Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/onfido/ecr-mirror

Mirror public repositories to internal ECR repos
https://github.com/onfido/ecr-mirror

Last synced: 25 days ago
JSON representation

Mirror public repositories to internal ECR repos

Host: GitHub
URL: https://github.com/onfido/ecr-mirror
Owner: onfido
Created: 2020-09-01T20:44:22.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-10-18T03:23:01.000Z (about 1 year ago)
Last Synced: 2024-08-04T23:09:58.989Z (4 months ago)
Language: Python
Size: 104 KB
Stars: 72
Watchers: 6
Forks: 15
Open Issues: 4
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-devops - ecr-mirror - Mirror public repositories to internal ECR repos (Kubernetes / Kubernetes // Image Registries and Image Distribution)

README

        # Docker ECR Mirror

![](https://img.shields.io/pypi/v/ecr-mirror.svg)

![](https://img.shields.io/pypi/l/ecr-mirror.svg)

![](https://img.shields.io/pypi/pyversions/ecr-mirror.svg)

Mirror public docker images to ECR, automagically. This requires [Skopeo](https://github.com/containers/skopeo) to be installed.

`pip install ecr-mirror`

## Usage

```

$ ecr-mirror

Usage: ecr-mirror [OPTIONS] COMMAND [ARGS]...

Options:

  --registry-id TEXT    The registry ID. This is usually your AWS account ID.

  --role-arn TEXT       Assume a specific role to push to AWS

  --override-os TEXT    Specify the OS of images, default to "linux"

  --override-arch TEXT  Specify the ARCH of images, default to "amd64". If set

                        to "all" - all architectures will be synced

  --help                Show this message and exit.

Commands:

  copy        Copy all tags that match a given glob expression into ECR

  list-repos  List all repositories that will be synced

  sync        Copy public images to ECR using ECR tags

```

Create an ECR repository with the following two tags set:

* `upstream-image` set to a public Docker hub image, i.e `nginx` or `istio/proxyv2`

* `upstream-tags` set to a `/`-separated list of tag **globs**, i.e `1.6.*` or just `1.2-alpine`. ECR does not allow the

  use of the `*` character in tag values, so you should use `+` as a replacement.

* `ignore-tags` set to a `/`-separated list of tag **globs** to ignore. ECR does not allow the

  use of the `*` character in tag values, so you should use `+` as a replacement.

Terraform example:

```hcl

resource "aws_ecr_repository" "repo" {

  name = "nginx"

  tags = {

    upstream-image = "nginx",

    // Mirror 1.16* and 1.17*

    upstream-tags = "1.16+/1.17+"

    ignore-tags = "+-gpu"

  }

}

```

Running `ecr-mirror sync` will begin concurrently fetching all images and pushing them to ECR.

You can run `ecr-mirror list-repos` to see all repositories that will be mirrored.

You can also manually copy specific image patterns using `ecr-mirror copy`:

`ecr-mirror copy "istio/proxyv2:1.6.*" ACCOUNT_ID.dkr.ecr.eu-west-1.amazonaws.com/istio-proxyv2`