|
|
|
98
|
-
def sync_keys(target_client, target_bucket, keys, source_bucket)
|
|
98
|
+
def sync_keys(target_client, target_bucket, target_sse, keys, source_bucket)
|
|
99
99
|
keys.each do |key|
|
|
100
100
|
@config.logger.info "Syncing key #{source_bucket}/#{key} to bucket #{target_bucket}"
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
101
|
+
opts = {acl: 'bucket-owner-full-control',
|
|
102
|
+
bucket: target_bucket,
|
|
103
|
+
key: key,
|
|
104
|
+
copy_source: "#{source_bucket}/#{key}"}
|
|
105
|
+
if @config.sse || target_sse
|
|
106
|
+
opts[:server_side_encryption] = 'AES256'
|
|
107
|
+
end
|
|
108
|
+
if @config.source_sse
|
|
109
|
+
opts[:copy_source_sse_customer_algorithm] = 'AES256'
|
|
110
|
+
end
|
|
111
|
+
target_client.copy_object(opts)
|
|
105
112
|
end
|
|
106
113
|
end
|
|
107
114
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: docker-registry-sync
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Oldfield
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-09-
|
|
11
|
+
date: 2015-09-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|