Mirroring quay.io
repository
IBM Security® provides scripts you can use
to mirror your repository with quay.io
.
The App Host
is limited to one repository;
therefore you cannot connect to your own repository and quay.io
, where the apps are
located. To use both the apps published in the IBM® App
Exchange and your own custom apps, you need to copy the published containers from
quay.io
to your repository.
You can use the following scripts, both available from here.
mirror-all-images.sh
, which you use to copy all app container images fromquay.io
to your private repository.mirror-images.sh
, which you use to copy select apps container images fromquay.io
to your private repository.
Before running either script, review the following:
- Podman or docker is installed on your system, and the command line JSON processor, jq, is available.
- The script does not provide a login to your repository. You must log in or have write access to
the your container repository before running the script. If root permissions are needed to run these
commands, use
sudo
orsu
to access the login account. - If working with HTTP registry with podman, add
insecure_registry
as an argument. If working with docker, you might be required to edit/.docker/config.json
or an environment variable. - Use
latest_tag
to retrieve only the most recent version of the app instead of all the unique versions that exist onquay.io
.
To run the mirror-all-images script, enter the following command along with the name or IP
address of your repository and, optionally, the tool you use. If the tool name is not entered, the
script attempts to determine which tool
exists.
/bin/bash mirror-all-images <name or IP address of replication registry> [docker | podman]
In the following example, the replication repository is
fqdn.registry.io
and the
tool is podman./bin/bash mirror-all-images fqdn.registry.io podman
To run the
mirror-images
script, you need to add two files, which are used to
control the behavior of the script: repo_quay.conf
- a list of container names and versions, one per line, to replicate. The format of a line iscontainer_name:x.x.x
where x.x.x is the tagged version.preserved_images.conf
- a list of container names and versions, one per line, to retain in the local docker or podman image container environment. The format of a line is the same as used in therepo_quay.conf
file,container_name:x.x.x
.
Use the following command to run the mirror-images script.
/bin/bash mirror-images <name or IP address of replication registry> [docker | podman]
In the following example, the replication repository is
fqdn.registry.io
and the
tool is podman. The repo_quay.conf
file lists two apps to replicate and the
preserved_images.conf
file lists one app to
preserve./bin/bash mirror-images fqdn.registry.io podman repo_quay.conf
fn_utilities:1.140
fn_xforce:1.0.0
preserved_images.conf
fn_utilities:1.140