9891280bfd
Some checks are pending
CI / POS (WPF, Windows) (push) Waiting to run
CI / Backend (.NET 8) (push) Successful in 35s
CI / Web (React + Vite) (push) Successful in 24s
Docker Images / API image (push) Successful in 6s
Docker Images / Web image (push) Successful in 5s
Docker Images / Deploy stage (push) Successful in 29s
Any block on mcr.microsoft.com or docker.io from KZ would stall our
builds. Mirror docker base images into 127.0.0.1:5001 under mirror/*
via daily systemd timer, and point Dockerfiles + compose + CI at the
local copies.
Mirror:
node:20-alpine → 127.0.0.1:5001/mirror/node:20-alpine
nginx:1.27-alpine → 127.0.0.1:5001/mirror/nginx:1.27-alpine
postgres:16-alpine → 127.0.0.1:5001/mirror/postgres:16-alpine
mcr.microsoft.com/dotnet/sdk:8.0 → 127.0.0.1:5001/mirror/dotnet-sdk:8.0
mcr.microsoft.com/dotnet/aspnet:8.0 → 127.0.0.1:5001/mirror/dotnet-aspnet:8.0
Infra (committed for reproducibility):
- deploy/mirror-base-images.sh — pull/tag/push (idempotent)
- deploy/food-market-mirror-base-images.{service,timer} — daily refresh,
installed on stage server
Usage in build-time:
- Dockerfile.api/web take ARG LOCAL_REGISTRY=127.0.0.1:5001 with the local
copy as default, so the same Dockerfile still builds from docker.io if
you pass --build-arg LOCAL_REGISTRY=docker.io (well, almost).
- docker-compose.yml postgres: image via ${REGISTRY}/mirror/postgres.
- ci.yml postgres service container: local mirror.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
49 lines
1.5 KiB
Bash
Executable file
49 lines
1.5 KiB
Bash
Executable file
#!/bin/bash
|
|
# Pulls all external base images the food-market builds depend on, then retags
|
|
# them into the local registry at 127.0.0.1:5001 under the "mirror/" prefix.
|
|
#
|
|
# Why: outbound to docker.io / mcr.microsoft.com flaps on KZ network. Once
|
|
# mirrored, Dockerfiles and docker-compose reference the local copy and builds
|
|
# no longer need the internet at all.
|
|
#
|
|
# Idempotent — safe to run as often as you want. Scheduled daily via
|
|
# food-market-mirror-base-images.timer.
|
|
set -euo pipefail
|
|
|
|
REGISTRY=127.0.0.1:5001
|
|
LOG_PREFIX=$(date -u +%Y-%m-%dT%H:%M:%SZ)
|
|
|
|
# image_ref → local name under mirror/
|
|
IMAGES=(
|
|
"node:20-alpine|mirror/node:20-alpine"
|
|
"nginx:1.27-alpine|mirror/nginx:1.27-alpine"
|
|
"postgres:16-alpine|mirror/postgres:16-alpine"
|
|
"mcr.microsoft.com/dotnet/sdk:8.0|mirror/dotnet-sdk:8.0"
|
|
"mcr.microsoft.com/dotnet/aspnet:8.0|mirror/dotnet-aspnet:8.0"
|
|
)
|
|
|
|
failures=0
|
|
for pair in "${IMAGES[@]}"; do
|
|
src="${pair%|*}"
|
|
dst="${pair#*|}"
|
|
echo "$LOG_PREFIX pulling $src"
|
|
if ! docker pull "$src"; then
|
|
echo "$LOG_PREFIX FAILED: pull $src"
|
|
failures=$((failures + 1))
|
|
continue
|
|
fi
|
|
docker tag "$src" "$REGISTRY/$dst"
|
|
if ! docker push "$REGISTRY/$dst"; then
|
|
echo "$LOG_PREFIX FAILED: push $REGISTRY/$dst"
|
|
failures=$((failures + 1))
|
|
continue
|
|
fi
|
|
echo "$LOG_PREFIX ok $src -> $REGISTRY/$dst"
|
|
done
|
|
|
|
if [[ $failures -gt 0 ]]; then
|
|
echo "$LOG_PREFIX done, $failures failed — registry still has old mirrored copies"
|
|
exit 1
|
|
fi
|
|
echo "$LOG_PREFIX done, all mirrors fresh"
|