diff --git a/bitnami/harbor-registryctl/1/debian-9/Dockerfile b/bitnami/harbor-registryctl/1/debian-9/Dockerfile new file mode 100644 index 000000000000..26041ac80e85 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/Dockerfile @@ -0,0 +1,28 @@ +FROM bitnami/minideb-extras-base:stretch-r290 +LABEL maintainer "Bitnami " + +ENV BITNAMI_PKG_CHMOD="-R g+rwX" \ + HOME="/" \ + OS_ARCH="amd64" \ + OS_FLAVOUR="debian-9" \ + OS_NAME="linux" + +# Install required system packages and dependencies +RUN install_packages ca-certificates curl libc6 +RUN . ./libcomponent.sh && component_unpack "harbor-registryctl" "1.8.1-0" --checksum cbb5003fc79f407fc1a04bca404bb81b8fd0dec554317ff3ed3e2449ef6b37f8 +RUN . ./libcomponent.sh && component_unpack "harbor-registry" "1.8.1-0" --checksum 3bd6ac2c2d6fcfcfc3f86d52e6562038963afa823127ebd0a76ad712390dbadc + +COPY rootfs / +RUN /postunpack.sh +ENV BITNAMI_APP_NAME="harbor-registryctl" \ + BITNAMI_IMAGE_VERSION="1.8.1-debian-9-r0" \ + NAMI_PREFIX="/.nami" \ + PATH="/opt/bitnami/harbor-registryctl/bin:/opt/bitnami/harbor-registry/bin:$PATH" + +VOLUME [ "/etc/registry", "/etc/registryctl", "/storage", "/var/lib/registry" ] + +EXPOSE 8080 8443 + +USER 1001 +ENTRYPOINT [ "/entrypoint.sh" ] +CMD [ "/run.sh" ] diff --git a/bitnami/harbor-registryctl/1/debian-9/config/registry/config.yml b/bitnami/harbor-registryctl/1/debian-9/config/registry/config.yml new file mode 100644 index 000000000000..3833be34195f --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/config/registry/config.yml @@ -0,0 +1,38 @@ +version: 0.1 +log: + level: info + fields: + service: registry +storage: + cache: + layerinfo: redis + filesystem: + rootdirectory: /storage + maintenance: + uploadpurging: + enabled: false + delete: + enabled: true +redis: + addr: redis:6379 + password: + db: 1 +http: + addr: :5000 + secret: placeholder + debug: + addr: localhost:5001 +auth: + token: + issuer: harbor-token-issuer + realm: http://reg.mydomain.com/service/token + rootcertbundle: /etc/registry/root.crt + service: harbor-registry +notifications: + endpoints: + - name: harbor + disabled: false + url: http://core:8080/service/notifications + timeout: 3000ms + threshold: 5 + backoff: 1s diff --git a/bitnami/harbor-registryctl/1/debian-9/config/registry/root.crt b/bitnami/harbor-registryctl/1/debian-9/config/registry/root.crt new file mode 100644 index 000000000000..c31b27de66d6 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/config/registry/root.crt @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGBzCCA++gAwIBAgIJAKB8CNqCxhr7MA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD +VQQGEwJDTjEOMAwGA1UECAwFU3RhdGUxCzAJBgNVBAcMAkNOMRUwEwYDVQQKDAxv +cmdhbml6YXRpb24xHDAaBgNVBAsME29yZ2FuaXphdGlvbmFsIHVuaXQxFDASBgNV +BAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu +Y29tMB4XDTE2MDUxNjAyNDY1NVoXDTI2MDUxNDAyNDY1NVowgZkxCzAJBgNVBAYT +AkNOMQ4wDAYDVQQIDAVTdGF0ZTELMAkGA1UEBwwCQ04xFTATBgNVBAoMDG9yZ2Fu +aXphdGlvbjEcMBoGA1UECwwTb3JnYW5pemF0aW9uYWwgdW5pdDEUMBIGA1UEAwwL +ZXhhbXBsZS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20w +ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2ky/K/XneJKbCbpOsWlQ7 +OwgYEQNsa044RkwSbTwPwgLafUZ3r9c5nkXE8APqAikTQQBwyiNjk7QeXgIOjJXd +7+IpwGoU6Bi2miA21qfvJPknyDAqw9tT/ycGQrvkY6rnqd++ri30ZUByUgO0du6+ +aWHo7af5/G1HQz0tu6i1tIF1dhSHNeqJKwxyUG8vIiT/PfbtU/mXSdQ07M+4ojBC +O7FgoOS+rWgbL3yhWUTrCXSV2HZlhksYBhtWGoFVRPVSf89iqL02h9rZEjmfVY6R +QlCnzu9v49Q8WFU528f+gDNXr9v13PKEDmloMzTqWPaCyD2FBbEKBsWHXHf1zqlI +jyGZV7rHZ3i0C1LI6bdDDP7M7aVs8O+RjxK+HmfFRg5us2t6g7zAevwwLpMZRAud +S39F91Up7l9g8WXpViok/8vcsOdePvvWcWro8qJhuEHAnDdMzj2Cko1L85/vRM/a +budWXK7Ix0TlPWPfHJc2SLFeqqcm5Iypf/cGabQ6f0oRt6bCfspFgX9upznT5FwZ +R0o1w6Q3q+4xVl6LgZvEAudWppyz79RACJA/jbXZQ7uJkXAxoI0nev9vgY6XJqUj +XIQDih2hmi/uTnNU7Me7w7pCYKPdHlNU652kaJSH6W6ZFGk2rEOCOeAuWO9pZTq2 +3IhuOcDAKOcmimlkzaWRGQIDAQABo1AwTjAdBgNVHQ4EFgQUPJF++WMsv1OJvf7F +oCew37JTnfQwHwYDVR0jBBgwFoAUPJF++WMsv1OJvf7FoCew37JTnfQwDAYDVR0T +BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAb5LvqukMxWd5Zajbh3orfYsXmhWn +UWiwG176+bd3b5xMlG9iLd4vQ11lTZoIhFOfprRQzbizQ8BzR2JBQckpLcy+5hyA +D3M9vLL37OwA0wT6kxFnd6LtlFaH5gG++huw2ts2PDXFz0jqw+0YE/R8ov2+YdaZ +aPSEMunmAuEY1TbYWzz4u6PxycxhQzDQ34ZmJZ34Elvw1NYMfPMGTKp34PsxIcgT +ao5jqb9RMU6JAumfXrOvXRjjl573vX2hgMZzEU6OF2/+uyg95chn6nO1GUQrT2+F +/1xIqfHfFCm8+jujSDgqfBtGI+2C7No+Dq8LEyEINZe6wSQ81+ryt5jy5SZmAsnj +V4OsSIwlpR5fLUwrFStVoUWHEKl1DflkYki/cAC1TL0Om+ldJ219kcOnaXDNaq66 +3I75BvRY7/88MYLl4Fgt7sn05Mn3uNPrCrci8d0R1tlXIcwMdCowIHeZdWHX43f7 +NsVk/7VSOxJ343csgaQc+3WxEFK0tBxGO6GP+Xj0XmdVGLhalVBsEhPjnmx+Yyrn +oMsTA1Yrs88C8ItQn7zuO/30eKNGTnby0gptHiS6sa/c3O083Mpi8y33GPVZDvBl +l9PfSZT8LG7SvpjsdgdNZlyFvTY4vsB+Vd5Howh7gXYPVXdCs4k7HMyo7zvzliZS +ekCw9NGLoNqQqnA= +-----END CERTIFICATE----- diff --git a/bitnami/harbor-registryctl/1/debian-9/config/registryctl/config.yml b/bitnami/harbor-registryctl/1/debian-9/config/registryctl/config.yml new file mode 100644 index 000000000000..7b2a1d9102ed --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/config/registryctl/config.yml @@ -0,0 +1,8 @@ +--- +protocol: "http" +port: 8080 +log_level: "INFO" + +#https_config: +# cert: "server.crt" +# key: "server.key" \ No newline at end of file diff --git a/bitnami/harbor-registryctl/1/debian-9/docker-compose.yml b/bitnami/harbor-registryctl/1/debian-9/docker-compose.yml new file mode 100644 index 000000000000..b3b7a11e0b17 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/docker-compose.yml @@ -0,0 +1,18 @@ +version: '2' + +services: + harbor-registryctl: + image: bitnami/harbor-registryctl:1 + ports: + - 80:8080 + environment: + - CORE_SECRET=not-a-secure-core-secret + - JOBSERVICE_SECRET=not-a-secure-jobservice-secret + volumes: + - harbor-registry_data:/storage + - ./config/registry/:/etc/registry/:ro + - ./config/registryctl/config.yml:/etc/registryctl/config.yml:ro + +volumes: + harbor-registry_data: + driver: local diff --git a/bitnami/harbor-registryctl/1/debian-9/rootfs/entrypoint.sh b/bitnami/harbor-registryctl/1/debian-9/rootfs/entrypoint.sh new file mode 100755 index 000000000000..113e84b22094 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/rootfs/entrypoint.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail +#set -o xtrace +# shellcheck disable=SC1091 + +# Load libraries +. /libbitnami.sh + +print_welcome_page + +if [[ "$*" = "/run.sh" ]]; then + info "** Starting Harbor Registryctl setup **" + /setup.sh + info "** Harbor Registryctl setup finished! **" +fi + +echo "" +exec "$@" diff --git a/bitnami/harbor-registryctl/1/debian-9/rootfs/postunpack.sh b/bitnami/harbor-registryctl/1/debian-9/rootfs/postunpack.sh new file mode 100755 index 000000000000..2b3c3d2242c0 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/rootfs/postunpack.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# shellcheck disable=SC1091 + +# Load libraries +. /libfs.sh + +# Ensure a set of directories exist +for dir in "/var/lib/registry" "/storage" "/etc/registry" "/etc/registryctl"; do + ensure_dir_exists "$dir" +done + +# Ensure the non-root user has writing permission at a set of directories +chmod -R g+rwX "/var/lib/registry" "/storage" diff --git a/bitnami/harbor-registryctl/1/debian-9/rootfs/run.sh b/bitnami/harbor-registryctl/1/debian-9/rootfs/run.sh new file mode 100755 index 000000000000..a1265b5efe87 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/rootfs/run.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail +#set -o xtrace +# shellcheck disable=SC1091 + +# Load libraries +. /liblog.sh + +readonly cmd=$(command -v harbor_registryctl) +readonly flags=("-c" "/etc/registryctl/config.yml" "$@") + +info "** Starting Harbor Registryctl **" +exec "${cmd}" "${flags[@]}" diff --git a/bitnami/harbor-registryctl/1/debian-9/rootfs/setup.sh b/bitnami/harbor-registryctl/1/debian-9/rootfs/setup.sh new file mode 100755 index 000000000000..54e00f9894e3 --- /dev/null +++ b/bitnami/harbor-registryctl/1/debian-9/rootfs/setup.sh @@ -0,0 +1,98 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail +# set -o xtrace +# shellcheck disable=SC1091 + +# Load libraries +. /liblog.sh +. /libos.sh +. /libvalidations.sh + +# Auxiliar Functions + +######################## +# Retrieve a configuration setting value +# Arguments: +# $1 - key +# Returns: +# None +######################### +harbor_registryctl_conf_get() { + local key="${1:?missing key}" + local value + if [[ -f "/etc/registryctl/config.yml" ]]; then + value="$(yq read "/etc/registryctl/config.yml" "$key")" + if [[ "$value" != "null" ]]; then + echo "$value" + fi + fi +} + +######################## +# Ensures a configuration setting is not empty +# Arguments: +# $1 - config_option +# Returns: +# None +######################### +not_empty_config_option() { + local config_option="${1:?missing config_option}" + if [[ -z "$(harbor_registryctl_conf_get "$config_option")" ]]; then + error "The configuration option \"$config_option\" must be set!" + exit 1 + fi +} + +######################## +# Ensures an environment_variable +# Arguments: +# $1 - env_var +# Returns: +# None +######################### +not_empty_env_var() { + local env_var="${1:?missing env_var}" + if [[ -z "${!env_var:-}" ]]; then + error "The environment variable \"$env_var\" must be set!" + exit 1 + fi +} + +######################## +# Validate Registryctl settings +# Arguments: +# None +# Returns: +# None +######################### +harbor_registryctl_validate() { + info "Validating Harbor Registryctl settings..." + + if [[ ! -f "/etc/registryctl/config.yml" ]]; then + error "No configuration file was detected. Please mount your configuration file at \"/etc/registryctl/config.yml\"" + exit 1 + fi + + not_empty_config_option "protocol" + not_empty_config_option "port" + not_empty_env_var "JOBSERVICE_SECRET" + + + if [[ "$(harbor_registryctl_conf_get "protocol")" != "http" ]] && \ + [[ "$(harbor_registryctl_conf_get "protocol")" != "https" ]]; then + error "Protocol must be \"http\" or \"https\"!" + exit 1 + fi + local validate_port_args=() + ! am_i_root && validate_port_args+=("-unprivileged") + if ! err=$(validate_port "${validate_port_args[@]}" "$(harbor_registryctl_conf_get "port")"); then + error "An invalid port was specified: $err" + exit 1 + fi +} + +# Ensure Harbor Registryctl settings are valid +harbor_registryctl_validate diff --git a/bitnami/harbor-registryctl/docker-compose.yml b/bitnami/harbor-registryctl/docker-compose.yml new file mode 100644 index 000000000000..b3b7a11e0b17 --- /dev/null +++ b/bitnami/harbor-registryctl/docker-compose.yml @@ -0,0 +1,18 @@ +version: '2' + +services: + harbor-registryctl: + image: bitnami/harbor-registryctl:1 + ports: + - 80:8080 + environment: + - CORE_SECRET=not-a-secure-core-secret + - JOBSERVICE_SECRET=not-a-secure-jobservice-secret + volumes: + - harbor-registry_data:/storage + - ./config/registry/:/etc/registry/:ro + - ./config/registryctl/config.yml:/etc/registryctl/config.yml:ro + +volumes: + harbor-registry_data: + driver: local